Advertisement

The Key Establishment Problem

  • Carlo Blundo
  • Paolo D’Arco
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2946)

Abstract

Key Establishment is one of the most intriguing, fascinating and deeply studied problems in Cryptography. In this paper we propose a brief excursus among ideas and techniques that during the last years have been applied in a variety of settings, in order to design suitable and often mathematically delightful protocols to solve this issue. The presentation uses a very simple language: it is basically an introduction to the subject. Hopefully, it is even self-contained. Formal proofs and details are omitted, but the interested reader can find them in the referred papers.

Keywords

Hash Function Multicast Group Secret Sharing Scheme Broadcast Encryption Perfect Hash Family 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Abdalla, M., Bellare, M.: Increasing the Lifetime of a Key: A Comparative Analysis of the Security of Re-keying Techniques. In: Okamoto, T. (ed.) ASIACRYPT 2000. LNCS, vol. 1976, pp. 546–559. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  2. 2.
    Agnew, G., Mullin, R., Vanstone, S.: An Interactive Data Exchange Protocol Based on Discrete Exponentiation. In: Günther, C.G. (ed.) EUROCRYPT 1988. LNCS, vol. 330, pp. 159–166. Springer, Heidelberg (1988)CrossRefGoogle Scholar
  3. 3.
    Anzai, J., Matsuzaki, N., Matsumoto, T.: A Quick Group Key Distribution Scheme with Entity Revocation. In: Lam, K.-Y., Okamoto, E., Xing, C. (eds.) ASIACRYPT 1999. LNCS, vol. 1716, pp. 333–347. Springer, Heidelberg (1999)Google Scholar
  4. 4.
    Bakhtiari, S., Safavi-Naini, R., Pieprzyk, J.: On password-based authenticated key exchange using collisionful hash functions. In: Pieprzyk, J.P., Seberry, J. (eds.) ACISP 1996. LNCS, vol. 1172, pp. 298–309. Springer, Heidelberg (1996)Google Scholar
  5. 5.
    Blakley, G.R.: Safeguarding Cryptographic keys. In: AFIPS Conference Proceedings, vol. 48, pp. 313–317 (1979)Google Scholar
  6. 6.
    Beimel, A., Chor, B.: Interaction in Key Distribution Schemes. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 444–455. Springer, Heidelberg (1994)Google Scholar
  7. 7.
    Beimel, A., Chor, B.: Communication in Key Distribution Schemes. IEEE Transactions on Information Theory 42, 19–28 (1996)zbMATHMathSciNetCrossRefGoogle Scholar
  8. 8.
    Bellare, M., Canetti, R., Krawczyk, H.: A modular approach to the design and analysis of authentication and key exchange protocols. In: Proceedings of the 30th Annual Symposium on the Theory of Computing, pp. 419–428. ACM, New York (1998)Google Scholar
  9. 9.
    Bellare, M., Rogaway, P.: Provably Secure Session Key Distribution: The Three Party Case. In: Proceedings of the 27th Annual Symposium on the Theory of Computing, pp. 57–66. ACM, New York (1995)Google Scholar
  10. 10.
    Bellare, M., Rogaway, P.: Entity Authentication and Key Distribution. In: De Santis, A. (ed.) EUROCRYPT 1994. LNCS, vol. 950, pp. 92–111. Springer, Heidelberg (1995)Google Scholar
  11. 11.
    Bellare, M., Rogaway, P.: Random Oracle are Practical: A Paradigm for Designing Efficient Protocols. In: Proceedings of the 1st ACM Conference on Computer and Security, pp. 66–73. ACM Press, New York (1993)Google Scholar
  12. 12.
    Bellare, M., Cowen, L., Goldwasser, S.: On the Structure of Secret Key Exchange Protocols. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 604–605. Springer, Heidelberg (1990)Google Scholar
  13. 13.
    Bellare, M., Pointcheval, D., Rogaway, P.: Authenticated Key Exchange Secure Against Dictionary Attacks. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 139–155. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  14. 14.
