ACAC Seminar Abstract

ACAC Seminar Abstract

ACAC Seminars

ACAC Seminar Abstract

10 Years of the Efficient BD-II Group Key Exchange Protocol

Speaker: Yvo Desmedt
Date, Time: Fri, 13 Jul 2007 11:00

While the work by Burmester-Desmedt (I) at Eurocrypt 1994 is well known, their work published in 1997 (BD-II) (presented at the Protocols Workshop, Cambridge in 1996) is unknown to most researchers. Some variants were reinvented, e.g. by Wong-Gouda-Lam, a paper heavily cited in the literature. The advantages of BD-II compared to BD-I are: (1) works in a broadcast/serial communication model, (2) BD-II is a compiler that can use any two party key exchange and transform it into a group key exchange protocol, (3) BD-II's computational and communication complexities are significantly lower. The security proof against a passive adversary is rather trivial.

The work on guaranteeing the authenticity in group key exchange protocols is the root of new research. However, the Katz-Yung compiler results in an inefficient variant of BD-II. Recently a variant has been presented of this compiler that does not affect the efficiency of BD-II.

In this presentation we survey some of the work published in these 10 years, compare BD-I and BD-II and explain how to deal with active attacks by outsiders. The last part is based on joint work with Tanja Lange and Mike Burmester and was presented at Financial Cryptography 2007.

Back to the top of this page