Abstract
We focus on the problem of distributing key updates in secure dynamic groups. Due to changes in group membership, the group controller needs to change and distribute the keys used for ensuring encryption. However, in the current key management algorithms the group controller broadcasts these key updates even if only a subset of users need them. In this paper, we describe a key distribution algorithm for distributing keys to only those users who need them. Towards this end, we propose a descendent tracking scheme. Using our scheme, a node forwards an encrypted key update only if it believes that there are descendents who know the encrypting key. We also describe an identifier assignment algorithm which assigns closer logical identifiers to users who are physically close in the multicast tree. We show that our identifier assignment algorithm further improves the performance of our key distribution algorithm as well as that of a previous solution. Our simulation results show that a bandwidth reduction of upto 55% is achieved by our algorithms.
This work is partially sponsored by NSF CAREER 0092724, ONR grant N00014-01-1-0744, DARPA contract F33615-01-C-1901, and a grant from Michigan State University.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Wong, C.K., Gouda, M., Lam, S.S.: Secure group communications using key graphs. IEEE/ACM Transactions on Networking (2000)
Kulkarni, S.S., Bruhadeshwar, B.: Adaptive rekeying for secure multicast. IEEE/IEICE Special issue on Communications: Transactions on Communications E86-B(10), 2948–2956 (2003)
Wallner, D.M., Harder, E.J., Agee, R.C.: Key management for multicast: Issues and architectures. RFC 2627
McGrew, D., Sherman, A.: Key establishment in large dynamic groups using one-way function trees (Manuscript)
Harney, H., Muckenhirn, C.: Group key management protocol (GKMP) specification. In: RFC 2093 (July 1997)
Mittra, S.: Iolus: A framework for scalable secure multicasting. In: Proc. ACM SIGCOMM 1997, pp. 277–288 (1997)
Setia, S., Zhu, S., Jajodia, S.: A comparative performance analysis of reliable group rekey transport protocols for secure multicast. In: Performance Evaluation, special issue on the Proceedings of Performance 2002, Rome, Italy, vol. 49, pp. 21–41 (2002)
Yang, Y.R., Li, X.S., Zhang, X.B., Lam, S.S.: Reliable group rekeying: A performance analysis. In: Proceedings ACM SIGCOMM 2001, San Diego (August 2001)
Ballardie, A.J., Francis, P.F., Crowcroft, J.: Core based trees. In: Proceedings of the ACM SIGCOMM (October 1993)
Pusateri, T.: Distance vector multicast routing protocol. IETF Draft, update to RFC 1075, draft-ietf-idmr-dvmrp-v3-06.txt (June 1998)
Deering, S., et al.: Protocol independent multicast, sparse mode protocol: Specification. IETF Draft, work in progress (1995)
Deering, S., et al.: Protocol independent multicast (pim), dense mode protocol: Specification. IETF Draft, work in progress (1995)
Chu, Y.-H., Rao, S.G., Seshan, S., Zhang, H.: A case for end system multicast. IEEE Journal on Selected Areas in Communications 20(8), 1456–1471 (2002)
Zhang, B., Jamin, S., Zhang, L.: Host multicast: A framework for delivering multicast to end users. IEEE INFOCOM (March 2000)
Liebeherr, J., Nahas, M., Si, W.: Application-layer multicasting with delaunay triangulation overlays. IEEE Journal on Selected Areas in Communications 20(8), 1472–1488 (2002)
Di Pietro, Mancini, L.V., Law, Y.W., Etalle, S., Havinga, P.J.M.: Lkhw: A directed diffusion-based secure multicast scheme for wireless sensor networks. In: 32nd Int. Conf. on Parallel Processing Workshops (ICPP), October 2003, pp. 397–406 (2003)
Fenner, B., Casner, S.: A traceroute facility for ip multicast. Internet Draft (July 2000)
Ns. ucb/lbnl/vint network simulator - ns (version 2), http://www-mash.cs.berkeley.edu/ns
Gouda, M.G., Huang, C.-T., Elnozahy, E.N.: Key trees and the security of interval multicast. In: 22nd International Conference on Distributed Systems, pp. 467–468 (2002)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2004 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Kulkarni, S.S., Bruhadeshwar, B. (2004). Distributing Key Updates in Secure Dynamic Groups. In: Ghosh, R.K., Mohanty, H. (eds) Distributed Computing and Internet Technology. ICDCIT 2004. Lecture Notes in Computer Science, vol 3347. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-30555-2_48
Download citation
DOI: https://doi.org/10.1007/978-3-540-30555-2_48
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-24075-4
Online ISBN: 978-3-540-30555-2
eBook Packages: Computer ScienceComputer Science (R0)