A Flexible Category-Based Collusion-Resistant Key Management Scheme for Multicast

  • Claudiu Duma
  • Nahid Shahmehri
  • Patrick Lambrix
Conference paper
Part of the IFIP — The International Federation for Information Processing book series (IFIPAICT, volume 122)


Current key management schemes for multicast provide either no resistance to collusion or perfect resistance to collusion. However, resistance to collusion is achieved at the expense of efficiency in terms of the number of transmissions and the number of keys that are used. We argue that applications may have certain assumptions regarding the users and their access to the multicast channel that may be used to provide a larger choice for balancing efficiency against resistance to collusion.

Starting from a user categorization, based on the accessibility to the multicast channel, we formalize the collusion requirement. Different user categorizations give different degrees of collusion resistance and we show that the existing work has focused on special cases of user categorizations. Further, we propose and evaluate a flexible key management strategy for the general case where the accessibility relation defines the order of exclusion of the categories. The theoretical and experimental results show that our scheme has good performance regarding transmissions and keys per controller.

Key words

multicast security key management collusion efficiency category-based 


  1. 1.
    R. Canetti, B. Pinkas, “A Taxonomy of Multicast Security Issues”, Internet Draft, 1998.Google Scholar
  2. 2.
    R. Canetti, T. Malkin, K. Nissim,“Eftïcient Communication-Storage Tradeoffs for Multicast Encryption”, Eurocrypt’99, 1999.Google Scholar
  3. 3.
    R. Canetti, J. Garey, G. Itkis, D. Micciancio, M. Naor, B. Pinkas, “Multicast security: A taxonomy and efficient constructions”, Infocom’99, March 1999.Google Scholar
  4. 4.
    I. Chang, R. Engel, D. Kandlur, D. Pendarakis, D. Saha, “Key Management for Secure Internet Multicast using Boolean Function Minimization Techniques”, IEEE Infocom’99, March 1999.Google Scholar
  5. 5.
    C. Duma, N. Shahmehri, P. Lambrix, “Efficient Storage Requirement for Category-Based Key Management for Multicast”, Internal Technical Report, Linköpings universitetet, Sweden, November 2002.Google Scholar
  6. 6.
    A. Fiat, M. Naor, “Broadcast encryption”, Crypto ‘82, Springer-Verlag LNCS 839, 1994, pp. 257–270.Google Scholar
  7. 7.
    L. Han, N. Shahmehri, “Secure Multicast Software Delivery”, 9 14 IEEE International Workshop on Enterprise Security (WET-ICE), June 2000.Google Scholar
  8. 8.
    L. Flan, Secure and Scalable E-Service Software Delivery, Licentiate Thesis No. 906, Linköpings universitetet, Sweden, September 2001.Google Scholar
  9. 9.
    H. Harney, C. Muckenhirn, “Group Key Management Protocol (GKMP)”, RFC 2093 and RFC 2094, July 1997.Google Scholar
  10. 10.
    M. Y. Li, R. Poovendran, C. Bernstain, “Optimisation of Key Storage for Secure Multicast”, Conference on Information Science and Systems 2001, March 2001.Google Scholar
  11. 11.
    D. A. McGrew, A. T. Sherman, “Key Establishment in Large Dynamic Groups Using One-Way Function Trees”, Technical Report No. 0755, TIS Labs at Network Associates, May 1998.Google Scholar
  12. 12.
    S. Mittra, “ lolus: A Framework for Scalable Secure Multicasting”, ACM SIGCOMM’97, 1997.Google Scholar
  13. 13.
    A. Peering, D. Song, J. D. Tyger, “ELK, a New Protocol for Efficient•Large-Group Key Distribution”, IEEE Security and Privacy Symposium 2001, May 2001.Google Scholar
  14. 14.
    S. Ratnasamy, S. McCanne, “Inference of Multicast Routing Trees and Bottleneck Bandwidths using End-to-End Measurements”, Infocom’99, March 1999.Google Scholar
  15. 15.
    M. Waldvogel, G. Caronni, D. Sun, N. Weiler, B Plattner, “The VersaKey Framework: Versatile Group Key Management”, IEEE Journal on Selected Areas in Communications, Vol. 17, No. 8, August 1999.Google Scholar
  16. 16.
    D. Wallner, E. Harder, R. Agee, “Key Management for Multicast: Issues and Architectures”, RFC 2627, June 1999.Google Scholar
  17. 17.
    C. K. Wong, M. Gouda, S. S. Lam, “Secure Group Communications Using Key Graphs, ACM SIGCOMM’98, 1998.Google Scholar
  18. 18.
    Y. R. Yang, S. S. Lam, “A Secure Group Key Management Protocol Communication Lower Bound”, The University of Texas at Austin, Department of Computer Sciences, Technical Report TR-00–24, September 2000.Google Scholar

Copyright information

© IFIP International Federation for Information Processing 2003

Authors and Affiliations

  • Claudiu Duma
    • 1
  • Nahid Shahmehri
    • 1
  • Patrick Lambrix
    • 1
  1. 1.Department of Computer and Information ScienceLinköpings universitetetSweden

Personalised recommendations