    Beller, M.J., Yacobi, Y.: Minimal Asymmetric Authentication and Key Agreement Schemes, unpublished manuscript (1994)Google Scholar
  15. 15.
    Beller, M.J., Yacobi, Y.: Fully-Fledged Two-way Public Key Authentication and Key Agreement for Low-Cost Terminals. Electronics Letters 29, 999–1001 (1993)CrossRefGoogle Scholar
  16. 16.
    Bennett, C.H., Brassard, G.: Quantum Cryptography: Public Key Distribution and Coin Tossing. In: Proceedings of IEEE International Conference on Computer Systems and Signal Processing, Bangalore, India, pp. 175–179 (1984)Google Scholar
  17. 17.
    Berkman, O., Parnas, M., Sgall, J.: Efficient Dynamic Traitor Tracing. In: Proc. of the 11-th Annual ACM-SIAM Symposium on Discrete Algorithms (SODA 2000), pp. 586–595 (2000)Google Scholar
  18. 18.
    Berkovits, S.: How to Broadcast a Secret. In: Davies, D.W. (ed.) EUROCRYPT 1991. LNCS, vol. 547, pp. 536–541. Springer, Heidelberg (1991)CrossRefGoogle Scholar
  19. 19.
    Bird, R., Gopal, I., Herzberg, A., Janson, P., Kutten, S., Molva, R., Yung, M.: The Kryptoknight family of light-weight protocols for authentication and key distribution. IEEE/ACM Transactions on Networking 3(1), 31–41 (1995)CrossRefGoogle Scholar
  20. 20.
    Official site of Bletchley Park, http://www.cranfield.ac.uk/ccc/bpark
  21. 21.
    Blom, R.: An Optimal Class of Symmetric Key Generation Systems. In: Beth, T., Cot, N., Ingemarsson, I. (eds.) EUROCRYPT 1984. LNCS, vol. 209, pp. 335–338. Springer, Heidelberg (1985)CrossRefGoogle Scholar
  22. 22.
    Blundo, C., Cresti, A.: Space Requirements for Broadcast Encryption. In: De Santis, A. (ed.) EUROCRYPT 1994. LNCS, vol. 950, pp. 287–298. Springer, Heidelberg (1995)Google Scholar
  23. 23.
    Blundo, C., D’Arco, P., Giorgiogaggia, A.: A τ -restricted Key Agreement Scheme. The Computer Journal 42(1), 51–61 (1999)zbMATHCrossRefGoogle Scholar
  24. 24.
    Blundo, C., D’Arco, P., Padrò, C.: A Ramp Model for Distributed Key Distribution Schemes. Discrete Applied Mathematics (2002) (to appear)Google Scholar
  25. 25.
    Blundo, C., D’Arco, P., Daza, V., Padrò, C.: Bounds and Constructions for Unconditionally Secure Distributed Key Distribution Schemes for General Access Structures. In: Davida, G.I., Frankel, Y. (eds.) ISC 2001. LNCS, vol. 2200, pp. 1–17. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  26. 26.
    Blundo, C., De Santis, A., Herzberg, A., Kutten, S., Vaccaro, U., Yung, M.: Perfectly-Secure Key Distribution for Dynamic Conferences. Information and Computation 146(1), 1–23 (1998)zbMATHMathSciNetCrossRefGoogle Scholar
  27. 27.
    Blundo, C., De Santis, A., Vaccaro, U.: Randomness in Distribution Protocols. Information and Computation 131(2), 111–139 (1996)zbMATHMathSciNetCrossRefGoogle Scholar
  28. 28.
    Blundo, C., Frota Mattos, L.A., Stinson, D.R.: Tradeoffs Between Communication and Storage in Unconditionally Secure Schemes for Broadcast Encryption and Interactive Key Distribution. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 387–400. Springer, Heidelberg (1996)CrossRefGoogle Scholar
  29. 29.
