Universally Composable Attribute-based Group Key Exchange

Several protocols implementing attribute-based group key exchange, which allows users with certain set of attributes to establish a session key, have been proposed in recent years. However, attacks on attribute-based group key exchange in current research have been considered only in stand-alone fashion. Thus these protocols may be vulnerable when run with other protocol sessions concurrently. We treat the security of attribute-based group key exchange in the universal composability framework to ensure that a protocol remains secure when run with arbitrary protocol sessions concurrently. More specifically, we define an ideal functionality for attribute-based group key exchange first, then propose a two-round protocol based on a primitive called encapsulation policy attribute-based key encapsulation mechanism. In addition, a complete security proof of our protocol in the universal composability framework under random oracle model is given.