Authenticated multi-party key agreement
We examine key agreement protocols providing: (i) key authentication, (ii) key confirmation, and (iii) forward secrecy. Attacks are presented against previous two-party key agreement schemes and we subsequently present a protocol providing the properties listed above. A generalization of the Burmester-Desmedt (BD) model (Eurocrypt, 1994) for multi-party key agreement is given, allowing a transformation of any two-party key agreement protocol into a multi-party protocol. A multi-party scheme (based on the general model and a specific 2-party scheme) is presented that reduces the number of rounds required for key computation compared to the specific BD scheme. It is also shown how the specific BD scheme fails to provide key authentication
JV96.ps
openaccess
167.97 KB
Postscript
5f217e8715f90958a575b6d18e7b8c7f