Performance optimizations for group key management schemes

Recently, many group key management approaches based on the use of logical key trees have been proposed to address the issue of scalable group rekeying that is needed to support secure communications for large and dynamic groups. In this paper, we present two optimizations for logical key tree organizations that utilize information about the characteristics of group members to further reduce the overhead of group rekeying. First, we propose a partitioned key tree organization that exploits the temporal patterns of group member joins and departures to reduce the overhead of rekeying. Using an analytic model, we show that our optimization can achieve up to 31.4% reduction in key server bandwidth overhead over the unoptimized scheme. Second, we propose an approach under which the key tree is organized based on the loss probabilities of group members. Our analysis shows this optimization can reduce the rekeying overhead by up to 12.1%.

[1]  Bobby Bhattacharjee,et al.  Scalable secure group communication over IP multicast , 2001, Proceedings Ninth International Conference on Network Protocols. ICNP 2001.

[2]  Moni Naor,et al.  Multicast security: a taxonomy and some efficient constructions , 1999, IEEE INFOCOM '99. Conference on Computer Communications. Proceedings. Eighteenth Annual Joint Conference of the IEEE Computer and Communications Societies. The Future is Now (Cat. No.99CH36320).

[3]  Dilip D. Kandlur,et al.  Key management for secure lnternet multicast using Boolean function minimization techniques , 1999, IEEE INFOCOM '99. Conference on Computer Communications. Proceedings. Eighteenth Annual Joint Conference of the IEEE Computer and Communications Societies. The Future is Now (Cat. No.99CH36320).

[4]  Yang Richard Yang,et al.  Reliable group rekeying: a performance analysis , 2001, SIGCOMM 2001.

[5]  Alan T. Sherman,et al.  Key Management for Large Dynamic Groups: One-Way Function Trees and Amortized Initialization , 2000 .

[6]  Sushil Jajodia,et al.  A comparative performance analysis of reliable group rekey transport protocols for secure multicast , 2002, Perform. Evaluation.

[7]  Miki Yamamoto,et al.  Layered Multicast Group Construction for Reliable Multicast Communications , 1999, Networked Group Communication.

[8]  M. Handley An Examination of MBone Performance , 1997 .

[9]  Christopher McCubbin,et al.  Probabilistic Optimization of LKH-based Multicast Key Distribution Schemes , 2001 .

[10]  Moni Naor,et al.  Revocation and Tracing Schemes for Stateless Receivers , 2001, CRYPTO.

[11]  K. C. Almeroth,et al.  Multicast group behavior in the Internet's multicast backbone (MBone) , 1997 .

[12]  Mohamed G. Gouda,et al.  Secure group communications using key graphs , 1998, SIGCOMM '98.

[13]  Pankaj Rohatgi,et al.  Maintaining Balanced Key Trees for Secure Multicast , 1999 .

[14]  Sushil Jajodia,et al.  Kronos: a scalable group re-keying approach for secure multicast , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[15]  Donald F. Towsley,et al.  A Comparison of Sender-Initiated and Receiver-Initiated Reliable Multicast Protocols , 1997, IEEE J. Sel. Areas Commun..

[16]  Eric J. Harder,et al.  Key Management for Multicast: Issues and Architectures , 1999, RFC.

[17]  Dawn Xiaodong Song,et al.  ELK, a new protocol for efficient large-group key distribution , 2001, Proceedings 2001 IEEE Symposium on Security and Privacy. S&P 2001.