Secure group communications using key graphs
Top Cited Papers
- 1 February 2000
- journal article
- Published by Institute of Electrical and Electronics Engineers (IEEE) in IEEE/ACM Transactions on Networking
- Vol. 8 (1), 16-30
- https://doi.org/10.1109/90.836475
Abstract
Many emerging network applications are based upon a group communications model. As a result, securing group communications, i.e., providing confidentiality, authenticity, and integrity of messages delivered between group members, will become a critical networking issue. We present, in this paper, a novel solution to the scalability problem of group/multicast key management. We formalize the notion of a secure group as a triple (U,K,R) where U denotes a set of users, K a set of keys held by the users, and R a user-key relation. We then introduce key graphs to specify secure groups. For a special class of key graphs, we present three strategies for securely distributing rekey messages after a join/leave and specify protocols for joining and leaving a secure group. The rekeying strategies and join/leave protocols are implemented in a prototype key server we have built. We present measurement results from experiments and discuss performance comparisons. We show that our group key management service, using any of the three rekeying strategies, is scalable to large groups with frequent joins and leaves. In particular, the average measured processing time per join/leave increases linearly with the logarithm of group size.Keywords
This publication has 14 references indexed in Scilit:
- How To Broadcast A SecretPublished by Springer Science and Business Media LLC ,2007
- Proxy-based authorization and accounting for distributed systemsPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2002
- Designing a distributed authorization servicePublished by Institute of Electrical and Electronics Engineers (IEEE) ,2002
- Improving Internet multicast with routing labelsPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2002
- Authenticated key distribution and secure broadcast using no conventional encryption: a unified approach based on block codesPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2002
- IolusACM SIGCOMM Computer Communication Review, 1997
- Enclaves: enabling secure collaboration over the InternetIEEE Journal on Selected Areas in Communications, 1997
- The KryptoKnight family of light-weight protocols for authentication and key distributionIEEE/ACM Transactions on Networking, 1995
- Secure broadcasting using the secure lockIEEE Transactions on Software Engineering, 1989
- Multicast routing in internetworks and extended LANsPublished by Association for Computing Machinery (ACM) ,1988