Perfectly Secure Key Distribution for Dynamic Conferences

Abstract In this paper we analyze perfectly secure key distribution schemes for dynamic conferences. In this setting, any member of a group of t users can compute a common key using only his private initial piece of information and the identities of the other t −1 users in the group. Keys are secure against coalitions of up to k users; that is, even if k users pool together their pieces they cannot compute anything about a key of any conference comprised of t other users. First we consider a noninteractive model where users compute the common key without any interaction. We prove the tight bound on the size of each user's piece of information of[formula]times the size of the common key. Then, we consider the model where interaction is allowed in the common key computation phase and show a gap between the models by exhibiting a one-round interactive scheme in which the user's information is only k + t −1 times the size of the common key. Finally, we present its adaptation to network topologies with neighbourhood constraints and to asymmetric (e.g., client-server) communication models.

[1]  Amos Beimel,et al.  Interaction in Key Distribution Schemes (Extended Abstract) , 1993, CRYPTO.

[2]  Ueli Maurer,et al.  Non-interactive Public-Key Cryptography , 1991, EUROCRYPT.

[3]  Michael J. Fischer,et al.  Multiparty Secret Key Exchange Using a Random Deal of Cards , 1991, CRYPTO.

[4]  Walter Fumy,et al.  A Modular Approach to Key Distribution , 1990, CRYPTO.

[5]  Yacov Yacobi,et al.  On Key Distribution Systems , 1989, CRYPTO.

[6]  Carlo Blundo,et al.  Space Requirements for Broadcast Encryption , 1994, EUROCRYPT.

[7]  Eiji Okamoto,et al.  Key distribution system based on identification information , 1989, IEEE J. Sel. Areas Commun..

[8]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[9]  F. MacWilliams,et al.  The Theory of Error-Correcting Codes , 1977 .

[10]  Roger M. Needham,et al.  Using encryption for authentication in large networks of computers , 1978, CACM.

[11]  Chak-Kuen Wong,et al.  A conference key distribution system , 1982, IEEE Trans. Inf. Theory.

[12]  Russell Impagliazzo,et al.  Limits on the provable consequences of one-way permutations , 1988, STOC '89.

[13]  Yacov Yacobi A Key Distribution "Paradox" , 1990, CRYPTO.

[14]  Thomas M. Cover,et al.  Elements of Information Theory , 2005 .

[15]  Moti Yung,et al.  Systematic Design of Two-Party Authentication Protocols , 1991, CRYPTO.

[16]  Rolf Blom,et al.  An Optimal Class of Symmetric Key Generation Systems , 1985, EUROCRYPT.

[17]  Moti Yung,et al.  Perfectly Secure Key Distribution for Dynamic Conferences , 1992, Inf. Comput..

[18]  Hideki Imai,et al.  On the Key Predistribution System: A Practical Solution to the Key Distribution Problem , 1987, CRYPTO.

[19]  Silvio Micali,et al.  Secret-Key Agreement without Public-Key Cryptography , 1993, CRYPTO.

[20]  Adi Shamir,et al.  Identity-Based Cryptosystems and Signature Schemes , 1984, CRYPTO.