Abstract: Combined Public Key (CPK) cryptography does not need certificates to guarantee the authenticity of public keys, and avoids the problem that user’s private key completely depends on the Key Management Center (KMC). Based on CPK, a constantround group key exchange protocol was presented, which was provably secure under the intractability of computation DiffieHellman problem and achieved perfect forward secrecy. The protocol has only two communication rounds and it is more efficient than other protocols both in communication and computation. It supports group member join/leave operations efficiently and only needs minimum amount of computation and communication to renew the group key especially for multiple joins/leaves. At the same time, it also assures backward secrecy and forward secrecy. Moreover, the protocol achieves strong security. It can keep the session key secret from the adversary except that one party’s ephemeral private key and static private key are all revealed to the adversary. Lastly, the protocol provides a method to design efficient constantround group key exchange protocols with strong security and most secret sharing schemes can be adopted to construct the protocol.

Key words: group key exchange, CPK, strong security, secret sharing, dynamic group

摘要： 组合公钥密码(CPK)体制无需证书来保证公钥的真实性，克服了用户私钥完全由密钥管理中心生成的问题。基于CPK设计了一个常数轮的组群密钥交换协议，该协议在CDH假设下可证安全并具有完美的前向安全性，只需两轮通信即可协商一个组群会话密钥，在通信和计算方面都很高效；并且高效地支持组群成员动态加入/离开，尤其对于多成员加入/离开的情况，只需额外的少量通信和计算即可更新组群密钥，确保了前向保密性和后向保密性。此外，本协议提供了强安全性保证，它能保持密钥的秘密性，除非某一方的临时私钥和长期私钥同时被泄露。最后，该协议提供了一个设计常数轮强安全组群密钥交换协议的方法，大部分的秘密共享体制均可直接应用于该协议。

关键词: 组群密钥交换, 组合公钥密码, 强安全性, 秘密共享, 动态组群