On Unconditionally Secure Robust Distributed Key Distribution Centers

A Key Distribution Center enables secure communications among groups of users in a network by providing common keys that can be used with a symmetric encryption algorithm to encrypt and decrypt messages the users wish to send to each other. A Distributed Key Distribution Center is a set of servers of a network that jointly realize a Key Distribution Center. In this paper we propose an unconditionally secure scheme to set up a robust Distributed Key Distribution Center. Such a distributed center keeps working even if some minority of the servers malfunction or misbehave under the control of a mobile adversary. Our scheme for a distributed key distribution center is constructed using unconditionally secure proactive verifiable secret sharing schemes. We review the unconditionally secure verifiable secret sharing scheme described by Stinson and Wei, discuss a problem with the proactive version of that scheme, and present a modified version which is proactively secure.

[1]  BlundoCarlo,et al.  Bounds and constructions for unconditionally secure distributed key distribution schemes for general access structures , 2004 .

[2]  Mihir Bellare,et al.  Provably secure session key distribution: the three party case , 1995, STOC '95.

[3]  Alfred Menezes,et al.  Handbook of Applied Cryptography , 2018 .

[4]  Douglas R. Stinson,et al.  Unconditionally Secure Proactive Secret Sharing Scheme with Combinatorial Structures , 1999, Selected Areas in Cryptography.

[5]  Carlo Blundo,et al.  The Key Establishment Problem , 2001, FOSAD.

[6]  Roger M. Needham,et al.  Using encryption for authentication in large networks of computers , 1978, CACM.

[7]  Yuval Ishai,et al.  The round complexity of verifiable secret sharing and secure multicast , 2001, STOC '01.

[8]  O. Antoine,et al.  Theory of Error-correcting Codes , 2022 .

[9]  Michael Wiener,et al.  Advances in Cryptology — CRYPTO’ 99 , 1999 .

[10]  Douglas R. Stinson,et al.  Cryptography: Theory and Practice , 1995 .

[11]  Rafail Ostrovsky,et al.  How To Withstand Mobile Virus Attacks , 1991, PODC 1991.

[12]  Douglas R. Stinson,et al.  An application of covering designs: determining the maximum consistent set of shares in a threshold scheme , 1999, Ars Comb..

[13]  Carles Padró,et al.  Bounds and Constructions for Unconditionally Secure Distributed Key Distribution Schemes for General Access Structures , 2001, ISC.

[14]  Joos Vandewalle,et al.  On Distributed Key Distribution Centers and Unconditionally Secure Proactive Verifiable Secret Sharing Schemes Based on General Access Structure , 2002, INDOCRYPT.

[15]  Hugo Krawczyk,et al.  Proactive Secret Sharing Or: How to Cope With Perpetual Leakage , 1995, CRYPTO.

[16]  Baruch Awerbuch,et al.  Verifiable secret sharing and achieving simultaneity in the presence of faults , 1985, 26th Annual Symposium on Foundations of Computer Science (sfcs 1985).

[17]  Rafail Ostrovsky,et al.  How to withstand mobile virus attacks (extended abstract) , 1991, PODC '91.

[18]  Moni Naor,et al.  Distributed Pseudo-random Functions and KDCs , 1999, EUROCRYPT.

[19]  Douglas R. Stinson,et al.  On Some Methods for Unconditionally Secure Key Distribution and Broadcast Encryption , 1997, Des. Codes Cryptogr..

[20]  Theodore Y. Ts'o,et al.  Kerberos: an authentication service for computer networks , 1994, IEEE Communications Magazine.

[21]  Jacques Stern,et al.  Advances in Cryptology — EUROCRYPT ’99 , 1999, Lecture Notes in Computer Science.

[22]  Joos Vandewalle,et al.  Applying General Access Structure to Proactive Secret Sharing Schemes , 2002, IACR Cryptol. ePrint Arch..

[23]  Paolo D'Arco On the Distribution of a Key Distribution Center , 2001, ICTCS.