in signed group key exchange, why do we need to sign a session id?

user206904

11/29/23, 7:06 PM

I have seen a few papers on (contributive) group key exchange where users create Keys and broadcast them so they can all contribute to the secret key. In order to protect against active attackers, several schemes use signature primitives.

They generate some sort of hashed session id, sign it with the message (via some method that I did not fully understand) and broadcast the outcome...

What I fail to understand and I am really curious to know is: why do we need such a complex mechanism? can't we just sign the broadcasted message directly?

Also in case some of the attackers are not only active (on the network) but insiders in the protocol (malicious), how do we prevent them from biasing the key?

Thanks

0 + 0

key-exchange

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: in signed group key exchange, why do we need to sign a session id?

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.