A survey of key management for secure group communication

Group communication can benefit from IP multicast to achieve scalable exchange of messages. However, there is a challenge of effectively controlling access to the transmitted data. IP multicast by itself does not provide any mechanisms for preventing nongroup members to have access to the group communication. Although encryption can be used to protect messages exchanged among group members, distributing the cryptographic keys becomes an issue. Researchers have proposed several different approaches to group key management. These approaches can be divided into three main classes: centralized group key management protocols, decentralized architectures and distributed key management protocols. The three classes are described here and an insight given to their features and goals. The area of group key management is then surveyed and proposed solutions are classified according to those characteristics.

[1]  Hugh Harney,et al.  Group Key Management Protocol (GKMP) Architecture , 1997, RFC.

[2]  Yvo Desmedt,et al.  A Secure and Efficient Conference Key Distribution System (Extended Abstract) , 1994, EUROCRYPT.

[3]  Colin Boyd,et al.  On Key Agreement and Conference Key Agreement , 1997, ACISP.

[4]  David L. Mills,et al.  Network Time Protocol (Version 3) Specification, Implementation , 1992 .

[5]  Gene Tsudik,et al.  Diffie-Hellman key distribution extended to group communication , 1996, CCS '96.

[6]  Moni Naor,et al.  Multicast security: a taxonomy and some efficient constructions , 1999, IEEE INFOCOM '99. Conference on Computer Communications. Proceedings. Eighteenth Annual Joint Conference of the IEEE Computer and Communications Societies. The Future is Now (Cat. No.99CH36320).

[7]  Hugh Harney,et al.  Group Key Management Protocol (GKMP) Specification , 1997, RFC.

[8]  Refik Molva,et al.  Scalable multicast security in dynamic groups , 1999, CCS '99.

[9]  Ronald L. Rivest,et al.  The MD5 Message-Digest Algorithm , 1992, RFC.

[10]  Bob Briscoe,et al.  MARKS: Zero Side Effect Multicast Key Management Using Arbitrarily Revealed Key Sequences , 1999, Networked Group Communication.

[11]  Nathalie Weiler,et al.  The VersaKey framework: versatile group key management , 1999, IEEE J. Sel. Areas Commun..

[12]  Adrian Perrig,et al.  Efficient Collaborative Key Management Protocols for Secure Autonomous Group Communication , 1999 .

[13]  L. Dondeti,et al.  A Distributed Group Key Management Scheme for Secure Many-to-many Communication , 1999 .

[14]  Brad Cain,et al.  Internet Group Management Protocol, Version 3 , 2002, RFC.

[15]  Dilip D. Kandlur,et al.  Key management for secure lnternet multicast using Boolean function minimization techniques , 1999, IEEE INFOCOM '99. Conference on Computer Communications. Proceedings. Eighteenth Annual Joint Conference of the IEEE Computer and Communications Societies. The Future is Now (Cat. No.99CH36320).

[16]  共立出版株式会社 コンピュータ・サイエンス : ACM computing surveys , 1978 .

[17]  Sushil Jajodia,et al.  Kronos: a scalable group re-keying approach for secure multicast , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[18]  Danny Dolev,et al.  Optimized Group Rekey for Group Communications Systems , 1999 .

[19]  Tony Ballardie,et al.  Scalable Multicast Key Distribution , 1996, RFC.

[20]  Matthew J. Moyer,et al.  A survey of security issues in multicast communications , 1999, IEEE Network.

[21]  Bruce Schneier,et al.  Applied cryptography (2nd ed.): protocols, algorithms, and source code in C , 1995 .

[22]  David Hutchison,et al.  EHBT: An Efficient Protocol for Group Key Management , 2001, Networked Group Communication.

[23]  Jon Crowcroft,et al.  Multicast-specific security threats and counter-measures , 1995, Proceedings of the Symposium on Network and Distributed System Security.

[24]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[25]  David Meyer,et al.  Administratively Scoped IP Multicast , 1998, RFC.

[26]  Stephen E. Deering,et al.  Host extensions for IP multicasting , 1986, RFC.

[27]  Ran Canetti,et al.  Efficient Communication-Storage Tradeoffs for Multicast Encryption , 1999, EUROCRYPT.

[28]  David Hutchison,et al.  Hydra: a decentralised group key management , 2002, Proceedings. Eleventh IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises.

[29]  Ashok Samal,et al.  Scalable secure one-to-many group communication using dual encryption , 2000, Comput. Commun..

[30]  Mohamed G. Gouda,et al.  Secure group communications using key graphs , 2000, TNET.

[31]  Mohamed G. Gouda,et al.  Secure group communications using key graphs , 1998, SIGCOMM '98.

[32]  Silvio Micali,et al.  How to construct random functions , 1986, JACM.

[33]  Danny Dolev,et al.  Optimized Rekey for Group Communication Systems , 2000, NDSS.

[34]  Ingo Wegener,et al.  The complexity of Boolean functions , 1987 .

[35]  William C. Fenner Internet Group Management Protocol, Version 2 , 1997, RFC.

[36]  Atul Prakash,et al.  Antigone: A Flexible Framework for Secure Group Communication , 1999, USENIX Security Symposium.

[37]  David L. Mills,et al.  Network Time Protocol (Version 3) Specification, Implementation and Analysis , 1992, RFC.

[38]  Suvo Mittra,et al.  Iolus: a framework for scalable secure multicasting , 1997, SIGCOMM '97.

[39]  Eric J. Harder,et al.  Key Management for Multicast: Issues and Architectures , 1999, RFC.

[40]  Dawn Xiaodong Song,et al.  ELK, a new protocol for efficient large-group key distribution , 2001, Proceedings 2001 IEEE Symposium on Security and Privacy. S&P 2001.

[41]  Uta Wille,et al.  Communication complexity of group key distribution , 1998, CCS '98.

[42]  Nathalie Weiler,et al.  Semsomm-a scalable multiple encryption scheme for one-to-many multicast , 2001, Proceedings Tenth IEEE International Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises. WET ICE 2001.

[43]  Alan T. Sherman,et al.  Key Establishment in Large Dynamic Groups Using One-Way Function Trees , 2003, IEEE Trans. Software Eng..

[44]  T. Hardjono,et al.  Secure group communications for wireless networks , 2001, 2001 MILCOM Proceedings Communications for Network-Centric Operations: Creating the Information Force (Cat. No.01CH37277).

[45]  Gene Tsudik,et al.  Simple and fault-tolerant key agreement for dynamic collaborative groups , 2000, CCS.

[46]  Gene Tsudik,et al.  IP multicast security: Issues and directions , 2000, Ann. des Télécommunications.

[47]  Bob Briscoe MARKS: Multicast Key Management using Arbitrarily Revealed Key Sequences , 1999 .