# On Some Methods for Unconditionally Secure Key Distribution and Broadcast Encryption

## Abstract

This paper provides an exposition of methods by which a trusted authority can distribute keys and/or broadcast a message over a network, so that each member of a privileged subset of users can compute a specified key or decrypt the broadcast message. Moreover, this is done in such a way that no coalition is able to recover any information on a key or broadcast message they are not supposed to know. The problems are studied using the tools of information theory, so the security provided is unconditional (i.e., not based on any computational assumption).

We begin by surveying some useful schemes for key distribution that have been presented in the literature, giving background and examples (but not too many proofs). In particular, we look more closely at the attractive concept of key distribution patterns, and present a new method for making these schemes more efficient through the use of resilient functions. Then we present a general approach to the construction of broadcast schemes that combines key predistribution schemes with secret sharing schemes. We discuss the Fiat-Naor Broadcast Scheme, as well as other, new schemes that can be constructed using this approach.

## Preview

Unable to display preview. Download preview PDF.

## References

- 1.N. Alon and M. Naor, Derandomization, witnesses for Boolean matrix multiplication and constructions of perfect hash functions, Technical Report CS94-11, Weizmann Institute of Science.Google Scholar
- 2.M. Atici, S. S. Magliveras, D. R. Stinson and W.-D. Wei, Some recursive constructions for perfect hash families,
*Journal of Combinatorial Designs*, Vol. 4 (1996) pp. 353–363.Google Scholar - 3.A. Beimel and B. Chor, Interaction in key distribution schemes, Advances in Cryptology: CRYPTO '93, Lecture Notes in Computer Science, 773 (1994) pp. 444–455.Google Scholar
- 4.A. Beimel and B. Chor, Universally ideal secret sharing schemes,
*IEEE Transactions on Information Theory*Vol. 40 (1994) pp. 786–794.Google Scholar - 5.A. Beimel and B. Chor, Communication in key distribution schemes,
*IEEE Transactions on Information Theory*, Vol. 42 (1996) pp. 19–28.Google Scholar - 6.C. H. Bennett, G. Brassard and J.-M. Robert, Privacy amplification by public discussion,
*SIAM J. Comput.*, Vol. 17 (1988) pp. 210–229.Google Scholar - 7.S. Berkovits, How to broadcast a secret, Advances in Cryptology: EUROCRYPT '91, Lecture Notes in Computer Science, 547 (1992) pp. 536–541.Google Scholar
- 8.Th. Beth, D. Jungnickel and H. Lenz,
*Design Theory*. Bibliographisches Institut, Zurich (1985).Google Scholar - 9.J. Bierbrauer, K. Gopalakrishnan and D. R. Stinson, Bounds for resilient functions and orthogonal arrays, Advances in Cryptology: CRYPTO '94, Lecture Notes in Computer Science, 839 (1994) pp. 247–256.Google Scholar
- 10.J. Bierbrauer, K. Gopalakrishnan and D. R. Stinson, Orthogonal arrays, resilient functions, error-correcting codes and linear programming bounds,
*SIAM J. Discrete Math*, Vol. 9 (1996) pp. 424–452.Google Scholar - 11.R. Blom, An optimal class of symmetric key generation systems, Advances in Cryptology: EUROCRYPT '84, Lecture Notes in Computer Science, 209 (1985) pp. 335–338.Google Scholar
- 12.C. Blundo and A. Cresti, Space requirements for broadcast encryption, Advances in Cryptology: EUROCRYPT '94, Lecture Notes in Computer Science, 950 (1995) pp. 287–298.Google Scholar
- 13.C. Blundo, A. De Santis, A. Herzberg, S. Kutten, U. Vaccaro and M. Yung, Perfectly secure key distribution for dynamic conferences, Advances in Cryptology: CRYPTO '92, Lecture Notes in Computer Science, 740 (1993) pp. 471–486.Google Scholar
- 14.C. Blundo, A. De Santis and U. Vaccaro, Randomness in distribution protocols, Automata, Languages and Programming: ICALP '94, Lecture Notes in Computer Science, 820 (1994) pp. 568–579.Google Scholar
- 15.C. Blundo, L. A. Frota Mattos and D. R. Stinson, Trade-offs between communication and storage in unconditionally secure schemes for broadcast encryption and interactive key distribution, Advances in Cryptology: CRYPTO '96, Lecture Notes in Computer Science, 1109 (1996) pp. 387–400.Google Scholar
