Many emerging applications are based on group communication model and many group communications like multimedia distribution and military applications require a security infrastructure that provides multiple levels of access control for group members. The group members are divided into a number of subgroups and placed at different privilege levels based on certain criteria. A member at higher level must be capable of accessing communication in its own level as well as its descendant lower levels but not vice versa. In this paper we propose a key management scheme for this multilayer group communication. We achieve substantial reduction in storage and encryption cost compared to the scheme proposed by Dexter et al. We also address periodic group rekeying. Applications like scientific discussion and project management may lead to a scenario in which it is necessary to set up multiple secure groups simultaneously, and few members may be part of several secure groups. Managing group keys for simultaneous secure groups is critical. In this paper we propose a novel key management scheme for multiple simultaneous groups. 1. Introduction Many emerging applications like secure audio and visual broadcasts, pay-per-view, scientific discussion, and teleconferencing are based on group communication model. Several users participate in these applications, and multicast communication is an efficient means of distributing data to a large group of participants [1–3] since it reduces the demands on network and bandwidth resources. But, the communication among these participants must be carried out confidentially. Thus, a common key known as group key or secret key must be established with all the users in the group, so that any group member can encrypt the message using this key, and all others can decrypt the message using the same key. The group, being dynamic in nature, allows member join and leave events. Efficiently managing group key for large, dynamically changing groups is a difficult problem. Every time when a new member joins the group, the group key must be changed in order to provide backward access control (i.e., new members should not be able to access past communication). Similarly, when a user leaves the group, the group key must be changed so that leaving member cannot have access to future communication that takes place between remaining group members, known as forward access control. This group key updating process is referred to as rekeying. Rekeying process involves changing the group key whenever there is a membership change and distributing it among
References
[1]
L. R. Dondeti, S. Mukherjee, and A. Samal, “Survey and comparison of secure group communciation protocols,” Tech. Rep., University of Nebraska-Lincoln, 1999.
[2]
T. Hardjono and G. Tsudik, “IP multicast security: issues and directions,” Annales De Taleum, vol. 55, no. 7, pp. 324–340, 2000.
[3]
M. J. Moyer, J. R. Rao, and P. Rohatgi, “A Survey of security issues in multicast communications,” IEEE Network, vol. 13, no. 6, pp. 12–23, 1999.
[4]
Y. Amir, Y. Kim, C. Nita-Rotaru, J. L. Schultz, J. Stanton, and G. Tsudik, “Secure group communication using robust contributory key agreement,” IEEE Transactions on Parallel and Distributed Systems, vol. 15, no. 5, pp. 468–480, 2004.
[5]
Y. Amir, C. Danilov, M. Miskin-Amir, J. Schultz, and J. Stanton, “The spread toolkit: architecture and performance,” Tech. Rep. CNDS-2004-1, Johns Hopkins University, 2004.
[6]
M. Waldvogel, G. Caronni, D. Sun, N. Weiler, and B. Plattner, “The versakey framework: versatile group key management,” IEEE Journal on Selected Areas in Communications, vol. 17, no. 9, pp. 1614–1631, 1999.
[7]
C. K. Wong, M. Gouda, and S. S. Lam, “Secure group communications using key graphs,” IEEE/ACM Transactions on Networking, vol. 8, no. 1, pp. 16–30, 2000.
[8]
C. K. Wong, S. S. Lam, and Keystone, “A group key management service,” in Proceedings of International Conference on Telecommunications, Acapulco, Mexico, May 2000.
[9]
D. A. McGrew and A. T. Sherman, “Key establishment in large dynamic groups using one-way function trees,” IEEE Transactions on Software Engineering, vol. 29, no. 5, pp. 444–458, 2003.
[10]
S. Rafaeli and D. Hutchison, “A survey of key management for secure group communication,” ACM Computing Surveys, vol. 35, no. 3, pp. 309–329, 2003.
[11]
C. Blundo, A. de Santis, A. Herzberg, S. Kutten, U. Vaccaro, and M. Yung, “Perfectly secure key distribution for dynamic conferences,” in Advances in Cryptology-CRYPTO'92, vol. 740 of Lecture Notes in Computer Science, pp. 471–486, 1993.
[12]
S. M. Iolus, “A framework for scalable secure multicasting,” in Proceedings of the ACM SIGCOMM, vol. 27, pp. 277–288, ACM, NewYork, NY, USA, September 1997.
[13]
A. Fiat and M. Naor, “Broadcast encryption,” in Proceedings of 13th Annual International Cryptology Conference (CRYPTO '93), D. R. Stinson, Ed., pp. 480–491, August 1993.
[14]
A. T. Sherman and D. A. McGrew, “Key establishment in large dynamic groups using one-way function trees,” IEEE Transactions on Software Engineering, vol. 29, no. 5, pp. 444–458, 2003.
[15]
D. Wallner, E. Harder, and R. Agee, “Key Management for Multicast: Issues and Architectures,” Request For Comments (Informational) 2627, Internet Engineering Task Force, June 1999.
[16]
A. M. Eskicioglu and M. R. Eskicioglu, “Multicast security using key graphs and secret sharing,” in Proceedings of the Joint International Conference on Wireless LANS and Home Networks and Networking, pp. 228–241, Atlanta, Ga, USA, August 2002.
[17]
A. M. Eskicioglu, S. Dexter, and E. J. Delp, “Protection of multicast scalable video by secret sharing: simulation results,” in Security and Watermarking of Multimedia Content V, Proceedings of SPIE, Santa Clara, Calif, USA, January 2003.
[18]
H. R. Hassan, A. Bouabdallah, H. Bettahar, and Y. Challal, “An efficient key management algorithm for hierarchical group communication,” in Proceedings of the 1st International Conference on Security and Privacy for Emerging Areas in Communications Networks (SECURECOMM '05), pp. 270–276, grc, September 2005.
[19]
Y. Sun and K. J. R. Liu, “Scalable hierarchical access control in secure group communications,” in Proceedings of 23rd Annual Joint Conference of the IEEE Computer and Communication Societies (INFOCOM '04), March 2004.
[20]
Y. Sun and K. J. R. Liu, “Multi-layer key management for secure multimedia multicast communications,” in Proceedings of International Conference on Multimedia and Expo (ICME '03), July 2003.
[21]
S. Dexter, R. Belostotskiy, and A. M. Eskicioglu, “Multi-layer multicast key management with threshold cryptography,” in Proceedings of the Security, Steganography and Watermarking of Multimedia Content VI, San Jose, Calif, USA, January 2004.
[22]
R. Aparna and B. B. Amberker, “Key management scheme for multi-layer secure group communication,” in Proceedings of the 1st International Conference on Communication Systems and Networks (COMSNETS '09), January 2009.
[23]
R. Aparna and B. B. Amberker, “Key management scheme for multiple simultaneous secure group communication,” in Proceedings of the IEEE International Conference on Internet Multimedia Services Architecture and Applications (IMSAA '09), December 2009.
