Skip to main content
U.S. flag

An official website of the United States government

Dot gov

The .gov means it’s official.
Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.


The site is secure.
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

Constant-Round Group Key Exchange from the Ring-LWE Assumption



Daniel C. Apon, Dana Dachman-Soled, Huijing Gong, Jonathan Katz


Group key-exchange protocols allow a set of N parties to agree on a shared, secret key by communicating over a public network. A number of solutions to this problem have been proposed over the years, mostly based on variants of Diffie-Hellman (two-party) key exchange; to the best of our knowledge, however, there has been almost no work looking at candidate post-quantum group key-exchange protocols. Here, we propose a constant-round, scalable protocol for unauthenticated group key exchange (i.e., with security against a passive eavesdropper) based on the hardness of the Ring-LWE problem. By applying the Katz-Yung compiler using any post-quantum signature scheme, we obtain a (scalable) protocol for authenticated group key exchange with post-quantum security. Our protocol is constructed by generalizing the Burmester-Desmedt protocol to the Ring-LWE setting, which requires addressing several technical challenges.
Proceedings Title
The Tenth International Conference on Post-Quantum Cryptography
Conference Dates
May 8-10, 2019
Conference Location
Chongqing, -1
Conference Title


Ring Learning With Errors, Group Key-Exchange
Created July 14, 2019, Updated September 11, 2019