    Blundo, C., Mattos, L.A.F., Stinson, D.R.: Generalized Beimel-Chor Schemes for Broadcast Encryption and Interactive Key Distribution. Theoretical Computer Science 200, 313–334 (1998)zbMATHMathSciNetCrossRefGoogle Scholar
  30. 30.
    Blundo, C., Frota Mattos, L.A., Stinson, D.R.: Multiple Key Distribution Maintaining User Anonymity via Broadcast Channels. Journal of Computer Security 3, 309–323 (1994/1995)Google Scholar
  31. 31.
    Boyko, V., MacKenzie, P., Patel, S.: Provably Secure Password-Authenticated Key Exchange Using Diffie-Hellman. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 156–171. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  32. 32.
    Boneh, D., Franklin, M.: An Efficient Public Key Traitor Scheme. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 338–353. Springer, Heidelberg (1999)Google Scholar
  33. 33.
    Boneh, D., Lipton, R.J.: Algorithms for Black-Box Fields and their Application to Cryptography. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 283–297. Springer, Heidelberg (1996)CrossRefGoogle Scholar
  34. 34.
    Boneh, D., Shaw, J.: Collusion-Secure Fingerprinting for Digital Data. IEEE Transactions on Information Theory 44(5), 1897–1905 (1998)zbMATHMathSciNetCrossRefGoogle Scholar
  35. 35.
    Boneh, D., Venkatesan, R.: Hardness of computing the most significant bits of secret keys in Diffie-Hellman and related schemes. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 114–128. Springer, Heidelberg (1996)Google Scholar
  36. 36.
    Brassard, G., Salvail, L.: Secret-Key Reconciliation by Public Discussion. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 410–423. Springer, Heidelberg (1994)CrossRefGoogle Scholar
  37. 37.
    Bresson, E., Chevassut, O., Pointcheval, D.: The Group Diffie-Hellman Problems. In: Nyberg, K., Heys, H.M. (eds.) SAC 2002. LNCS, vol. 2595, pp. 325–338. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  38. 38.
    Bresson, E., Chevassut, O., Pointcheval, D.: Group Diffie-Hellman Key Exchange Secure Against Dictionary Attacks. In: Zheng, Y. (ed.) ASIACRYPT 2002. LNCS, vol. 2501, pp. 497–514. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  39. 39.
    Bresson, E., Chevassut, O., Pointcheval, D.: Dynamic Group Diffie-Hellman Key Exchange under Standard Assumptions. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 321–336. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  40. 40.
    Bresson, E., Chevassut, O., Pointcheval, D.: Provably Authenticated Group Diffie-Hellman Key Exchange: The Dynamic Case. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 290–309. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  41. 41.
    Buchmann, J., Dullmann, S., Williams, H.: On the Complexity and Efficiency of a new key Exchange System. In: Quisquater, J.-J., Vandewalle, J. (eds.) EUROCRYPT 1989. LNCS, vol. 434, pp. 597–616. Springer, Heidelberg (1990)CrossRefGoogle Scholar
  42. 42.
    Burmester, M.: On the Risk of Opening Distributed Keys. In: Desmedt, Y.G. (ed.) CRYPTO 1994. LNCS, vol. 839, pp. 308–317. Springer, Heidelberg (1994)CrossRefGoogle Scholar
  43. 43.
    Canetti, R., Garay, J., Itkis, G., Micciancio, D., Naor, M., Pinkas, B.: Issue in Multicast Security: A Taxonomy and Efficient Constructions. In: Infocom 1999, pp. 708–716 (1999)Google Scholar
  44. 44.
    Canetti, R., Malkin, T., Nissim, K.: Efficient Communication-Storage Tradeoffs for Multicast Encryption. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 459–474. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  45. 45.
    Canetti, R., Krawczyk, H.: Analysis of Key-Exchange Protocols and Their Use for Building Secure Channels. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 453–474. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  46. 46.
    Canetti, R., Krawczyk, H.: Universally Composable Notions of Key Exchange and Secure Channels. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 337–351. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  47. 47.
