Key Bundels and Parcels: Secure Communication in Many Groups

We consider a system where each user is in one or more elementary groups. In this system, arbitrary groups of users can be specified using the operations of union, intersection, and complement over the elementary groups in the system. Each elementary group in the system is provided with a security key that is known only to the users in the elementary group and to the system server. Thus, for any user u to securely multicast a data item d to every user in an arbitrary group G, u first forwards d to the system server which encrypts it using the keys of the elementary groups that comprise G before multicasting the encrypted d to every user in G. Every elementary group is also provided with a key tree to ensure that the cost of changing the key of the elementary group, when a user leaves the group, is small. We describe two methods for packing the key trees of elementary groups into key bundles and into key parcels. Packing into key bundles has the advantage of reducing the number of encryptions needed to multicast a data item to the complement of an elementary group. Packing into key parcels has the advantage of reducing the total number of keys in the system. We apply these two methods to a class of synthetic systems: each system has 10000 users and 500 elementary groups, and each user is in 2 elementary groups on average. Simulations of these systems show that our proposals to pack key trees into key bundles and key parcels live up to their promises.

[1]  Gene Tsudik,et al.  Key Agreement in Dynamic Peer Groups , 2000, IEEE Trans. Parallel Distributed Syst..

[2]  Danny Dolev,et al.  The architecture and performance of security protocols in the ensemble group communication system: Using diamonds to guard the castle. , 2001 .

[3]  Li Gong,et al.  Multicast security and its extension to a mobile environment , 1995, Wirel. Networks.

[4]  Moni Naor,et al.  Revocation and Tracing Schemes for Stateless Receivers , 2001, CRYPTO.

[5]  Nathalie Weiler,et al.  The VersaKey framework: versatile group key management , 1999, IEEE J. Sel. Areas Commun..

[6]  Li Gong,et al.  Enclaves: Enabling Secure Collaboration Over the Internet , 1996, IEEE J. Sel. Areas Commun..

[7]  Qingyu Zhang,et al.  On rekey policies for secure group applications , 2003, Proceedings. 12th International Conference on Computer Communications and Networks (IEEE Cat. No.03EX712).

[8]  Sushil Jajodia,et al.  Kronos: a scalable group re-keying approach for secure multicast , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[9]  Danny Dolev,et al.  Optimized Group Rekey for Group Communications Systems , 1999 .

[10]  Tony Ballardie,et al.  Scalable Multicast Key Distribution , 1996, RFC.

[11]  Chin-Tser Huang,et al.  Key trees and the security of interval multicast , 2002, Proceedings 22nd International Conference on Distributed Computing Systems.

[12]  Michael T. Goodrich,et al.  Efficient Tree-Based Revocation in Groups of Low-State Devices , 2004, CRYPTO.

[13]  David K. Y. Yau,et al.  Distributed collaborative key agreement protocols for dynamic peer groups , 2002, 10th IEEE International Conference on Network Protocols, 2002. Proceedings..

[14]  Xiaozhou Li,et al.  Reliable group rekeying: a performance analysis , 2001, SIGCOMM '01.

[15]  Xiaozhou Li,et al.  Batch rekeying for secure group communications , 2001, WWW '01.

[16]  Dilip D. Kandlur,et al.  Key management for secure lnternet multicast using Boolean function minimization techniques , 1999, IEEE INFOCOM '99. Conference on Computer Communications. Proceedings. Eighteenth Annual Joint Conference of the IEEE Computer and Communications Societies. The Future is Now (Cat. No.99CH36320).

[17]  Suvo Mittra,et al.  Iolus: a framework for scalable secure multicasting , 1997, SIGCOMM '97.

[18]  Sandeep S. Kulkarni,et al.  Reducing the cost of the critical path in secure multicast for dynamic groups , 2002, Proceedings 22nd International Conference on Distributed Computing Systems Workshops.

[19]  George Varghese,et al.  A lower bound for multicast key distribution , 2001, Proceedings IEEE INFOCOM 2001. Conference on Computer Communications. Twentieth Annual Joint Conference of the IEEE Computer and Communications Society (Cat. No.01CH37213).

[20]  Eric J. Harder,et al.  Key Management for Multicast: Issues and Architectures , 1999, RFC.

[21]  Mohamed G. Gouda,et al.  Secure group communications using key graphs , 1998, SIGCOMM '98.