A Distributed Shared Key Generation Procedure Using Fractional Keys

W e present a new class of distributed key generation and recovery algorithms suitable f o r group communication syst ems where the group membership is either static or slowly time-varying, and m u s t be tightly controlled. The proposed key generation approach allows entities which m a y have only partial trust in each other t o jointly generate a shared key without the aid of a n external third party. The shared key is generated using strong one-way function of the group parameter. This scheme also has perfect forward secrecy. The validity of key generation can be checked using verifiable secret sharing techniques. The key retrieval method does not require the keys t o be stored in a n external retrieval center. W e note that m a n y Internet-based applications m a y have these requirements. Fulfillment of these requirements is realized through the use of fractional keys-a distributed technique recently developed to enhance the security of distributed systems in a non-cryptographic manner.