    Chor, B., Fiat, A., Naor, M.: Traitor Tracing. In: Desmedt, Y.G. (ed.) CRYPTO 1994. LNCS, vol. 839, pp. 257–270. Springer, Heidelberg (1994)CrossRefGoogle Scholar
  48. 48.
    Chor, B., Fiat, A., Naor, M., Pinkas, B.: Traitor Tracing. IEEE Transactions on Information Theory 46(3), 893–910 (2000)zbMATHCrossRefGoogle Scholar
  49. 49.
    D’Arco, P., Stinson, D.R.: On Unconditionally Secure Robust Distributed Key Distribution Centers. In: Zheng, Y. (ed.) ASIACRYPT 2002. LNCS, vol. 2501, pp. 346–363. Springer, Heidelberg (2002) (to appear)CrossRefGoogle Scholar
  50. 50.
    Davida, G., Desmedt, Y., Peralta, R.: A key Distribution System Based on Any One-Way Function. In: Quisquater, J.-J., Vandewalle, J. (eds.) EUROCRYPT 1989. LNCS, vol. 434, pp. 75–80. Springer, Heidelberg (1990)CrossRefGoogle Scholar
  51. 51.
    Davida, G., Desmedt, Y., Peralta, R.: On the importance of memory resources in the security of key exchange protocols. In: Damgård, I.B. (ed.) EUROCRYPT 1990. LNCS, vol. 473, pp. 11–15. Springer, Heidelberg (1991)CrossRefGoogle Scholar
  52. 52.
    Denning, D.E., Sacco, G.M.: Timestamps in key distribution protocols. Communications of the ACM 24(8), 533–536 (1991)CrossRefGoogle Scholar
  53. 53.
    Desmedt, Y., Burmester, M.: Towards practical proven secure authenticated key distribution. In: Proceedings of the 1st ACM Conference on Computer and Communications Security, Fairfax, USA, pp. 228–231 (1993)Google Scholar
  54. 54.
    Diffie, W., Hellman, M.: New Directions in Cryptography. IEEE Transactions on Information Theory 22, 644–654 (1976)zbMATHMathSciNetCrossRefGoogle Scholar
  55. 55.
    Diffie, W., Van Oorschot, P.C., Wiener, M.J.: Authentication and Authenticated Key Exchanges. Design, Codes, and Cryptography 2, 107–125 (1992)CrossRefGoogle Scholar
  56. 56.
    Dyer, M., Fenner, T., Frieze, A., Thomas, A.: Key Storage in Secure Networks. Journal of Cryptology 8, 189–200 (1995)zbMATHCrossRefGoogle Scholar
  57. 57.
    Dwork, C., Lotspiech, J., Naor, M.: Digital Signets: Self-Enforcing Protection of Digital Information. In: Proceedings of the 28-th Symposium on the Theory of Computation, pp. 489–498 (1996)Google Scholar
  58. 58.
    Fiat, A., Naor, M.: Broadcast Encryption. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 480–491. Springer, Heidelberg (1994)Google Scholar
  59. 59.
    Fiat, A., Tessa, T.: Dynamic Traitor Tracing. Journal of Cryptology 14, 211–223 (2001)zbMATHGoogle Scholar
  60. 60.
    Fischer, M., Wright, R.N.: Multiparty Secret Key Exchange Using a Random Deal of Cards. In: Feigenbaum, J. (ed.) CRYPTO 1991. LNCS, vol. 576, pp. 141–155. Springer, Heidelberg (1992)CrossRefGoogle Scholar
  61. 61.
    Federal Information Processing Standards Publications (FIPS), http://www.itl.nist.gov/fipspubs/index.htm
  62. 62.
    FIPS PUB 185, Escrowed Encryption Standard (1994)Google Scholar
  63. 63.
    Frankel, Y., Yung, M.: Escrow Encryption Systems Visited: Attacks, Analysis, and Designs. In: Coppersmith, D. (ed.) CRYPTO 1995. LNCS, vol. 963, pp. 222–235. Springer, Heidelberg (1995)Google Scholar
  64. 64.
