Patent attributes
Described are a method for generating a session key on demand in a network, a computer program element, a computer program product stored on a computer usable medium, and a computer device for executing the computer program product. The method generates a session key sk on demand in a network among n participating network devices with up to a number t of faulty devices. Each participating network device sends and receives a series of messages and performs the steps of: a) choosing a private and public key di, ei according to a public key encryption scheme, and broadcasting the public key ei to each participating network device; b) choosing a local contribution value yi from a multiplicative group Gq of size q; c) in each case of receiving the public key ej from one of the participating network devices, encrypting the local contribution value yi under the received public key ej to an encrypted contribution value yij and responding to the one participating network device the encrypted contribution value yij; d) receiving encrypted contribution values yji and deriving decrypted contribution values yj by applying the private key di; e) deriving a blinded session key bski from the decrypted contribution values yj and the local contribution value yi; f) agreeing on one of the blinded session keys bskj by using an agreement protocol; and g) deriving the session key sk from the agreed-on blinded session key bskj by applying one of the decrypted contribution values yj and the contribution value yi.
