Round-Optimal Contributory Conference Key Agreement

  • Colin Boyd
  • Juan Manuel González Nieto
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2567)


Becker and Wille derived a lower bound of only one round for multi-party contributory key agreement protocols. Up until now no protocol meeting this bound has been proven secure. We present a protocol meeting the bound and prove it is secure in Bellare and Rogaway’s model. The protocol is much more efficient than other conference key agreement protocols with provable security, but lacks forward secrecy.


Signature Scheme Random Oracle Security Parameter Forward Secrecy Provable Security 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. [1]
    Giuseppe Ateniese, Michael Steiner, and Gene Tsudik. Authenticated group key agreement and friends. In 5th Conference on Computer and Communications Security, pages 17–26. ACM Press, 1998. 162Google Scholar
  2. [2]
    Giuseppe Ateniese, Michael Steiner, and Gene Tsudik. New multi-party authentication services and key agreement protocols. IEEE Journal on Selected Areas in Communications, 18(4):628–639, April 2000. 162CrossRefGoogle Scholar
  3. [3]
    Klaus Becker and Uta Wille. Communication complexity of group key distribution. In 5th Conference on Computer and Communications Security, pages 1–6. ACM Press, 1998. 161Google Scholar
  4. [4]
    M. Bellare and P. Rogaway. Provably secure session key distribution–the three party case. In Proceedings of the 27th ACM Symposium on the Theory of Computing, 1995. 162, 163, 164, 168, 169Google Scholar
  5. [5]
    Mihir Bellare, Alexandra Boldyreva, and Silvio Micali. Public-key encryption in a multi-user setting: Security proofs and improvements. In B. Preneel, editor, Advances in Cryptology–Eurocrypt 2000, volume 1807 of LNCS. Springer-Verlag, 2000. Full version at 169Google Scholar
  6. [6]
    Mihir Bellare, David Pointcheval, and Phillip Rogaway. Authenticated key exchange secure against dictionary attacks. In Advances in Cryptology-Eurocrypt 2000, pages 139–155. Springer-Verlag, 2000. 162, 164Google Scholar
  7. [7]
    Mihir Bellare and Phillip Rogaway. Entity authentication and key distribution. In Advances in Cryptology–CRYPTO’93, pages 232–249. Springer-Verlag, 1993. Full version at 162, 164, 165
  8. [8]
    S. Blake-Wilson and A. Menezes. Security proofs for entity authentication and authenticated key transport protocols employing asymmetric techniques. In Security Protocols Workshop. Springer-Verlag, 1997. 162Google Scholar
  9. [9]
    Simon Blake-Wilson and Alfred Menezes. Authenticated Diffie-Hellman key agreement protocols. In Selected Areas in Cryptography, pages 339–361. Springer-Verlag, 1999. 162Google Scholar
  10. [10]
    Victor Boyko, Philip MacKenzie, and Sarvar Patel. Provably secure passwordauthenticated key exchange using Diffie-Hellman. In Advanced in Cryptology-Eurocrypt 2000. Springer-Verlag, 2000. 162Google Scholar
  11. [11]
    Emmanuel Bresson, Olivier Chevassut, and David Pointcheval. Provably authenticated group Diffie-Hellman key exchange–the dynamic case. In Advances in Cryptology-Asiacrypt 2001, pages 290–309. Springer-Verlag, 2001. 162, 163, 168Google Scholar
  12. [12]
    Emmanuel Bresson, Olivier Chevassut, and David Pointcheval. Dynamic group Diffie-Hellman key exchange under standard assumptions. In Advances in Cryptology-Eurocrypt 2002. Springer-Verlag, 2002. 162, 163, 168Google Scholar
  13. [13]
    Emmanuel Bresson, Olivier Chevassut, David Pointcheval, and Jean-Jacques Quisquater. Provably authenticated group Diffie-Hellman key exchange. In CCS’01, pages 255–264. ACM Press, November 2001. 162, 163, 165, 168, 169Google Scholar
  14. [14]
    Mike Burmester and Yvo Desmedt. A secure and efficient conference key distribution system. In Advances in Cryptology–Eurocrypt’94, pages 275–286. Springer-Verlag, 1995. 162Google Scholar
  15. [15]
    W. Diffie and M. Hellman. Newd irections in cryptography. IEEE Transaction on Information Theory, 22:644–654, 1976. 162zbMATHCrossRefMathSciNetGoogle Scholar
  16. [16]
    Shafi Goldwasser and Silvio Micali. Probabilistic encryption. Journal of Computer Security, 28:270–299, 1984. 166zbMATHMathSciNetGoogle Scholar
  17. [17]
    Shafi Goldwasser, Silvio Micali, and Ronald Rivest. A digital signature scheme secure against adaptive chosen-message attacks. SIAM J. Comput., 17(2), 1988. 167Google Scholar
  18. [18]
    Ingemar Ingemarsson, Donald T. Tang, and C. K. Wong. A conference key distribution system. IEEE Transactions on Information Theory, IT-28(5):714–720, September 1982. 162CrossRefMathSciNetGoogle Scholar
  19. [19]
    Antoine Joux. A one round protocol for tripartite Diffie-Hellman. In W. Bosma, editor, Algorithmic Number Theory, 4th International Symposium, ANTS-IV, volume 1838 of LNCS, pages 385–393. Springer-Verlag, 2000. 161, 162Google Scholar
  20. [20]
    A. Menezes, P. van Oorschot, and S. Vanstone. Handbook of Applied Cryptography. CRC Press, 1996. 166Google Scholar
  21. [21]
    Olivier Pereira and Jean-Jacques Quisquater. A security analysis of the Cliques protocol suites. In Computer Security Foundations Workshop, pages 73–81. IEEE Computer Society Press, 2001. 162Google Scholar
  22. [22]
    Charles Rackoff and Daniel R. Simon. Non-interactive zero-knowledge proof of knowledge and chosen ciphertext attack. In Joan Feigenbaum, editor, Advances in Cryptology–CRYPTO’ 91, volume 576 of Lecture Notes in Computer Science, pages 433–444. Springer-Verlag, Berlin, Germany, 1992.Google Scholar
  23. [23]
    Michael Steiner, Gene Tsudik, and Michael Waidner. Diffie-Hellman key distribution extended to group communication. In 3rd ACM Conference on Computer and Communications Security, New Delhi, March 1996. ACM Press. 162, 163Google Scholar
  24. [24]
    Wen-Guey Tzeng and Zhi-Jha Tzeng. Round-efficient conference key agreement protocols with provable security. In T. Okamoto, editor, Advances in Cryptology–Asiacrypt 2000, volume 1976 of LNCS, pages 614–627. Springer-Verlag, 2000. 163, 174Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2003

Authors and Affiliations

  • Colin Boyd
    • 1
  • Juan Manuel González Nieto
    • 1
  1. 1.Information Security Research CentreQueensland University of TechnologyBrisbaneAustralia

Personalised recommendations