A Distributed Shared Key Generation Procedure Using Fractional Keys
Corson, M. Scott
Baras, John S.
MetadataПоказать полную информацию
We present a new class of distributed key generation and recoveryalgorithms suitable for group communication systems where the groupmembership is either static or slowly time-varying, and must be tightlycontrolled. <p>The proposed key generation approach allows entities whichmayhave only partial trust in each other to jointly generate a shared keywithout the aid of an external third party. The group collectivelygenerates and maintains a dynamic group parameter, and the shared key isgenerated using a strong, one-way function of this parameter. <p>This schemealso provides perfect forward secrecy. The validity of key generation canbe checked using verifiable secret sharing techniques. The key retrievalmethod does not require the keys to be stored in an external retrievalcenter. <p>We note that many Internet-based applications may have theserequirements. Fulfillment of these requirements is realized through theuse of fractional keys--a distributed technique recently developed toenhance the security of distributed systems in a non-cryptographicmanner.