**Scalable Compilers for Group Key Establishment : Two/Three Party to Group**

*S.Sree Vivek and S.Sharmila Deva Selvi, Deepanshu Shukla and C.Pandu Rangan*

**Abstract: **This work presents the first scalable, efficient and generic compilers to construct group key exchange (GKE) protocols from two/three party key exchange (2-KE/3-KE) protocols. We propose three different compilers where the first one is a 2-KE to GKE compiler (2-TGKE) for tree topology, the second one is also for tree topology but from 3-KE to GKE (3-TGKE) and the third one is a compiler that constructs a GKE from 3-KE for circular topology. Our compilers 2-TGKE and 3-TGKE are first of their kind and are efficient due to the underlying tree topology. For the circular topology, we design a compiler called 3-CGKE. 2-TGKE and 3-TGKE compilers require a total of $\mathcal{O}\left(n\lg n \right)$ communication, when compared to the existing compiler for circular topology, where the communication cost is $\mathcal{O}\left(n^2 \right)$. By extending the compilers 2-TGKE and 3-TGKE using the techniques in \cite{DLB07}, scalable compilers for tree based authenticated group key exchange protocols (2-TAGKE/3-TAGKE), which are secure against active adversaries can be constructed. As an added advantage our compilers can be used in a setting where there is asymmetric distribution of computing power. Finally, we present a constant round authenticated group key exchange (2-TAGKE) obtained by applying Diffie-Hellman protocol and the technique in \cite{DLB07} to our compiler 2-TGKE. We prove the security of our compilers in a stronger Real or Random model and do not assume the existence of random oracles.

**Category / Keywords: **Group Key Exchange, Compilers, Tree Based Group Key Exchange, Circular topology, Real or Random Model, Scalability.

**Date: **received 9 Mar 2009, last revised 8 Apr 2009

**Contact author: **ssreevivek at gmail com

**Available format(s): **Postscript (PS) | Compressed Postscript (PS.GZ) | PDF | BibTeX Citation

**Version: **20090409:035305 (All versions of this report)

**Short URL: **ia.cr/2009/115

[ Cryptology ePrint archive ]