Authenticated multi-party key agreement

Mike Just, Serge Vaudenay

Research output: Chapter in Book/Report/Conference proceedingOther chapter contribution

145 Citations (Scopus)


We examine key agreement protocols providing (i) key authentication (ii) key confirmation and (iii) forward secrecy. Attacks are presented against previous two-party key agreement schemes and we subsequently present a protocol providing the properties listed above.

A generalization of the Burmester-Desmedt (BD) model (Eurocrypt '94) for multi-party key agreement is given, allowing a transformation of any two-party key agreement protocol into a multi-party protocol. A multi-party scheme (based on the general model and a specific 2-party scheme) is presented that reduces the number of rounds required for key computation compared to the specific BD scheme. It is also shown how the specific BD scheme fails to provide key authentication.
Original languageEnglish
Title of host publicationAdvances in Cryptology - ASIACRYPT '96
Place of PublicationNew York (New York)
Number of pages14
Publication statusPublished - 1996

Publication series

NameLecture Notes in Computer Science Book Series (LNCS)
PublisherSpringer Publishing Company


Dive into the research topics of 'Authenticated multi-party key agreement'. Together they form a unique fingerprint.

Cite this