De-centralized Multicast Key Management Scheme

Abstract 】This paper presents a new de-centralized multicast key management scheme. The main idea is introduced and its advantages anddisadvantages are analyzed. The scheme is scalable, re-key cost effective. When data is transmitted among different subgroups, the problem of lowefficiency in data transmission caused by multiple encryptions/decryptions in existing de-centralized schemes is solved. Also the forward/backwardsecrecy is guaranteed. 【 Key words 】Multicast; Key management; Re-key; De-centralized 组播的应用越来越广泛,安全的组播通信逐渐成为当前的研究热点,而组播密钥管理是安全组播必须要解决的重要问题。在组播通信中,组成员关系是动态变化的,可以不受约束的加入/离开组播组。为保证组播安全,在成员加入/离开时要及时更新组密钥,以取得组播组前向/后向访问控制安全。当组播组较大,组成员变动频繁时,密钥更新量也很大,会导致系统效率降低,因此,大型组播组的密钥管理方案要具备可扩展性。 目前组播密钥管理的解决方案大体上可以分为集中式管理、分布式管理及分层分组式管理。分层分组式管理方式集中了前两种方式的优点,是一种可扩展性较好的组播密钥管理方式,但已有的解决方案并不成熟,存在数据传输代价较高、前向/后向安全较差等问题。 本文提出了一种新的分层分组式的组播密钥管理方案。首先在组成员中构造一棵核心树,核心树上的核心节点共享数据加密密钥。核心节点与所在区域的其它成员构成子树,共享子树密钥。当子树成员发生变动时,只需子树密钥更新,对其它子树没有影响,降低了密钥更新代价;当组播组成员较多时,采用批量更新密钥方式,进一步降低密钥更新代价,同时保证了前向/后向安全。数据在不同子组间传输时,只需核心节点进行一次加密/解密操作即可,大大降低了数据传输的代价。

[1]  Xiaozhou Li,et al.  Batch rekeying for secure group communications , 2001, WWW '01.

[2]  Eric J. Harder,et al.  Key Management for Multicast: Issues and Architectures , 1999, RFC.

[3]  Mohamed G. Gouda,et al.  Secure group communications using key graphs , 1998, SIGCOMM '98.

[4]  Hwa-Chun Lin,et al.  VTDM-a dynamic multicast routing algorithm , 1998, Proceedings. IEEE INFOCOM '98, the Conference on Computer Communications. Seventeenth Annual Joint Conference of the IEEE Computer and Communications Societies. Gateway to the 21st Century (Cat. No.98.

[5]  Suvo Mittra,et al.  Iolus: a framework for scalable secure multicasting , 1997, SIGCOMM '97.

[6]  Lionel M. Ni,et al.  Towards solving multicast key management problem , 1999, Proceedings Eight International Conference on Computer Communications and Networks (Cat. No.99EX370).

[7]  Sushil Jajodia,et al.  Kronos: a scalable group re-keying approach for secure multicast , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[8]  V. Jacobson,et al.  Congestion avoidance and control , 1988, CCRV.