    Gafni, E., Staddon, J., Yin, Y.L.: Efficient Methods for Integrating Traceability and Broadcast Encryption. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 372–387. Springer, Heidelberg (1999)Google Scholar
  65. 65.
    Garay, J., Staddon, J., Wool, A.: Long-Lived Broadcast Encryption. In: Bellare, M. (ed.) CRYPTO 2000. LNCS, vol. 1880, pp. 333–352. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  66. 66.
    Girault, M.: Self-Certifying Public Keys. In: Davies, D.W. (ed.) EUROCRYPT 1991. LNCS, vol. 547, pp. 490–497. Springer, Heidelberg (1991)CrossRefGoogle Scholar
  67. 67.
    Gong, L., Wheeler, D.L.: A Matrix Key Distribution Scheme. Journal of Cryptology 2, 51–59 (1990)zbMATHMathSciNetCrossRefGoogle Scholar
  68. 68.
    Gottesman, D., Lo, H.-K.: From Quantum Cheating to Quantum Security, Physics Today on-line, available at http://www.aip.org/pt/vol-53/iss-11/p22.html
  69. 69.
    Gunther, C.G.: An Identity-Based Key-Exchange Protocol. In: Quisquater, J.-J., Vandewalle, J. (eds.) EUROCRYPT 1989. LNCS, vol. 434, pp. 29–37. Springer, Heidelberg (1990)CrossRefGoogle Scholar
  70. 70.
    Katz, J., Ostrovsky, R., Yung, M.: Efficient Password-Authenticated Key Exchange Using Human-Memorable Passwords. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 475–494. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  71. 71.
    Kiayias, A., Yung, M.: Traitor Tracing with Constant Transmission Rate. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 450–465. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  72. 72.
    Kiayias, A., Yung, M.: Self Protecting Pirates and Black-Box Traitor Tracing. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 63–79. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  73. 73.
    Kumar, R., Rajagopalan, S., Sahai, A.: Coding constructions for blacklisting problems without computational assumptions. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 609–623. Springer, Heidelberg (1999)Google Scholar
  74. 74.
    Ito, M., Saito, A., Nishizeki, T.: Secret Sharing Schemes Realizing General Access Structures. In: IEEE Global Telecommunications Conference, pp. 99–102 (1987)Google Scholar
  75. 75.
    ITU-T REC. X.509 (Revised), The Directory - Authentication Framework, International Telecommunication Union, Geneva, Switzerland (July 1995) Google Scholar
  76. 76.
    Just, M., Kranakis, E., Krizanc, D., Van Oorschot, P.: On Key Distribution via True Broadcasting. In: Proceedings of the 2nd ACM Conference on Computer and Communications Security, pp. 81–88 (1994)Google Scholar
  77. 77.
    Kahn, D.: The Codebreakers. Scribner, New York (1996)Google Scholar
  78. 78.
    Kim, H., Lee, D.H., Yung, M.: Privacy against Piracy: Protecting Two-Level Revocable P-K Traitor Tracing. In: Batten, L.M., Seberry, J. (eds.) ACISP 2002. LNCS, vol. 2384, pp. 482–496. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  79. 79.
    Koyama, K., Ohta, K.: Identity-based conference key distribution systems, In: Safavi-Naini, R., Pieprzyk, J.P. (eds.) ASIACRYPT 1994. LNCS, vol. 917, pp. 175–185. Springer, Heidelberg (1995)Google Scholar
  80. 80.
    Konheim, G.A.: Cryptography: A Primer. John Wiley & Sons, New York (1981)zbMATHGoogle Scholar
  81. 81.
    Korjik, V., Ivkov, M., Merinovitch, Y., Barg, A., Van Tilborg, H.: A Broadcast Key Distribution Scheme Based on Block Designs. In: Boyd, C. (ed.) Cryptography and Coding 1995. LNCS, vol. 1025, pp. 12–21. Springer, Heidelberg (1995)Google Scholar
  82. 82.
