Conference Keying — From Napier’s Logs to Elliptic Curves

Discrete logarithm methods -such as with Diffie-Hellman — are not efficient these days as the prime number often has 2,048 bits or more. We thus focus more on elliptic curve methods, and which are much faster. The basics of them is to convert g^x (mod p) into xG, and where G is the base point on a curve, and x is the scalar. We thus perform a point multiplication rather than an exponential. When it comes to a multiplication, such as g^x g^y (and which is equal to g^{x+y}), we perform a point addition, such as xG + yG (and which is equal to (x+y)G). And that’s it, just two core operations: a point multiplication, and a point addition. So let’s convert a method which was defined in discrete logs as an elliptic curve method. For this we will use a conference keying method, and which will allow a number of conference participants to share an encryption key.

Burmester-Desmedt conference keying method

With conference keying, we have t participants, and each of these generates a secret value (r_i), and then transmit a public value generated from this (Z_i). Each of the participants then uses these values, and their secret value, and will generate the same secret key (K_i). In the following, we will use the Burmester-Desmedt method [1], and have five participants, and with varying sizes of a shared…