Multi-party Key-Exchange with Perfect Forward Secrecy

The paper proposes a multi-party key exchange scheme with Perfect Forward Secrecy (PFS) which ensures that a session key derived from a set of long-term public and private keys used in the protocol to authenticate, does not compromise the secrecy of session key. In this protocol, each group establishes connection by communicating through a trusted third party. The trusted party acts as a group controller generates a public key and broadcasts it among the groups. Each group generate their public keys and send to trusted party. After receiving all the keys the group controller shares it among all the parties to generate the session key. Similarly, each group manager of individual group communicates with the members of the corresponding group. The security of the proposed scheme is analysed rigorously and proved to be resistant against non-repudiation attack, replay attack, chosen cipher attack, man-in-the middle attack. The scheme has wider applications such as, sending encrypted e-mail in a military environment to multiple users, securing submitted bids information in online tender, contract signing by many organizations, etc.