    Kurosawa, K., Okada, K., Sakano, K.: Security of the Center in Key Distribution Schemes. In: Safavi-Naini, R., Pieprzyk, J.P. (eds.) ASIACRYPT 1994. LNCS, vol. 917, pp. 333–341. Springer, Heidelberg (1995)Google Scholar
  83. 83.
    Leighton, T., Micali, S.: Secret key Agreement without Public Key Cryptography. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 456–479. Springer, Heidelberg (1994)Google Scholar
  84. 84.
    Van Lint, J.H., Wilson, R.M.: A course in combinatorics. Cambridge University Press, Cambridge (1992)zbMATHGoogle Scholar
  85. 85.
    Luby, M., Staddon, J.: Combinatorial Bounds for Broadcast Encryption. In: Nyberg, K. (ed.) EUROCRYPT 1998. LNCS, vol. 1403, pp. 512–526. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  86. 86.
    MacKenzie, P., Patel, S., Swaminathan, R.: Password-Authenticated Key Exchange Based on RSA. In: Okamoto, T. (ed.) ASIACRYPT 2000. LNCS, vol. 1976, pp. 599–613. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  87. 87.
    Matsumoto, T.: Incidence Structure for Key Sharing. In: Safavi-Naini, R., Pieprzyk, J.P. (eds.) ASIACRYPT 1994. LNCS, vol. 917, pp. 342–353. Springer, Heidelberg (1995)CrossRefGoogle Scholar
  88. 88.
    Matsumoto, T., Imai, H.: On the Key Predistribution System: A Practical Solution to the Key Predistribution Problem. In: Pomerance, C. (ed.) CRYPTO 1987. LNCS, vol. 293, pp. 185–194. Springer, Heidelberg (1988)CrossRefGoogle Scholar
  89. 89.
    Matsumoto, T., Takashima, Y., Imai, H.: On Seeking Smart Public-Key Distribution Systems. Transactions of the IECE (Japan) 69, 99–106 (1986)Google Scholar
  90. 90.
    Maurer, U.: Secret Key Agreement by Public Discussion. IEEE Transaction on Information Theory 39, 733–742 (1993)zbMATHMathSciNetCrossRefGoogle Scholar
  91. 91.
    ETH Crypto Group (Zurich), http://www.crypto.ethz.ch/research/
  92. 92.
    Maurer, U.: Cryptography 2000 + / −10. In: van de Snepscheut, J.L.A. (ed.) Trace Theory and VLSI Design. LNCS, vol. 200, pp. 63–85. Springer, Heidelberg (1985)Google Scholar
  93. 93.
    Maurer, U., Wolf, S.: On the Complexity of Breaking the Diffie-Hellman Protocol. SIAM Journal on Computing 28, 1689–1721 (1999)zbMATHMathSciNetCrossRefGoogle Scholar
  94. 94.
    Menezes, A.J., Oorschot, P.C., Vanstone, S.A.: Handbook of Applied Cryptography. CRC Press, Boca Raton (1996)CrossRefGoogle Scholar
  95. 95.
    Mitchell, C.J., Piper, F.C.: Key Storage in Secure Networks. Discrete Applied Mathematics 21, 215–228 (1988)zbMATHMathSciNetCrossRefGoogle Scholar
  96. 96.
    Naor, D., Naor, M., Lotspiech, J.: Revocation and Tracing Schemes for Stateless Receivers. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 41–62. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  97. 97.
    Naor, M., Pinkas, B., Reingold, O.: Distributed Pseudo-random Functions and KDCs. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 327–346. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  98. 98.
    Naor, M., Pinkas, B.: Threshold Traitor Tracing. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 502–517. Springer, Heidelberg (1998)Google Scholar
  99. 99.
    Naor, M., Pinkas, B.: Efficient Trace and Revoke Schemes. In: Frankel, Y. (ed.) FC 2000. LNCS, vol. 1962, pp. 1–21. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  100. 100.
    Needham, R.M., Schroeder, M.D.: Using Encryption for Authentication in Large Networks of Computers. Communications of ACM 21, 993–999 (1978)zbMATHCrossRefGoogle Scholar
  101. 101.