- 16.C. Blundo, L. A. Frota Mattos and D. R. Stinson, Multiple key distribution maintaining user anonymity via broadcast channels,
*J. Computer Security*, Vol. 3 (1994/95) pp. 309–323.Google Scholar - 17.E. F. Brickell, Some ideal secret sharing schemes,
*Journal of Combinatorial Mathematics and Combinatorial Computing*, Vol. 9 (1989) pp. 105–113.Google Scholar - 18.E. F. Brickell and D. M. Davenport, On the classification of ideal secret sharing schemes,
*Journal of Cryptology*, Vol. 4 (1991) pp. 123–134.Google Scholar - 19.P. J. Cameron,
*Combinatorics: Topics, Techniques, Algorithms*, Cambridge University Press (1994).Google Scholar - 20.B. Chor, O. Goldreich, J. Hastad, J. Friedman, S. Rudich and R. Smolensky, The bit extraction problem or
*t*-resilient functions,*Proc. 26th IEEE Symposium on Foundations of Computer Science*(1985) pp. 396–407.Google Scholar - 21.M. Dyer, T. Fenner, A. Frieze and A. Thomason, On key storage in secure networks,
*Journal of Cryptology*, Vol. 8 (1995) pp. 189–200.Google Scholar - 22.A. Fiat and M. Naor, Broadcast encryption, Advances in Cryptology: CRYPTO '93, Lecture Notes in Computer Science, 773 (1994) pp. 480–491.Google Scholar
- 23.M. L. Fredman and J. Komlos, On the size of separating systems and families of perfect hash functions,
*SIAM Journal of Algebraic and Discrete Methods*, Vol. 5 (1984) pp. 61–68.Google Scholar - 24.J. Friedman, On the bit extraction problem,
*Proc. 33rd IEEE Symposium on Foundations of Computer Science*, (1992) pp. 314–319.Google Scholar - 25.L. Gong and D. L. Wheeler, A matrix key-distribution scheme,
*Journal of Cryptology*, Vol. 2 (1990) pp. 51–59.Google Scholar - 26.K. Gopalakrishnan, A Study of Correlation-immune, Resilient and Related Cryptographic Functions, PhD Thesis, University of Nebraska-Lincoln, 1994.Google Scholar
- 27.K. Gopalakrishnan and D. R. Stinson, Three characterizations of non-binary correlation-immune and resilient functions,
*Designs, Codes and Cryptography*, Vol. 5 (1995) pp. 241–251.Google Scholar - 28.M. Just, E. Kranakis, D. Krizanc and P. van Oorschot, On key distribution via true broadcasting,
*Proc. 2nd ACM Conf. on Computer and Communications Security*, pp. 81–88.Google Scholar - 29.V. Korjik, M. Ivkov, Y. Merinovitch, A. Barg and H. van Tilborg, A broadcast key distribution scheme based on block designs, Cryptography and Coding, V, Lecture Notes in Computer Science, 1025 (1995) pp. 12–21.Google Scholar
- 30.K. Kurosawa, K. Okada and K. Sakano, Security of the center in key distribution schemes, Advances in Cryptology: ASIACRYPT '94, Lecture Notes in Computer Science, 917 (1995).Google Scholar
- 31.T. Leighton and S. Micali, Secret-key agreement without public-key cryptography, Advances in Cryptology: CRYPTO '93, Lecture Notes in Computer Science, 773 (1994) pp. 456–479.Google Scholar
- 32.T. Matsumoto, Incidence structures for key sharing, Advances in Cryptology: ASIACRYPT '94, Lecture Notes in Computer Science, 917 (1995) pp. 342–353.Google Scholar
- 33.K. Mehlhorn, On the program size of perfect and universal hash functions,
*Proc. 23rd Annual IEEE Symposium of Foundations of Computer Science*, (1982) pp. 170–175.Google Scholar - 34.C. J. Mitchell and F. C. Piper, Key storage in secure networks,
*Discrete Applied Mathematics*, Vol. 21 (1988) pp. 215–228.Google Scholar - 35.C. M. O'Keefe, Applications of finite geometries to information security,
*Australiasian J. Combinatorics*, Vol. 7 (1993) pp. 195–212.Google Scholar - 36.K. A. S. Quinn, Some constructions for key distribution patterns,
*Designs, Codes and Cryptography*, Vol. 4 (1994) pp. 177–191.Google Scholar - 37.A. Shamir, How to share a secret,
*Communications of the ACM*, Vol. 22 (1979) pp. 612–613.Google Scholar - 38.D. R. Stinson, An explication of secret sharing schemes,
*Designs, Codes and Cryptography*, Vol. 2 (1992) pp. 357–390.Google Scholar - 39.D. R. Stinson,
*Cryptography Theory and Practice*. CRC Press, Inc., Boca Raton, 1995.Google Scholar - 40.D. Welsh,
*Codes and Cryptography*, Oxford University Press (1988).Google Scholar