I am implementing a key distribution protocol described by Torben Pedersen in A Threshold Cryptosystem without a Trusted Party (EUROCRYPT'91). In the protocol, the $n$ parties distribute a public key for the ElGamal cryptosystem, where each party ends up with "part of" the private key and can work together to decrypt a message.
In the paper, Pedersen states that the parties all agree on the two primes $p$ and $q$, and the generator $g$ of $\mathbb{G}_{q}$. $h$ is then computed based on the individiual's choice of the private key $x_{i}$ (so that $h_{i} = g^{x_{i}}$ and $h = \prod_{i}^{n} h_{i}$).
If $p$ is sufficiently large, can the public parameters $p$, $q$, and $g$ be reused? It seems to me that if in each round of encryption, each party selects a new $x_{i}$, thus resulting in a new $h$, that the values of $p$, $q$, and $g$ can be persistent.
I ask this because finding a random safe prime of 1024 bits can be slow, and finding a generator of $\mathbb{G}_{q}$ can take a very long time. If these could be agreed upon well in advance and then reused, it makes the protocol more practical.
If $(p, q, g)$ can be reused, is this true for ElGamal in general?