    Neuman, B.C., Tso, T.: Kerberos: An Authentication Service for Computer Networks. IEEE Transactions on Communications 32, 33–38 (1994)Google Scholar
  102. 102.
    Park, C., Kurosawa, K., Okamoto, T., Tsujii, S.: On Key Distribution and Authentication in Mobile Radio Networks. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 461–470. Springer, Heidelberg (1994)CrossRefGoogle Scholar
  103. 103.
    Pfitzmann, B.: Trials of Traced Traitors. In: Anderson, R. (ed.) IH 1996. LNCS, vol. 1174, pp. 49–64. Springer, Heidelberg (1996)Google Scholar
  104. 104.
    Poovendran, R., Baras, J.S.: An Information Theoretic Analysis of Rooted-Tree Based Secure Multicast Key Distribution Schemes. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 624–638. Springer, Heidelberg (1999)Google Scholar
  105. 105.
    Quinn, K.A.S.: Some Constructions for Key Distribution Patterns. Designs, Codes and Cryptography 4, 177–191 (1994)zbMATHMathSciNetCrossRefGoogle Scholar
  106. 106.
    Rivest, R.: Cryptography. In: van Leeuwen, J. (ed.) Handbook of Theoretical Computer Science,  ch. 13. MIT Press, Cambridge (1990)Google Scholar
  107. 107.
    Rivest, R., Shamir, A., Adleman, L.: A Method for Obtaining Digital Signatures and Public Key Cryptosystems. Communications of ACM 21, 120–126 (1978)zbMATHMathSciNetCrossRefGoogle Scholar
  108. 108.
    Safavi-Naini, R., Wang, H.: New Constructions for Multicast Re-Keying Schemes Using Perfect Hash Families. In: 7th ACM Conference on Computer and Communication Security, pp. 228–234. ACM Press, New York (2000)CrossRefGoogle Scholar
  109. 109.
    Safavi-Naini, R., Wang, Y.: Sequential Traitor Tracing. In: Bellare, M. (ed.) CRYPTO 2000. LNCS, vol. 1880, pp. 316–332. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  110. 110.
    Scheidler, R., Buchmann, J.A., Williams, H.C.: Implementation of a key exchange protocol using some real quadratic fields. In: Damgård, I.B. (ed.) EUROCRYPT 1990. LNCS, vol. 473, pp. 98–109. Springer, Heidelberg (1991)CrossRefGoogle Scholar
  111. 111.
    Sing, S.: The Code Book: The Evolution of Secrecy from Mary Queen of Scots to Quantum Cryptography (1999) Google Scholar
  112. 112.
    Shamir, A.: How to Share a Secret. Communications of ACM 22(11), 612–613 (1979)zbMATHMathSciNetCrossRefGoogle Scholar
  113. 113.
    Shor, P.W.: Polynomial-Time Algorithms for Prime Factorization and Discrete Logarithms on a Quantum Computer. SIAM Journal on Computing 26, 1484–1509 (1997)zbMATHMathSciNetCrossRefGoogle Scholar
  114. 114.
    Shoup, V.: Lower Bounds for Discrete Logarithms and Related Problems. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 256–266. Springer, Heidelberg (1997)CrossRefGoogle Scholar
  115. 115.
    Shoup, V., Rubin, A.: Session Key Distribution Using Smart Cards. In: Maurer, U.M. (ed.) EUROCRYPT 1996. LNCS, vol. 1070, pp. 321–332. Springer, Heidelberg (1996)CrossRefGoogle Scholar
  116. 116.
    Staddon, J.N., Stinson, D.R., Wei, R.: Combinatorial properties of frameproof and traceability codes. IEEE Transactions on Information Theory 47, 1042–1049 (2001)zbMATHMathSciNetCrossRefGoogle Scholar
  117. 117.
    Steiner, M., Tsudik, G., Waidner, M.: Diffie-Hellman Key Distribution Extended to Groups. In: Proceedings of the 3-rd ACM Conference on Computer and Communications Security, pp. 31–37 (1996)Google Scholar
  118. 118.
