On Self-Healing Key Distribution Schemes

Self-healing key distribution schemes allow group managers to broadcast session keys to large and dynamic groups of users over unreliable channels. Roughly speaking, even if during a certain session some broadcast messages are lost due to network faults, the self-healing property of the scheme enables each group member to recover the key from the broadcast messages he has received before and after that session. Such schemes are quite suitable in supporting secure communication in wireless networks and mobile wireless ad-hoc networks. Recent papers have focused on self-healing key distribution, and have provided definitions, stated in terms of the entropy function, and some constructions. The contribution of this paper is the following: We analyze current definitions of self-healing key distribution and, for two of them, we show that no protocol can achieve the definition. We show that a lower bound on the size of the broadcast message, previously derived, does not hold. We propose a new definition of self-healing key distribution, and we show that it can be achieved by concrete schemes. We give some lower bounds on the resources required for implementing such schemes, i.e., user memory storage and communication complexity. We prove that the bounds are tight

[1]  Dawn Xiaodong Song,et al.  ELK, a new protocol for efficient large-group key distribution , 2001, Proceedings 2001 IEEE Symposium on Security and Privacy. S&P 2001.

[2]  Moni Naor,et al.  Digital signets: self-enforcing protection of digital information (preliminary version) , 1996, STOC '96.

[3]  Ran Canetti,et al.  Efficient Communication-Storage Tradeoffs for Multicast Encryption , 1999, EUROCRYPT.

[4]  Carlo Blundo,et al.  Space Requirements for Broadcast Encryption , 1994, EUROCRYPT.

[5]  Reihaneh Safavi-Naini,et al.  A Group Key Distribution Scheme with Decentralised User Join , 2002, SCN.

[6]  Donald W. Davies,et al.  Advances in Cryptology — EUROCRYPT ’91 , 2001, Lecture Notes in Computer Science.

[7]  Jessica Staddon,et al.  Sliding-window self-healing key distribution , 2003, SSRS '03.

[8]  Douglas R. Stinson,et al.  Key Preassigned Traceability Schemes for Broadcast Encryption , 1998, Selected Areas in Cryptography.

[9]  Reihaneh Safavi-Naini,et al.  Sequential Traitor Tracing , 2000, CRYPTO.

[10]  Douglas R. Stinson,et al.  Some New Results on Key Distribution Patterns and Broadcast Encryption , 1998, Des. Codes Cryptogr..

[11]  Alfredo De Santis,et al.  On the Size of Shares for Secret Sharing Schemes , 1991, CRYPTO.

[12]  Douglas R. Stinson,et al.  Generalized Beimel-Chor Schemes for Broadcast Encryption and Interactive Key Distribution , 1998, Theor. Comput. Sci..

[13]  Aggelos Kiayias,et al.  Traitor Tracing with Constant Transmission Rate , 2002, EUROCRYPT.

[14]  G. R. Blakley,et al.  Safeguarding cryptographic keys , 1899, 1979 International Workshop on Managing Requirements Knowledge (MARK).

[15]  Amos Fiat,et al.  Tracing traitors , 2000, IEEE Trans. Inf. Theory.

[16]  Jessica Staddon,et al.  Efficient Methods for Integrating Traceability and Broadcast Encryption , 1999, CRYPTO.

[17]  Sushil Jajodia,et al.  Adding Reliable and Self-healing Key Distribution to the Subset Difference Group Rekeying Method for Secure Multicast , 2003, Networked Group Communication.

[18]  Amos Fiat,et al.  Dynamic Traitor Tracing , 2001, Journal of Cryptology.

[19]  Adi Shamir,et al.  The LSD Broadcast Encryption Scheme , 2002, CRYPTO.

[20]  Reihaneh Safavi-Naini,et al.  A Secure Re-keying Scheme with Key Recovery Property , 2002, ACISP.

