An efficient structure for LKH key tree on secure multicast communications

In order to communicate in cipher over IP multi-cast, each of joining and leaving participants causes renewing keys. Moreover, the number of renewed keys depends on the key management system. LKH, one of the key management systems, uses a tree structure to manage keys to share with participants. Every node of the tree is given a key, and each leaf of the tree is corresponding to a participant. If all members are handled equally, by using a balanced binary tree, the average number of renewed keys per join and leave is estimated at ⌈log2 n ⌉, where n denotes the number of participants. In this study, we introduce a scenario that the key management system can distinguish between inconstant members and stable members, instead of handling members equally. Under this scenario, our system improves the number of renewing keys efficiently by considering another tree structure against the balanced binary tree structure.

[1]  Hugh Harney,et al.  Group Key Management Protocol (GKMP) Architecture , 1997, RFC.

[2]  Xiulin Hu,et al.  A Survey of Group Key Management , 2008, 2008 International Conference on Computer Science and Software Engineering.

[3]  Stephen E. Deering,et al.  Host extensions for IP multicasting , 1986, RFC.

[4]  David Pisinger A Minimal Algorithm for the Bounded Knapsack Problem , 1995, IPCO.

[5]  David A. Huffman,et al.  A method for the construction of minimum-redundancy codes , 1952, Proceedings of the IRE.

[6]  W. Douglas Maughan,et al.  Internet Security Association and Key Management Protocol (ISAKMP) , 1998, RFC.

[7]  Mohamed G. Gouda,et al.  Secure group communications using key graphs , 1998, SIGCOMM '98.

[8]  T. Sakamoto,et al.  Group key rekeying using the LKH technique and the Huffman algorithm , 2008, 2008 International Symposium on Information Theory and Its Applications.

[9]  Francisco Rico-Novella,et al.  Balanced batch LKH: new proposal, implementation and performance evaluation , 2003, Proceedings of the Eighth IEEE Symposium on Computers and Communications. ISCC 2003.

[10]  Tony Ballardie,et al.  Scalable Multicast Key Distribution , 1996, RFC.

[11]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[12]  Charlie Kaufman,et al.  Internet Key Exchange (IKEv2) Protocol , 2005, RFC.

[13]  Avishai Wool,et al.  Key management for restricted multicast using broadcast encryption , 2000, TNET.

[14]  David Meyer,et al.  IANA Guidelines for IPv4 Multicast Address Assignments , 2001, RFC.

[15]  Xiaozhou Li,et al.  Batch rekeying for secure group communications , 2001, WWW '01.

[16]  Stephen T. Kent,et al.  IP Authentication Header , 1995, RFC.

[17]  Ran Canetti,et al.  Multicast Security (MSEC) Group Key Management Architecture , 2005, RFC.

[18]  JongWon Kim,et al.  An efficient LKH tree balancing algorithm for group key management , 2006, IEEE Communications Letters.

[19]  Hugo Krawczyk,et al.  A Security Architecture for the Internet Protocol , 1999, IBM Syst. J..

[20]  Hilarie K. Orman,et al.  The OAKLEY Key Determination Protocol , 1997, RFC.

[21]  Eric J. Harder,et al.  Key Management for Multicast: Issues and Architectures , 1999, RFC.

[22]  Dan Harkins,et al.  The Internet Key Exchange (IKE) , 1998, RFC.

[23]  Mohamed G. Gouda,et al.  Secure group communications using key graphs , 2000, TNET.

[24]  Randall J. Atkinson,et al.  IP Encapsulating Security Payload (ESP) , 1995, RFC.

[25]  Brian Weis,et al.  The Multicast Group Security Architecture , 2004, RFC.

[26]  Hugh Harney,et al.  Group Key Management Protocol (GKMP) Specification , 1997, RFC.

[27]  Kuan-Ta Chen,et al.  An analysis of WoW players' game hours , 2008, NETGAMES.