n-Party Public Key Cryptography

While 2-party public key cryptography is very well laid out in .net framework going n-party concerns me a lot. For instance securing a two-party video-conf. communication is quite easy:

1) Each party generate session specific RSA key pairs and get their public-keys signed by a trusted authority (i.e. a trusted server). 2) Eachy party exchange keys using ECDiffieHellmanCng thus the connection is now both authentic and secure (thinking that they use Vista/W7).

Now adding a 3rd participant to this communication will not work because key exchange algorithms are designed to derive a shared secret from 2 public keys only (especially using .NET and BouncyCastle). So the question is, how would you go about implementing a n-party public key cryptography schema which is still authentic (i.e. resistant to man in the middle attack) and secure (i.e. secure from eavesdropping).

Edit: Currently the ideas are as below, I'll go ahead and implement the most popular one as a part of the NBusy.Communicator library:

• Use a two-party communication scheme where one party acts as a开发者_如何转开发 federation server.
• Initiate a two-party communication and let one party to authenticate third-parties and share the secret/symmetric key.
• Use Multi-Party Key Agreement Scheme.

Edit2: I'm going with the "n-Party Diffie Hellman" algorithm, similar to the one described here but with some modifications: http://www.codeproject.com/KB/cs/diffy_helman.aspx

(Just thinking out loud)

You don't need a (complete) mesh of secure relations.

The point of the PK+Certificate is to distribute a symmetric key.

Any new participant only needs to establish identities with 1 existing node and can then get a copy of that symm key.

I believe the reason it has not been implemented yet, is because there is no need for it. Most security schemes work on a point to point basis where there are two parties. If there are more than 2 parties it is usually implemented as 2 two-party communication where one party works as a Federation.

It seems to me that a "Multi-Party Key Agreement Scheme" is also possible but currently there doesn't seem to much practical implementations using .net/c#. Very neat academic (but very hard to implement) idea here from Giuseppe Atenies (IEEE): Authenticated Multi-Party Key Agreement.

I've also came across a very neat article at CodeProject about 3-tier Diffie Hellman which can possibly be extended to n-party, as in my case: http://www.codeproject.com/KB/cs/diffy_helman.aspx