This paper proposes a group key distribution scheme with a user exclusion. The user exclusion is how to distribute an encryption key over a broadcast channel shared by n users so that all but d excluded users can get the group key. In the broadcast channel such as Pay-TV, Internet multicast and a mobile telecommunication for a group, a manager should exclude a dishonest user or an unauthorized terminal as soon as possible to protect the secrecy of the group communication. However, it takes a long time for the user exclusion on a large group, if the distributor distributes the group key to each user except the excluded one. We propose a scheme in which the amount of transmission and the key storage of each user do not depend on the number of users of the group. Moreover, our scheme does not require a fixed and privileged distributor.

This paper proposes a new concept of Interaction key. An interaction key is a group public key that corresponds to a shared key shared by multiple users, and it has a new feature that an interaction key generator can verify the following: the shared key has been generated now, and the shared key has not existed before. In other words, the multiple users can prove them to the key generator. This feature is different from Time-stamp technology proves that a message existed at a point in time. Here, the key generator is a third party that can observe communications of the multiple users. Present technology only allows a group member or a privileged entity to generate a group public key. We are not presently aware of a technology where a third party can generate the group public key as above. The interaction key technology is useful both for generating public key certificates and for message certification. In a certificate generation, a certificate authority can issue a public key certificate with the shared key (i.e. secret key) to be used by the multiple users. In a message certification, the users can prove the signed message has not existed before, since the message is signed by the shared key corresponds to the interaction key.

This paper proposes a user revocation scheme for decentralized networks. User revocation is a method to distribute a group decryption key that is shared by n users in a group so that all but d revoked users can obtain the key. In decentralized networks such as ad-hoc networks, mesh networks, and Peer to Peer (P2P) networks, a sender should revoke the access of a dishonest user or an unauthorized user as soon as possible to protect the security of group communication. However, if the sender distributes the group key to all users aside from the revoked user, it would take a long time to revoke a user in a large group. In addition, users must set shared group keys for each user without a privileged center. We propose a scheme in which the amount of transmission and the key storage of each user are small.