Efficient private group communication over public networks
暂无分享,去创建一个
Private group communication is an essential requirement of many applications such as real-time stock quote distribution, secure multimedia conferencing, panel discussions and virtual private networks. We use encryption for privacy and multicasting for efficient group communication. Distribution of encryption keys to authorized members of a multicast group is the crux of the problem. Key distribution schemes must scale to groups of large sizes. When group membership changes, we need to change encryption keys and send them to current authorized members only. Efficient key distribution to a large and dynamic group is a formidable challenge. This dissertation provides a framework for private group Communication on on public networks.
Based on the number of senders, secure group communication can be classified as one-to-many, many-to-many and few-to-many communication. We propose three protocols for secure group communication, addressing each of these categories separately. We use distributed group management for efficient management of large and dynamic groups. Our protocols scale well to groups of large sizes. They distribute group management overhead evenly among all entities of a multicast group. We do not expose secret keys to third party entities in the public network. We prove the correctness of our protocols. We show that they are immune to collusions.
Simulation results further reinforce that our one-to-many and many-to-many protocols evenly distribute key management overhead among the entities of a multicast group. We select group membership traces of sizes varying from hundreds of members to thousands of members from past MBONE sessions for our simulations. The results show that our protocols scale well to large groups. As group size increases our protocols perform better than other solutions in the literature. Our simulation of existing many-to-many protocols demonstrate that our protocol evenly distributes overhead among all senders, unlike other contemporary solutions which tend to overload a small subset of senders.