Remarks and countermeasures on a cryptoanalysis of a secure multicast protocol

Abstract: In this work we give some remarks and countermeasures in order to show that the cryptoanalysis presented in [11] on the secure multicast protocol introduced in [8] does not affect significantly its security.

“…We recall here the main vulnerability of the original key refreshment, since the improved version presented in [7] does not modify substantially the scheme. Let us consider a legal member h which receives the key refreshment parameters (g, m and u) in a regular way.…”

“…As a countermeasure, Antequera and López-Ramos have proposed in [7] a new scheme based on the Chinese Remainder Theorem. It is as follows.…”

“…As it is described in section 3, the main weakness of the key refreshment scheme proposed in [1] resides on the fact that any user could impersonate the server, generating forged refreshment messages, from the knowledge of a multiple of L. The protocol presented in [7] still suffers from the same weakness because the key generation and distribution phases have not been modified (see Steps 1-3 in section 2). So, every legal member knows u, δ and is able to compute a multiple v·L.…”

“…Antequera and López-Ramos, co-authors of the original scheme [1], have presented several improvements to overcome the vulnerabilities [7]. The main improvement resides on the modification of the authentication protocol.…”

“…Section 3 deals with the cryptanalysis in [5,6] showing the main weakness of the scheme. Section 4 describes the improved authentication protocol defined in [7] to detect forged refreshments. In section 5, the cryptanalysis of the new authentication mechanism is presented.…”

Cryptanalysis of the Improvement of an Authentication Scheme Based on the Chinese Remainder Theorem for Multicast Communications

“…We recall here the main vulnerability of the original key refreshment, since the improved version presented in [7] does not modify substantially the scheme. Let us consider a legal member h which receives the key refreshment parameters (g, m and u) in a regular way.…”

“…As a countermeasure, Antequera and López-Ramos have proposed in [7] a new scheme based on the Chinese Remainder Theorem. It is as follows.…”

“…As it is described in section 3, the main weakness of the key refreshment scheme proposed in [1] resides on the fact that any user could impersonate the server, generating forged refreshment messages, from the knowledge of a multiple of L. The protocol presented in [7] still suffers from the same weakness because the key generation and distribution phases have not been modified (see Steps 1-3 in section 2). So, every legal member knows u, δ and is able to compute a multiple v·L.…”

“…Antequera and López-Ramos, co-authors of the original scheme [1], have presented several improvements to overcome the vulnerabilities [7]. The main improvement resides on the modification of the authentication protocol.…”

“…Section 3 deals with the cryptanalysis in [5,6] showing the main weakness of the scheme. Section 4 describes the improved authentication protocol defined in [7] to detect forged refreshments. In section 5, the cryptanalysis of the new authentication mechanism is presented.…”

Cryptanalysis of the Improvement of an Authentication Scheme Based on the Chinese Remainder Theorem for Multicast Communications

Huffman based conditional access system for key distribution in digital TV multicast

A parallel algorithm for secure multicast