Distributed Pseudo-Random Functions and KDCs

Moni Naor     Benny Pinkas    Omer Reingold


This work describes schemes for distributing between n servers the evaluation of a function f which is an approximation to a random function, such that only authorized subsets of servers are able to compute the function. A user who wants to compute f(x) should send x to the members of an authorized subset and receive information which enables him to compute f(x). We require that such a scheme is  consistent, i.e. that given an input x all authorized subsets compute the same value f(x).

The solutions we present enable the operation of many servers, preventing bottlenecks or single points of failure. There are also no single entities which can compromise the security of the entire network. The solutions can be used to distribute the operation of a Key Distribution Center (KDC). They are far better than the known partitioning to domains or replication solutions to this problem, and are especially suited to handle users of multicast groups.

Postscript , gzipped Postscript .


Back to: On-Line Publications
Back Home