Key Management for Secure Multicast Communications (original) (raw)
Related papers
Key management for secure multicast communication: A survey
2013 National Security Days (JNS3), 2013
Providing key management schemes for large scale multicast groups has become an important problem due to many potential commercial applications such as stock quote and software distribution on the Internet. For secure multicast communication, all the group members have to share a common session key.
Multicast Security Using Key Graphs and Secret Sharing
Networks - The Proceedings of the Joint International Conference on Wireless LANs and Home Networks (ICWLHN 2002) and Networking (ICN 2002), 2002
Multicast communication is increasingly used in applications where the volume of network traffic needs to be minimized. Security of the packets delivered from a source to a large group of receivers presents one of the most challenging research problems for the network architecture. A majority of the proposals for scalable secure multicasting makes use of hierarchical key distribution trees. The Centralized Tree-Based Key Management scheme assigns a unique key to each of the nodes in a member's path to the root. The group key is used by a central server to encrypt multicast data until a member joins or leaves the group. For multicast applications such as pay-per-view where the content has very high value, the group key may need to change frequently. In this paper, we introduce a new approach based on secret sharing in which the server assigns unique secret shares to the nodes in the distribution tree. Our proposal is a prepositioned shared secret scheme that allows the reconstruction of different keys by communicating different activating shares for the same prepositioned information, i.e., the shares stored at the key nodes in the tree. icn2002.doc submitted to World Scientific : 5/31/2002 : 11:09 AM 2/14 • securely rekeying the members when a member leaves the group (forward access control), • minimizing the storage, communication and computation requirements of the participants.
Asymptotically Optimal Tree-based Group Key Management Schemes
Computing Research Repository, 2005
In key management schemes that realize secure multicast communications encrypted by group keys on a public network, tree structures are often used to update the group keys efficiently. Selcuk and Sidhu have proposed an efficient scheme which updates dynamically the tree structures based on the withdrawal probabilities of members. In this paper, it is shown that Sel cuk-Sidhu scheme is
Efficient Group Key Management Schemes for Multicast Dynamic Communication Systems
eprint.iacr.org
Key management in multicast dynamic groups, where users can leave or join at their ease is one of the most crucial and essential part of secure communication. Various efficient management strategies have been proposed during last decade that aim to decrease encryption costs and transmission overheads. In this report, two different types of key management schemes are proposed. First proposed scheme is based on One-way function tree (OFT).
Efficient Key Generation for Multicast Groups Based on Secret Sharing
International Journal of Engineering Research and Applications, 2010
Secure multicast represents the core component of many web and multimedia applications such as payTV, telecon-ferencing, real-time distribution of stock market price and etc. The main challenges for secure multicast is scalability, efficiency and authenticity. In this project, we propose a scalable, efficient, authenticated group key agreement scheme for large and dynamic multicast systems. The proposed key agreement scheme is identity-based which uses the bilinear map over the elliptic curves. Compared with the previously published schemes, our scheme provides group member authenticity without imposing extra mechanism. Furthermore, we give a scalability solution based on the subgroups, which has advantages over the existing schemes. Security analysis shows that our scheme satisfies both forward secrecy and backward secrecy.
Towards scalable key management for secure multicast communication
Information Technology And Control, 2012
Secure multicast communication allows a sender to deliver encrypted messages to a group of authorized receivers. A practical approach is that the sender uses a common key shared by the authorized receivers to encrypt the transmitted messages. The common key must be renewed to ensure forward/backward secrecy when group members leave/join the group, called the rekeying process. Thus, the rekeying problem is a critical issue for secure multicast communication. Many key management schemes have been proposed to improve the performance of the rekeying process. In 2010, Lin et al. proposed two key management schemes without the rekeying process. However, the transmission size required in their schemes increases linearly with the number of group members. In this article, we use the time-bound concept to propose two new key management schemes without the rekeying process. The point is that the required transmission size is constant. Performance analysis is given to demonstrate that our schemes have better performance as compared with the recently proposed key management schemes in terms of transmission size and computational cost. Under several security assumptions, we prove that the proposed schemes satisfy the requirements of secure multicast communication.
An information theoretic analysis of rooted-tree based secure multicast key distribution schemes
1999
Several variations of rooted tree based solutions have been recently proposed for member revocation in multicast communications . In this paper, we show that by assigning probabilities for member revocations, the optimality, correctness, and the system requirements of some of these schemes can be systematically studied using information theoretic concepts. Specifically, we show that the optimal average number of keys per member in a rooted tree is related to the entropy of the member revocation event. Using our derivations we show that (a) the key assignments in correspond to the maximum entropy solution, (b) and direct application of source coding will lead to member collusion (we present recently proposed solutions as examples of this) and a general criteria that admits member collusion. We also show the relationship between entropy of member revocation event and key length.
Fuel and Energy Abstracts
The Extended Euclidean algorithm provides a fast solution to the problem of finding the greatest common divisor of two numbers. In this paper, we present three applications of the algorithm to the security and privacy field. The first one allows one to privately distribute a secret to a set of recipients with only one multicast communication. It can be used for rekeying purposes in a Secure Multicast scenario. The second one is an authentication mechanism to be used in environments in which a public-key infrastructure is not available. Finally, the third application of the Extended Euclidean algorithm is a zeroknowledge proof that reduces the number of messages between the two parts involved, with the aid of a central server. 3043 therefore being able to cope with smaller audiences than their distributed alternatives. On the other hand, key management is more complex in a distributed approach, usually involving entities that act as local subservers and manage subgroups of users, and requiring full or partial data re-encryption in some cases. Given that the scheme proposed in this paper belongs to the first kind, the following paragraphs review some well known centralized previous solutions.
Key management for restricted multicast using broadcast encryption
IEEE/ACM Transactions on Networking, 2000
The problem we address is how to communicate securely with a set of users (the target set) over an insecure broadcast channel. This problem occurs in two application domains: satellite/cable pay TV and the Internet MBone. In these systems, the parameters of major concern are the number of key transmissions and the number of keys held by each receiver. In the Internet domain, previous schemes suggest building a separate key tree for each multicast program, thus incurring a setup cost of at least log per program for target sets of size . In the pay-TV domain, a single key structure is used for all programs, but known theoretical bounds show that either very long transmissions are required, or that each receiver needs to keep prohibitively many keys.
Efficient Secure Multicast with Well-Populated Multicast Key Trees
2004
Secure group communications is the basis for many recent multimedia and web technologies. In order to maintain secure and efficient communications within a dynamic group, it is essential that the generation and management of group key(s) be secure and efficient with realtime response. Typically, a logical key hierarchy is used for distribution of group keys to users so that whenever users leave or join the group, new keys are generated and distributed using the key hierarchy. In this paper, we propose Well-Populated Multicast Key Tree (WPMKT), a new efficient technique to handle group dynamics in the key tree and maintain the tree balanced with minimal cost. In WPKT, sub-trees are swapped in a way that keeps the key tree balanced and well populated. At the same time, rekeying overhead due to reorganization is kept at a minimum. Another advantage of WPKT is that rebalancing has no effect on the internal key structure of the swapped sub-trees Results from simulation studies show that under random user deletion, our approach achieves one order of magnitude in overhead less than existing approaches. Under clustered sequential user deletion, our approach achieves almost a linear growth with tree size under individual rebalancing. For periodic rebalancing, we achieved almost half the overhead introduced by other approaches.