Abstract
This paper provides an exposition of methods by which a trusted authority can distribute keys and/or broadcast a message over a network, so that each member of a privileged subset of users can compute a specified key or decrypt the broadcast message. Moreover, this is done in such a way that no coalition is able to recover any information on a key or broadcast message they are not supposed to know. The problems are studied using the tools of information theory, so the security provided is unconditional (i.e., not based on any computational assumption).
We begin by surveying some useful schemes for key distribution that have been presented in the literature, giving background and examples (but not too many proofs). In particular, we look more closely at the attractive concept of key distribution patterns, and present a new method for making these schemes more efficient through the use of resilient functions. Then we present a general approach to the construction of broadcast schemes that combines key predistribution schemes with secret sharing schemes. We discuss the Fiat-Naor Broadcast Scheme, as well as other, new schemes that can be constructed using this approach.
Similar content being viewed by others
References
N. Alon and M. Naor, Derandomization, witnesses for Boolean matrix multiplication and constructions of perfect hash functions, Technical Report CS94-11, Weizmann Institute of Science.
M. Atici, S. S. Magliveras, D. R. Stinson and W.-D. Wei, Some recursive constructions for perfect hash families, Journal of Combinatorial Designs, Vol. 4 (1996) pp. 353–363.
A. Beimel and B. Chor, Interaction in key distribution schemes, Advances in Cryptology: CRYPTO '93, Lecture Notes in Computer Science, 773 (1994) pp. 444–455.
A. Beimel and B. Chor, Universally ideal secret sharing schemes, IEEE Transactions on Information Theory Vol. 40 (1994) pp. 786–794.
A. Beimel and B. Chor, Communication in key distribution schemes, IEEE Transactions on Information Theory, Vol. 42 (1996) pp. 19–28.
C. H. Bennett, G. Brassard and J.-M. Robert, Privacy amplification by public discussion, SIAM J. Comput., Vol. 17 (1988) pp. 210–229.
S. Berkovits, How to broadcast a secret, Advances in Cryptology: EUROCRYPT '91, Lecture Notes in Computer Science, 547 (1992) pp. 536–541.
Th. Beth, D. Jungnickel and H. Lenz, Design Theory. Bibliographisches Institut, Zurich (1985).
J. Bierbrauer, K. Gopalakrishnan and D. R. Stinson, Bounds for resilient functions and orthogonal arrays, Advances in Cryptology: CRYPTO '94, Lecture Notes in Computer Science, 839 (1994) pp. 247–256.
J. Bierbrauer, K. Gopalakrishnan and D. R. Stinson, Orthogonal arrays, resilient functions, error-correcting codes and linear programming bounds, SIAM J. Discrete Math, Vol. 9 (1996) pp. 424–452.
R. Blom, An optimal class of symmetric key generation systems, Advances in Cryptology: EUROCRYPT '84, Lecture Notes in Computer Science, 209 (1985) pp. 335–338.
C. Blundo and A. Cresti, Space requirements for broadcast encryption, Advances in Cryptology: EUROCRYPT '94, Lecture Notes in Computer Science, 950 (1995) pp. 287–298.
C. Blundo, A. De Santis, A. Herzberg, S. Kutten, U. Vaccaro and M. Yung, Perfectly secure key distribution for dynamic conferences, Advances in Cryptology: CRYPTO '92, Lecture Notes in Computer Science, 740 (1993) pp. 471–486.
C. Blundo, A. De Santis and U. Vaccaro, Randomness in distribution protocols, Automata, Languages and Programming: ICALP '94, Lecture Notes in Computer Science, 820 (1994) pp. 568–579.
C. Blundo, L. A. Frota Mattos and D. R. Stinson, Trade-offs between communication and storage in unconditionally secure schemes for broadcast encryption and interactive key distribution, Advances in Cryptology: CRYPTO '96, Lecture Notes in Computer Science, 1109 (1996) pp. 387–400.
C. Blundo, L. A. Frota Mattos and D. R. Stinson, Multiple key distribution maintaining user anonymity via broadcast channels, J. Computer Security, Vol. 3 (1994/95) pp. 309–323.
E. F. Brickell, Some ideal secret sharing schemes, Journal of Combinatorial Mathematics and Combinatorial Computing, Vol. 9 (1989) pp. 105–113.
