Key management for secure lnternet multicast using Boolean function minimization techniques
- 1 January 1999
- conference paper
- Published by Institute of Electrical and Electronics Engineers (IEEE)
- Vol. 2 (0743166X), 689-698 vol.2
- https://doi.org/10.1109/infcom.1999.751455
Abstract
The Internet provides no support for privacy or authentication of multicast packets. However, an increasing number of applications require secure multicast services in order to restrict group membership and enforce accountability of group members. A major problem associated with the deployment of secure multicast delivery services is the scalability of the key distribution protocol. This is particularly true with regard to the handling of group membership changes, such as member departures and/or expulsions, which necessitate the distribution of a new session key to all the remaining group members. As the frequency of group membership changes increases, it becomes necessary to reduce the cost of key distribution operations. This paper explores the use of batching of group membership changes to reduce the frequency, and hence the cost, of key re-distribution operations. It focuses explicitly on the problem of cumulative member removal and presents an algorithm that minimizes the number of messages required to distribute new keys to the remaining group members. The algorithm is used in conjunction with a new multicast key management scheme which uses a set of auxiliary keys in order to improve scalability. In contrast to previous schemes which generate a fixed hierarchy of keys, the proposed scheme dynamically generates the most suitable key hierarchy by composing different keys. Our cumulative member removal algorithm uses Boolean function minimization techniques, and outperforms all other schemes known to us in terms of message complexity.Keywords
This publication has 6 references indexed in Scilit:
- An architecture for residential Internet telephony serviceIEEE Internet Computing, 1999
- Secure group communications using key graphsACM SIGCOMM Computer Communication Review, 1998
- Core based trees (CBT)Published by Association for Computing Machinery (ACM) ,1993
- Bounds on the average number of products in the minimum sum-of-products expressions for multiple-value input two-valued output functionsIEEE Transactions on Computers, 1991
- Minimization of Boolean Functions*Bell System Technical Journal, 1956
- The map method for synthesis of combinational logic circuitsTransactions of the American Institute of Electrical Engineers, Part I: Communication and Electronics, 1953