Efficient identity-based conference key distribution protocols
In this paper we study security properties of conference key distribution protocols and give a hierarchy of four security classes. We show various problems with the Burmester-Desmedt conference key distribution protocol and show that the authenticated version of the protocol belongs to class 2. We give a modification of the protocol that makes it identity-based. Another modification provides us a class 4 protocol that is secure against insiders' attacks. This protocol is most efficient compared to known authenticated conference key distribution protocols. Finally we propose a particular key confirmation protocol that may be combined with almost all conference key distribution protocols to achieve the highest security.
KeywordsSecurity classes Conference key Identity-based
Unable to display preview. Download preview PDF.
- 1.C. Blundo, A. De Santis, A. Herzberg, S. Kutten, U. Vaccaro and M.Yung, “Perfectly secure key distribution for dynamic conferences”, Proceedings of Crypto '92, LNCS, vol. 740, Springer-Verlag, 1993, pp. 471–487Google Scholar
- 2.C. Boyd, “On key agreement and conference key agreement”, Proceedings of ACISP '97, LNCS, vol. 1270, Springer-Verlag, 1997, pp. 294–302Google Scholar
- 3.M. Burmester and Y. Desmedt, “A secure and efficient conference key distribution system”, Proceedings of Eurocrypt '94, LNCS, vol. 950, Springer-Verlag, 1994, pp. 275–286Google Scholar
- 5.M.Fischer and R. Wright, “Multiparty secret key exchange using a random deal of cards”, Proceedings of Crypto '91, LNCS, vol. 576, Springer-Verlag, 1992, pp. 141–155Google Scholar
- 6.M. Just and S. Vaudenay, “Authenticated multi-party key agreement”, Proceedings of ASIA CRYPT '96, LNCS, vol. 1163, Springer-Verlag, 1996, pp. 36–49Google Scholar
- 7.K. Koyama and K. Ohta, “Identity-based conference key distribution systems”, Proceedings of Crypto '87, LNCS, vol. 293, Springer-Verlag, 1988, pp. 175–184Google Scholar
- 8.S. Saeednia and R. Safavi-Naini, ”A new identity-based key exchange protocol minimizing computation and communication”, Proceedings of IS W '97, LNCS, to appearGoogle Scholar