A secure and efficient password-authenticated group key exchange protocol for mobile ad hoc networks

Password-authenticated group key exchange protocols enable communication parties to establish a common secret key (a session key) by only using short secret passwords. Such protocols have been receiving significant attention. This paper shows some security weaknesses in some recently proposed password-authenticated group key exchange protocols. Furthermore, a secure and efficient password-authenticated group key exchange protocol in mobile ad hoc networks is proposed. It only requires constant round to generate a group session key under the dynamic scenario. In other words, the overhead of key generation is independent of the size of a total group. Further, the security properties of our protocol are formally validated by a model checking tool called AVISPA. Security and performance analyses show that, compared with other related group key exchange schemes, the proposed protocol is also efficient for real-world applications in enhancing the security over wireless communications. Copyright © 2011 John Wiley & Sons, Ltd.