Scalable key management for secure group communications

This dissertation presents a series of techniques that enable scalable group key management in large and dynamic groups with unreliable channels. These techniques can be deployed to support secure group communications in either wired networks or wireless networks. Although scalable group key management has been extensively studied, the issue of reliable key distribution was often overlooked. Without efficient reliability mechanisms, a group key manager could be easily overwhelmed by retransmission requests from group members which have experienced high packet losses. To address the above issue, this dissertation proposes a novel reliable key distribution protocol called Weighted Key Assignment and Batched Key Retransmission (WKA-BKR). Unlike the previous schemes which give every keying message equal redundancy for distribution, WKA-BKR exploits the notion that some keys are more important than others because they are needed by more members; as such, those more important keys receive higher degree of replication. We show through analysis and simulation that WKA-BKR outperforms the previous schemes over a wide range of settings. This dissertation also proposes two optimization techniques that reduce the communication cost of keytree-based group rekeying schemes. These techniques exploit the characteristics of group members such as membership duration and packet loss rate in organizing key trees. In addition, it includes an efficient construction that adds the self-healing property to a group rekeying scheme. The self-healing property allows a group member to recover a certain number of missing group keys on its own without asking a key server for retransmission, thus preventing the key server from becoming a performance bottleneck. This dissertation further proposes two efficient group key management protocols, one for ad hoc networks and the other for sensor networks. Ad hoc and sensor networks are wireless networks consisting of devices that are highly constrained in energy, bandwidth and computational capability. Since most of the prior group key management schemes were designed for multicast communications over IP, they cannot be directly employed for ad hoc and sensor networks. By exploiting the special properties of ad hoc and sensor networks that a node in these networks is both a member and a router, our protocols are significantly more efficient than the schemes adopted from those proposed for wired networks.