A secure fault-tolerant conference-key agreement protocol

Wen-Guey Tzeng*

*Corresponding author for this work

Research output: Contribution to journalArticlepeer-review

75 Scopus citations


When a group of people want to communicate securely over an open network, they run a conference-key protocol to establish a common conference key K such that all their communications thereafter are encrypted with the key K. In this paper, we propose a provably secure fault-tolerant conference-key agreement protocol under the authenticated broadcast channel model. We show that a passive adversary gets zero knowledge about the conference key established by the honest participants under the assumption of a variant Diffie-Hellman decision problem. We also show that the honest participants can agree on a common conference key no matter how many participants are malicious. Furthermore, we show that even if the broadcast channel is not authenticated, our protocol is secure against impersonators under the random oracle model.

Original languageEnglish
Pages (from-to)373-379
Number of pages7
JournalIEEE Transactions on Computers
Issue number4
StatePublished - 1 Apr 2002


  • Conference key
  • Fault tolerance
  • Provable security

Fingerprint Dive into the research topics of 'A secure fault-tolerant conference-key agreement protocol'. Together they form a unique fingerprint.

Cite this