The VersaKey framework: versatile group key management

Middleware supporting secure applications in a distributed environment faces several challenges. Scalable security in the context of multicasting or broadcasting is especially hard when privacy and authenticity is to be assured to highly dynamic groups where the application allows participants to join and leave at any time. Unicast security is well-known and has widely advanced into production state. But proposals for multicast security solutions that have been published so far are complex, often require trust in network components, or are inefficient. In this paper, we propose a framework of new approaches for achieving scalable security in IP multicasting. Our solutions assure that newly joining members are not able to understand past group traffic and that leaving members may not follow future communication. For versatility, our framework supports a range of closely related schemes for key management, ranging from tightly centralized to fully distributed, and even allows switching between these schemes on-the-fly with low overhead. Operations have low complexity [O(log N) for joins or leaves], thus granting scalability even for very large groups. We also present a novel concurrency-enabling scheme, which was devised for fully distributed key management. In this paper, we discuss the requirements for secure multicasting, present our flexible system, and evaluate its properties based on the existing prototype implementation.

[1]  Mark Handley,et al.  Network text editor (NTE): A scalable shared text editor for the MBone , 1997, SIGCOMM '97.

[2]  Gene Tsudik,et al.  Cliques: a protocol suite for key agreement in dynamic groups , 1997 .

[3]  Hugh Harney,et al.  Group Key Management Protocol (GKMP) Specification , 1997, RFC.

[4]  Ashar Aziz,et al.  SKIP-securing the Internet , 1996, Proceedings of WET ICE '96. IEEE 5th Workshop on Enabling Technologies; Infrastucture for Collaborative Enterprises.

[5]  Ran Canetti,et al.  A taxonomy of multicast security issues (temporary version) , 1998 .

[6]  Hideki Imai,et al.  On the Key Predistribution System: A Practical Solution to the Key Distribution Problem , 1987, CRYPTO.

[7]  Ronald Cramer,et al.  A secure and optimally efficient multi-authority election scheme , 1997, Eur. Trans. Telecommun..

[8]  Nathalie Weiler,et al.  WaveVideo – An integrated approach to adaptive wireless video , 1999, Mob. Networks Appl..

[9]  Hilarie K. Orman,et al.  The OAKLEY Key Determination Protocol , 1997, RFC.

[10]  Andrew S. Grimshaw,et al.  The Legion vision of a worldwide virtual computer , 1997, Commun. ACM.

[11]  Mohamed G. Gouda,et al.  Secure group communications using key graphs , 2000, TNET.

[12]  ZHANGLi-xia,et al.  A reliable multicast framework for light-weight sessions and application level framing , 1995 .

[13]  Angelo R. Bobak Distributed and multi-database systems , 1993 .

[14]  W. Douglas Maughan,et al.  Internet Security Association and Key Management Protocol (ISAKMP) , 1998, RFC.

[15]  Germano Caronni Dynamic security in communication systems , 1999 .

[16]  염흥렬,et al.  [서평]「Applied Cryptography」 , 1997 .

[17]  Steven McCanne,et al.  A reliable multicast framework for light-weight sessions and application level framing , 1995, SIGCOMM '95.

[18]  Hugo Krawczyk,et al.  A Security Architecture for the Internet Protocol , 1999, IBM Syst. J..

[19]  Deborah Estrin,et al.  RSVP: a new resource ReSerVation Protocol , 1993 .

[20]  Dan Harkins,et al.  The Internet Key Exchange (IKE) , 1998, RFC.

[21]  Hugh Harney,et al.  Group Key Management Protocol (GKMP) Architecture , 1997, RFC.

[22]  Suvo Mittra,et al.  Iolus: a framework for scalable secure multicasting , 1997, SIGCOMM '97.

[23]  Kang G. Shin,et al.  Adaptive packet marking for providing differentiated services in the Internet , 1998, Proceedings Sixth International Conference on Network Protocols (Cat. No.98TB100256).

[24]  Mohamed G. Gouda,et al.  Secure group communications using key graphs , 1998, SIGCOMM '98.

[25]  Michael R. Macedonia,et al.  MBone provides audio and video across the Internet , 1994, Computer.

[26]  D. Estrin,et al.  RSVP: a new resource reservation protocol , 1993, IEEE Communications Magazine.

[27]  R CheritonDavid,et al.  Multicast routing in datagram internetworks and extended LANs , 1990 .

[28]  Bernhard Plattner,et al.  Efficient security for large and dynamic multicast groups , 1998, Proceedings Seventh IEEE International Workshop on Enabling Technologies: Infrastucture for Collaborative Enterprises (WET ICE '98) (Cat. No.98TB100253).

[29]  Yvo Desmedt,et al.  Efficient and Secure Conference-Key Distribution , 1996, Security Protocols Workshop.

[30]  Steven McCanne,et al.  A Distributed Whiteboard for Network Conferencing , 1992 .

[31]  Stephen E. Deering,et al.  Multicast routing in datagram internetworks and extended LANs , 1990, TOCS.

[32]  Nathalie Weiler,et al.  The VersaKey framework: versatile group key management , 1999, IEEE J. Sel. Areas Commun..

[33]  Randall J. Atkinson,et al.  Security Architecture for the Internet Protocol , 1995, RFC.

[34]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[35]  Tony Ballardie,et al.  Scalable Multicast Key Distribution , 1996, RFC.

[36]  Wen-Tsuen Chen,et al.  Secure Broadcasting Using the Secure Lock , 1989, IEEE Trans. Software Eng..

[37]  Stephen E. Deering,et al.  Distance Vector Multicast Routing Protocol , 1988, RFC.

[38]  Eric J. Harder,et al.  Key Management for Multicast: Issues and Architectures , 1999, RFC.