    Steiner, M., Tsudik, G., Waidner, M.: Key Agreement in Dynamic Peer Groups. IEEE Transactions on Parallel and Distributed Systems 11(8), 769–780 (2000)CrossRefGoogle Scholar
  119. 119.
    Stinson, D.R.: An Explication of Secret Sharing Schemes. Designs, Codes and Cryptography 2, 357–390Google Scholar
  120. 120.
    Stinson, D.R.: Cryptography: Theory and Practise, 2nd edn. CRC Press, Boca Raton (1995) (2nd Edition, 2002)Google Scholar
  121. 121.
    Stinson, D.R.: On Some Methods for Unconditionally Secure Key Distribution and Broadcast Encryption. Designs, Codes and Cryptography 12, 215–243 (1997)zbMATHMathSciNetCrossRefGoogle Scholar
  122. 122.
    Stinson, D.R., van Trung, T.: Some New Results on Key Distribution Patterns and Broadcast Encryption. Designs, Codes and Cryptography 15, 261–279 (1998)CrossRefGoogle Scholar
  123. 123.
    Stinson, D.R., Wei, R.: Key preassigned traceability schemes for broadcast encryption. In: Tavares, S., Meijer, H. (eds.) SAC 1998. LNCS, vol. 1556, pp. 144–156. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  124. 124.
    Stinson, D.R., Wei, R.: Combinatorial properties and constructions of traceability schemes and frameproof codes. SIAM Journal on Discrete Mathematics 11, 41–53 (1998)zbMATHMathSciNetCrossRefGoogle Scholar
  125. 125.
    Syverson, P., Meadows, C.: Formal Requirements for Key Distribution Protocols. In: De Santis, A. (ed.) EUROCRYPT 1994. LNCS, vol. 950, pp. 320–331. Springer, Heidelberg (1995)Google Scholar
  126. 126.
    Tzeng, W., Tzeng, Z.: Round-Efficient Conference Key Agreement Protocols with Provable Security. In: Okamoto, T. (ed.) ASIACRYPT 2000. LNCS, vol. 1976, pp. 614–628. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  127. 127.
    van Oorschot, P.C., Wiener, M.J.: On the Diffie-Hellman Key Agreement with Short Exponents. In: Maurer, U.M. (ed.) EUROCRYPT 1996. LNCS, vol. 1070, pp. 332–341. Springer, Heidelberg (1996)CrossRefGoogle Scholar
  128. 128.
    Wallner, D.M., Harder, E.J., Agee, R.C.: Key Management for Multicast: Issues and Architectures, Internet Draft (draft-wallner-key-arch-01.txt), ftp://ftp.ieft.org/internet-drafts/draft-wallner-key-arch-01.txt
  129. 129.
    Wong, D.S., Chan, A.H.: Efficient and Mutually Authenticated Key Exchange for Low Power Computing Devices. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 272–281. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  130. 130.
    Yacobi, Y.: A Key Distribution Paradox. In: Menezes, A., Vanstone, S.A. (eds.) CRYPTO 1990. LNCS, vol. 537, pp. 268–273. Springer, Heidelberg (1991)Google Scholar
  131. 131.
    Yacobi, Y., Shmuely, Z.: On key Distribution Systems. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 344–355. Springer, Heidelberg (1990)Google Scholar
  132. 132.
    Zheng, Y.: How to Break and Repair Leighton and Micali’s Key Agreement Protocol. In: De Santis, A. (ed.) EUROCRYPT 1994. LNCS, vol. 950, pp. 92–111. Springer, Heidelberg (1995)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2004

Authors and Affiliations

  • Carlo Blundo
    • 1
  • Paolo D’Arco
    • 2
  1. 1.Dipartimento di Informatica ed ApplicazioniUniversità di SalernoBaronissiItaly
  2. 2.Department of Combinatorics and OptimizationUniversity of WaterlooWaterlooCanada

Personalised recommendations