E. F. Brickell and D. M. Davenport, On the classification of ideal secret sharing schemes, Journal of Cryptology, Vol. 4 (1991) pp. 123–134.
P. J. Cameron, Combinatorics: Topics, Techniques, Algorithms, Cambridge University Press (1994).
B. Chor, O. Goldreich, J. Hastad, J. Friedman, S. Rudich and R. Smolensky, The bit extraction problem or t-resilient functions, Proc. 26th IEEE Symposium on Foundations of Computer Science (1985) pp. 396–407.
M. Dyer, T. Fenner, A. Frieze and A. Thomason, On key storage in secure networks, Journal of Cryptology, Vol. 8 (1995) pp. 189–200.
A. Fiat and M. Naor, Broadcast encryption, Advances in Cryptology: CRYPTO '93, Lecture Notes in Computer Science, 773 (1994) pp. 480–491.
M. L. Fredman and J. Komlos, On the size of separating systems and families of perfect hash functions, SIAM Journal of Algebraic and Discrete Methods, Vol. 5 (1984) pp. 61–68.
J. Friedman, On the bit extraction problem, Proc. 33rd IEEE Symposium on Foundations of Computer Science, (1992) pp. 314–319.
L. Gong and D. L. Wheeler, A matrix key-distribution scheme, Journal of Cryptology, Vol. 2 (1990) pp. 51–59.
K. Gopalakrishnan, A Study of Correlation-immune, Resilient and Related Cryptographic Functions, PhD Thesis, University of Nebraska-Lincoln, 1994.
K. Gopalakrishnan and D. R. Stinson, Three characterizations of non-binary correlation-immune and resilient functions, Designs, Codes and Cryptography, Vol. 5 (1995) pp. 241–251.
M. Just, E. Kranakis, D. Krizanc and P. van Oorschot, On key distribution via true broadcasting, Proc. 2nd ACM Conf. on Computer and Communications Security, pp. 81–88.
V. Korjik, M. Ivkov, Y. Merinovitch, A. Barg and H. van Tilborg, A broadcast key distribution scheme based on block designs, Cryptography and Coding, V, Lecture Notes in Computer Science, 1025 (1995) pp. 12–21.
K. Kurosawa, K. Okada and K. Sakano, Security of the center in key distribution schemes, Advances in Cryptology: ASIACRYPT '94, Lecture Notes in Computer Science, 917 (1995).
T. Leighton and S. Micali, Secret-key agreement without public-key cryptography, Advances in Cryptology: CRYPTO '93, Lecture Notes in Computer Science, 773 (1994) pp. 456–479.
T. Matsumoto, Incidence structures for key sharing, Advances in Cryptology: ASIACRYPT '94, Lecture Notes in Computer Science, 917 (1995) pp. 342–353.
K. Mehlhorn, On the program size of perfect and universal hash functions, Proc. 23rd Annual IEEE Symposium of Foundations of Computer Science, (1982) pp. 170–175.
C. J. Mitchell and F. C. Piper, Key storage in secure networks, Discrete Applied Mathematics, Vol. 21 (1988) pp. 215–228.
C. M. O'Keefe, Applications of finite geometries to information security, Australiasian J. Combinatorics, Vol. 7 (1993) pp. 195–212.
K. A. S. Quinn, Some constructions for key distribution patterns, Designs, Codes and Cryptography, Vol. 4 (1994) pp. 177–191.
A. Shamir, How to share a secret, Communications of the ACM, Vol. 22 (1979) pp. 612–613.
D. R. Stinson, An explication of secret sharing schemes, Designs, Codes and Cryptography, Vol. 2 (1992) pp. 357–390.
D. R. Stinson, Cryptography Theory and Practice. CRC Press, Inc., Boca Raton, 1995.
D. Welsh, Codes and Cryptography, Oxford University Press (1988).
Author information
Authors and Affiliations
Rights and permissions
About this article
Cite this article
Stinson, D.R. On Some Methods for Unconditionally Secure Key Distribution and Broadcast Encryption. Designs, Codes and Cryptography 12, 215–243 (1997). https://doi.org/10.1023/A:1008268610932
Issue Date:
DOI: https://doi.org/10.1023/A:1008268610932