Minimizing center key storage in hybrid one-way function based group key management with communication constraints

We study the problem of designing a storage efficient secure multicast key management scheme based on one-way function trees (OFT) for a prespecified key update communication overhead. Canetti, Malkin and Nissim presented a hybrid model that divides a group of N members into clusters of M members and assigns each cluster to one leaf node of a key, tree. Using the model, we formulate a constrained optimization problem to minimize the center storage in terms of the cluster size M. Due to the monotonicity of the center storage with respect to M, we convert the constrained optimization into a fixed point equation and derive the optimal M* explicitly. We show that the asymptotic value of the optimal M*, given as µ + a-1/logea loge µ with µ = O(log N) and a being the degree of a key tree, leads to the mini real storage as O (N/logN), when the update communication constraint is given as O(log N). We present an explicit design algorithm that achieves minimal center storage for a given update communication constraint.

[1]  Wei-Chi Ku,et al.  An Improved Key Management Scheme for Large Dynamic Groups Using One-Way Function Trees , 2003, ICPP Workshops.

[2]  Ran Canetti,et al.  Efficient Communication-Storage Tradeoffs for Multicast Encryption , 1999, EUROCRYPT.

[3]  Moni Naor,et al.  Multicast security: a taxonomy and some efficient constructions , 1999, IEEE INFOCOM '99. Conference on Computer Communications. Proceedings. Eighteenth Annual Joint Conference of the IEEE Computer and Communications Societies. The Future is Now (Cat. No.99CH36320).

[4]  George Varghese,et al.  A lower bound for multicast key distribution , 2001, Proceedings IEEE INFOCOM 2001. Conference on Computer Communications. Twentieth Annual Joint Conference of the IEEE Computer and Communications Society (Cat. No.01CH37213).

[5]  Eric J. Harder,et al.  Key Management for Multicast: Issues and Architectures , 1999, RFC.

[6]  Aggelos Kiayias,et al.  Traceable Signatures , 2004, EUROCRYPT.

[7]  Mohamed G. Gouda,et al.  Secure group communications using key graphs , 2000, TNET.

[8]  Alan T. Sherman,et al.  Key Establishment in Large Dynamic Groups Using One-Way Function Trees , 2003, IEEE Trans. Software Eng..

[9]  Patrick Lambrix,et al.  A hybrid key tree scheme for multicast to balance security and efficiency requirements , 2003, WET ICE 2003. Proceedings. Twelfth IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises, 2003..

[10]  Abdelmadjid Bouabdallah,et al.  A Hybrid Approach to Group Key Management , 2002 .

[11]  Alan T. Sherman,et al.  Key Management for Large Dynamic Groups: One-Way Function Trees and Amortized Initialization , 2000 .

[12]  Gwoboa Horng,et al.  Cryptanalysis of a Key Management Scheme for Secure Multicast Communications , 2002 .