A Scalable and Reliable Key Distribution Protocol for Multicast Group Rekeying

Scalable group rekeying is one of the important problems that needs to be addressed in order to support secure communications for large and dynamic groups. One of the challenging issues that arises in scalable group rekeying is the problem of delivering the updated keys to the members of the group in a reliable and timely manner. In this paper, we present a new scalable and reliable key distribution protocol for group key management schemes that use logical key hierarchies for scalable group rekeying. Our protocol, called WKA-BKR, is based upon two key ideas, weighted key assignment and batched key retransmission, both of which exploit the special properties of logical key hierarchies to reduce the overhead and increase the reliability of the key delivery protocol. We have evaluated the performance of our approach using detailed simulations. Our results show that for most network loss scenarios, the bandwidth used by our protocol is lower than that of previously proposed key delivery protocols.

[1]  Sushil Jajodia,et al.  Kronos: a scalable group re-keying approach for secure multicast , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[2]  Don Towsley,et al.  Packet loss correlation in the MBone multicast network , 1996, Proceedings of GLOBECOM'96. 1996 IEEE Global Telecommunications Conference.

[3]  David R. Cheriton,et al.  Evaluating the utility of FEC with reliable multicast , 1999, Proceedings. Seventh International Conference on Network Protocols.

[4]  Bobby Bhattacharjee,et al.  Scalable secure group communication over IP multicast , 2001, Proceedings Ninth International Conference on Network Protocols. ICNP 2001.

[5]  ZHANGLi-xia,et al.  A reliable multicast framework for light-weight sessions and application level framing , 1995 .

[6]  Don Towsley,et al.  Real-Time Reliable Multicast Using Proactive Forward Error Correction TITLE2: , 1998 .

[7]  Don Towsley,et al.  Parity-based loss recovery for reliable multicast transmission , 1998, SIGCOMM '97.

[8]  J. J. Garcia-Luna-Aceves,et al.  KHIP—a scalable protocol for secure multicast routing , 1999, SIGCOMM '99.

[9]  Mohamed G. Gouda,et al.  Secure group communications using key graphs , 1998, SIGCOMM '98.

[10]  Eric J. Harder,et al.  Key Management for Multicast: Issues and Architectures , 1999, RFC.

[11]  Suvo Mittra,et al.  Iolus: a framework for scalable secure multicasting , 1997, SIGCOMM '97.

[12]  K. J. Ray Liu,et al.  Key distribution for secure multimedia multicasts via data embedding , 2001, 2001 IEEE International Conference on Acoustics, Speech, and Signal Processing. Proceedings (Cat. No.01CH37221).

[13]  Donald F. Towsley,et al.  A comparison of sender-initiated and receiver-initiated reliable multicast protocols , 1994, IEEE J. Sel. Areas Commun..

[14]  Ran Canetti,et al.  Efficient and Secure Source Authentication for Multicast , 2001, NDSS.

[15]  Li Gong,et al.  Elements of trusted multicasting , 1994, Proceedings of ICNP - 1994 International Conference on Network Protocols.

[16]  Yang Richard Yang,et al.  Protocol design for scalable and reliable group rekeying , 2001, TNET.

[17]  Gene Tsudik,et al.  CLIQUES: a new approach to group key agreement , 1998, Proceedings. 18th International Conference on Distributed Computing Systems (Cat. No.98CB36183).

[18]  Moni Naor,et al.  Multicast security: a taxonomy and some efficient constructions , 1999, IEEE INFOCOM '99. Conference on Computer Communications. Proceedings. Eighteenth Annual Joint Conference of the IEEE Computer and Communications Societies. The Future is Now (Cat. No.99CH36320).

[19]  M. Handley An Examination of MBone Performance , 1997 .

[20]  Jon Crowcroft,et al.  Multicast-specific security threats and counter-measures , 1995, Proceedings of the Symposium on Network and Distributed System Security.

[21]  Dawn Xiaodong Song,et al.  ELK, a new protocol for efficient large-group key distribution , 2001, Proceedings 2001 IEEE Symposium on Security and Privacy. S&P 2001.

[22]  Nathalie Weiler,et al.  The VersaKey framework: versatile group key management , 1999, IEEE J. Sel. Areas Commun..

[23]  Steven McCanne,et al.  A reliable multicast framework for light-weight sessions and application level framing , 1995, SIGCOMM '95.

[24]  Xiaozhou Li,et al.  Batch rekeying for secure group communications , 2001, WWW '01.

[25]  Dilip D. Kandlur,et al.  Key management for secure lnternet multicast using Boolean function minimization techniques , 1999, IEEE INFOCOM '99. Conference on Computer Communications. Proceedings. Eighteenth Annual Joint Conference of the IEEE Computer and Communications Societies. The Future is Now (Cat. No.99CH36320).

[26]  Alan T. Sherman,et al.  Key Management for Large Dynamic Groups: One-Way Function Trees and Amortized Initialization , 2000 .

[27]  Hugh Harney,et al.  Group Key Management Protocol (GKMP) Architecture , 1997, RFC.

[28]  Ashok Samal,et al.  A dual encryption protocol for scalable secure multicasting , 1999, Proceedings IEEE International Symposium on Computers and Communications (Cat. No.PR00250).

[29]  Thomas Hardjono,et al.  A Framework for Group Key Management for Multicast Security , 2000 .

[30]  Mohamed G. Gouda,et al.  Secure group communications using key graphs , 2000, TNET.

[31]  Sanjoy Paul,et al.  RMTP: a reliable multicast transport protocol , 1996, Proceedings of IEEE INFOCOM '96. Conference on Computer Communications.

[32]  Bob Briscoe,et al.  MARKS: Zero Side Effect Multicast Key Management Using Arbitrarily Revealed Key Sequences , 1999, Networked Group Communication.

[33]  Gene Tsudik,et al.  IP multicast security: Issues and directions , 2000, Ann. des Télécommunications.