Abstract
We consider a system where each user is in one or more elementary groups. In this system, arbitrary groups of users can be specified using the operations of union, intersection, and complement over the elementary groups in the system. Each elementary group in the system is provided with a security key that is known only to the users in the elementary group and to the system server. Thus, for any user u to securely multicast a data item d to every user in an arbitrary group G, u first forwards d to the system server which encrypts it using the keys of the elementary groups that comprise G before multicasting the encrypted d to every user in G. Every elementary group is also provided with a key tree to ensure that the cost of changing the key of the elementary group, when a user leaves the group, is small. We describe two methods for packing the key trees of elementary groups into key bundles and into key parcels. Packing into key bundles has the advantage of reducing the number of encryptions needed to multicast a data item to the complement of an elementary group. Packing into key parcels has the advantage of reducing the total number of keys in the system. We apply these two methods to a class of synthetic systems: each system has 10000 users and 500 elementary groups, and each user is in 2 elementary groups on average. Simulations of these systems show that our proposals to pack key trees into key bundles and key parcels live up to their promises.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Gong, L.: Enclaves: Enabling secure collaboration over the internet. IEEE Journal of Selected Areas in Communications 15, 567–575 (1997)
Mittra, S.: Iolus: a framework for scalable secure multicasting. In: The Proceedings of the ACM SIGCOMM 1997, pp. 277–288. ACM Press, New York (1997)
Wallner, D.M., Harder, E.J., Agee, R.C.: Key management for multicast: Issues and architectures. RFC 2627 (1999)
Wong, C.K., Gouda, M., Lam, S.S.: Secure group communications using key graphs. IEEE/ACM Transactions on Networking (TON) 8, 16–30 (2000)
Steiner, M., Tsudik, G., Waidner, M.: Key agreement in dynamic peer groups. IEEE Transactions on Parallel and Distributed Systems 11, 769–780 (2000)
Gong, L., Shacham, N.: Multicast security and its extension to a mobile environment. Wireless Networks 1, 281–295 (1995)
Ballardie, A.: Scalable multicast key distribution. RFC 1949 (1996)
Chang, I., Engel, R., Kandlur, D.D., Pendarakis, D.E., Saha, D.: Key management for secure internet multicast using boolean function minimization techniques. In: The Proceedings of IEEE Infocom 1999, vol. 2, pp. 689–698 (1999)
Naor, D., Naor, M., Lotspiech, J.: Revocation and tracing schemes for stateless receivers. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 41–62. Springer, Heidelberg (2001)
Rodeh, O., Birman, K., Dolev, D.: The architecture and performance of security protocols in the ensemble group communication system: Using diamonds to guard the castle. ACM Transactions on Information and System Security (TISSEC) 4, 289–319 (2001)
Setia, S., Koussih, S., Jajodia, S., Harder, E.: Kronos: A scalable group re-keying approach for secure multicast. In: The Proceedings of IEEE Symposium on Security and Privacy (2000)
Waldvogel, M., Caronni, G., Sun, D., Weiler, N., Plattner, B.: The versakey framework: Versatile group key management. IEEE Journal on Selected Areas in Communications 17, 1614–1631 (1999)
Gouda, M.G., Huang, C.T., Elnozahy, E.: Key trees and the security of the interval multicast. In: The Proceedings of the 22nd International Conference on Distributed Computing Systems, pp. 467–468 (2002)
Li, X.S., Yang, Y.R., Gouda, M.G., Lam, S.S.: Batch rekeying for secure group communications. In: The Proceedings of the 10th international World Wide Web conference on World Wide Web, pp. 525–534. ACM Press, New York (2001)
Yang, Y.R., Li, X.S., Zhang, X.B., Lam, S.S.: Reliable group rekeying: a performance analysis. In: The Proceedings of the 2001 conference on applications, technologies, architectures, and protocols for computer communications, pp. 27–38. ACM Press, New York (2001)
Snoeyink, J., Suri, S., Varghese, G.: A lower bound for multicast key distribution. In: The Proceedings of IEEE Infocom 2001, pp. 667–675 (2001)
Jung, E., Liu, X.Y.A., Gouda, M.G.: Key bundles and parcels: Secure communication in many groups. Technical Report TR-03-21, Dept. of Computer Sciences, The University of Texas at Austin (2003)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2003 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Jung, E., Liu, XY.A., Gouda, M.G. (2003). Key Bundles and Parcels: Secure Communication in Many Groups. In: Stiller, B., Carle, G., Karsten, M., Reichl, P. (eds) Group Communications and Charges. Technology and Business Models. NGC ICQT 2003 2003. Lecture Notes in Computer Science, vol 2816. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-39405-1_11
Download citation
DOI: https://doi.org/10.1007/978-3-540-39405-1_11
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-20051-2
Online ISBN: 978-3-540-39405-1
eBook Packages: Springer Book Archive