Conference key computing Clause Samples
Conference key computing each participant Ui does the following:
(a) Fault detection and exclusion: for each j ƒ= i, – Compute z = (u )x−1 mod p and verify whether (r ,s ) is the sig- nature of zj. j,i i j j – Verify NIPVS(g, y1, y2,... , ▇▇, ▇▇,▇, ▇▇,▇,... , ▇▇,▇). If both checkings are correct, add Uj to its honest participant set Ui.
(b) Compute the conference key: assume that Ui’s honest participant set Ui )x−1 is {Ui1 , Ui2 ,... , Uim }. Ui computes the conference key K = (u i1,i ui2,i im,i = gki1 +ki2 +···+▇▇▇ mod p. Note that only legal participants can verify whether (ri, si) is the signature of the subkey zi. This property is crucial to the proof of releasing no useful information in the random oracle model.
Conference key computing each participant Ui does the following:
(a) Fault detection and exclusion: for each j i, validate NIEQ(g, zj, Zj, Yj).If the validation does not hold, remove Uj from its honest participant set Ui and restart the protocol with the new honest participant set. is {U1, U2,... , Um}. Ui computes the conference key K = (zi−1)mki xi Y m−1Y m−2 ··· Y i−1Y i−2Y i−3 ··· Yi−2 mod p = gx1x2k1 k2 +x2x3k2k3 +···+xnx1knk1 mod p.