An efficient and secure fault-tolerant conference-key distribution scheme

An original approach to establish a computationally secure and robust conference key between multiple users is presented, which is built on known secret sharing schemes and requires the authenticated and encrypted point-to-point channels between servers and users. By running of the protocol, every honest user of a given conference can get a common key, even if a minority of the servers malfunction or misbehave. This scheme does not rely on any unproven cryptographic assumptions or on the availability of any tamper-proof hardware. By using zero knowledge proof, any corrupted information and incorrect results can be detected. And by distributing the sensitive security information across several servers and never reconstructing any key at a single location, the compromise of a few servers will not compromise the privacy of any key. Analysis shows that under the assumption of a Diffie-Hellman decisional problem, a passive adversary gets zero knowledge about the conference key, and in the random oracle model, an active adversary cannot impersonate successfully. We have implemented the scheme in a distributed environment. By conducting a number of experiments in the fault-free case and various fault scenarios, we show that it has an acceptable performance of practicability.