[21]  Amit Sahai,et al.  Coding Constructions for Blacklisting Problems without Computational Assumptions , 1999, CRYPTO.

[22]  Douglas R. Stinson,et al.  An explication of secret sharing schemes , 1992, Des. Codes Cryptogr..

[23]  Douglas R. Stinson,et al.  On Some Methods for Unconditionally Secure Key Distribution and Broadcast Encryption , 1997, Des. Codes Cryptogr..

[24]  Douglas R. Stinson,et al.  Fault Tolerant and DistributedBroadcast Encryption , 2003, CT-RSA.

[25]  Alfredo De Santis,et al.  On the size of shares for secret sharing schemes , 1991, Journal of Cryptology.

[26]  Miodrag J. Mihaljevic Key Management Schemes for Stateless Receivers Based on Time Varying Heterogeneous Logical Key Hierarchy , 2003, ASIACRYPT.

[27]  Eric J. Harder,et al.  Key Management for Multicast: Issues and Architectures , 1999, RFC.

[28]  Moni Naor,et al.  Revocation and Tracing Schemes for Stateless Receivers , 2001, CRYPTO.

[29]  Tsutomu Matsumoto,et al.  A Quick Group Key Distribution Scheme with "Entity Revocation" , 1999, ASIACRYPT.

[30]  Aggelos Kiayias,et al.  Self Protecting Pirates and Black-Box Traitor Tracing , 2001, CRYPTO.

[31]  Douglas R. Stinson,et al.  An Application of Ramp Schemes to Broadcast Encryption , 1999, Inf. Process. Lett..

[32]  Thomas M. Cover,et al.  Elements of Information Theory , 2005 .

[33]  Avishai Wool,et al.  Long-Lived Broadcast Encryption , 2000, CRYPTO.

[34]  Moti Yung,et al.  Perfectly Secure Key Distribution for Dynamic Conferences , 1998, Inf. Comput..

[35]  Jessica Staddon,et al.  Combinatorial properties of frameproof and traceability codes , 2001, IEEE Trans. Inf. Theory.

[36]  Shimshon Berkovits,et al.  How To Broadcast A Secret , 1991, EUROCRYPT.

[37]  Jessica Staddon,et al.  Combinatorial Bounds for Broadcast Encryption , 1998, EUROCRYPT.

[38]  Moni Naor,et al.  Multicast security: a taxonomy and some efficient constructions , 1999, IEEE INFOCOM '99. Conference on Computer Communications. Proceedings. Eighteenth Annual Joint Conference of the IEEE Computer and Communications Societies. The Future is Now (Cat. No.99CH36320).

[39]  Reihaneh Safavi-Naini,et al.  New constructions for multicast re-keying schemes using perfect hash families , 2000, CCS.

[40]  Matthew K. Franklin,et al.  Self-healing key distribution with revocation , 2002, Proceedings 2002 IEEE Symposium on Security and Privacy.

[41]  Donggang Liu,et al.  Efficient self-healing group key distribution with revocation capability , 2003, CCS '03.

[42]  Alfredo De Santis,et al.  Design of Self-Healing Key Distribution Schemes , 2004, Des. Codes Cryptogr..

[43]  Axthonv G. Oettinger,et al.  IEEE Transactions on Information Theory , 1998 .

[44]  Birgit Pfitzmann,et al.  Trials of Traced Traitors , 1996, Information Hiding.

[45]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[46]  Dalit Naor,et al.  Broadcast Encryption , 1993, Encyclopedia of Cryptography and Security.

[47]  Douglas R. Stinson,et al.  Combinatorial Properties and Constructions of Traceability Schemes and Frameproof Codes , 1998, SIAM J. Discret. Math..

[48]  Douglas R. Stinson,et al.  Advances in Cryptology — CRYPTO’ 93 , 2001, Lecture Notes in Computer Science.

[49]  Benny Pinkas,et al.  Traitor Tracing , 2005, Encyclopedia of Cryptography and Security.