Cryptanalysis of several conference key distribution schemes

  • Atsushi Shimbo
  • Shin-ichi Kawamura
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 739)


At the Eurocrypt'88 meeting, Koyama and Ohta proposed a conference key distribution scheme, which was an improved protocol of their earlier version. The authors show that their schemes, constructed for star and complete graph networks, are not secure. Another key distribution scheme, which can be used for conference key distribution, proposed at the Globecom'90 meeting by Chikazawa and Inoue, is not secure either.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. [1]
    K.Koyama and K.Ohta, “Security of Improved Identity-based Conference Key Distribution Systems”, Lecture Notes in Computer Science (LNCS), Advances in Cryptology — EUROCRYPT'88, Springer-Verlag, pp.11–19 (1988).Google Scholar
  2. [2]
    K.Koyama and K.Ohta, “Identity-based conference key distribution systems”, LNCS, Advances in Cryptology — CRYPTO'87, Springer-Verlag, pp.175–184 (1987).Google Scholar
  3. [3]
    Y.Yacobi, “Attack on the Koyama-Ohta identity based key distribution scheme”, LNCS, Advances in Cryptology — CRYPTO'87, Springer-Verlag, pp.429–433 (1987).Google Scholar
  4. [4]
    T.Chikazawa and T.Inoue, “A new key sharing system for global telecommunications”, Proceedings of GLOBECOM'90, pp.1069–1072 (1990).Google Scholar
  5. [5]
    T.Okamoto and K.Ohta, “How to utilize the randomness of zero-knowledge proofs”, Proc. of CRYPTO'90 (1990).Google Scholar
  6. [6]
    W.Diffie and M.Hellman, “New directions in cryptography”, IEEE Trans. of Inf. Theory, IT-22, 6, pp.644–654 (1976).Google Scholar
  7. [7]
    A.Fiat and A.Shamir, “How to prove yourself: Practical solutions to identification and signature problems”, LNCS, Advances in Cryptology — CRYPTO'86, Springer-Verlag, pp.186–194 (1986).Google Scholar
  8. [8]
    U.Feige, A.Fiat and A.Shamir, “Zero knowledge proofs if identity”, STOC, pp.210–217 (1987).Google Scholar
  9. [9]
    K.Ohta and T.Okamoto, “A modification of the Fiat-Shamir scheme”, LNCS, Advances in Cryptology — CRYPTO'88, Springer-Verlag, pp.232–243 (1988).Google Scholar
  10. [10]
    L.C.Guillou and J.J.Quisquater, “A practical zero-knowledge protocol fitted to security microprocessor minimizing both transmission and memory”, LNCS, Advances in Cryptology — EUROCRYPT'88, Springer-Verlag, pp.123–128 (1988).Google Scholar
  11. [11]
    K.Ohta, “Efficient identification and signature scheme”, Electronics Letters, 24, 2, pp.115–116 (1988).Google Scholar
  12. [12]
    G.J.Simmons, “A ‘weak’ privacy protocol using the RSA crypto algorithm”, Cryptologia, 7, 2, pp.180–182 (1983).Google Scholar
  13. [13]
    T.Okamoto and K.Ohta, “Disposable zero-knowledge authentications and their applications to untraceable electronic cash”, LNCS, Advances in Cryptology — CRYPTO'89, Springer-Verlag, pp.481–496 (1989).Google Scholar
  14. [14]
    S.Kawamura and A.Shimbo, “A one-way key distribution scheme based on a Fiat-Shamir digital signature”, (written in Japanese) IEICE, 1991 Spring National Convention Record, A-292 (1991).Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1993

Authors and Affiliations

  • Atsushi Shimbo
    • 1
  • Shin-ichi Kawamura
    • 1
  1. 1.Research and Development CenterToshiba CorporationKawasakiJapan

Personalised recommendations