Scalable secure group communication over IP multicast
- 10 December 2002
- journal article
- Published by Institute of Electrical and Electronics Engineers (IEEE) in IEEE Journal on Selected Areas in Communications
- Vol. 20 (8), 1511-1527
- https://doi.org/10.1109/jsac.2002.803986
Abstract
We introduce and analyze a scalable rekeying scheme for implementing secure group communications Internet protocol multicast. We show that our scheme incurs constant processing, message, and storage overhead for a rekey operation when a single member joins or leaves the group, and logarithmic overhead for bulk simultaneous changes to the group membership. These bounds hold even when group dynamics are not known a priori. Our rekeying algorithm requires a particular clustering of the members of the secure multicast group. We describe a protocol to achieve such clustering and show that it is feasible to efficiently cluster members over realistic Internet-like topologies. We evaluate the overhead of our own rekeying scheme and also of previously published schemes via simulation over an Internet topology map containing over 280 000 routers. Through analysis and detailed simulations, we show that this rekeying scheme performs better than previous schemes for a single change to group membership. Further, for bulk group changes, our algorithm outperforms all previously known schemes by several orders of magnitude in terms of actual bandwidth usage, processing costs, and storage requirements.Keywords
This publication has 17 references indexed in Scilit:
- Improving Internet multicast with routing labelsPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2002
- Heuristics for Internet map discoveryPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2002
- Revocation and Tracing Schemes for Stateless ReceiversLecture Notes in Computer Science, 2001
- Fault isolation in multicast treesPublished by Association for Computing Machinery (ACM) ,2000
- MARKS: Zero Side Effect Multicast Key Management Using Arbitrarily Revealed Key SequencesLecture Notes in Computer Science, 1999
- CrowdsACM Transactions on Information and System Security, 1998
- Protocol Independent Multicast-Sparse Mode (PIM-SM): Protocol SpecificationPublished by RFC Editor ,1998
- IolusPublished by Association for Computing Machinery (ACM) ,1997
- Group Key Management Protocol (GKMP) ArchitecturePublished by RFC Editor ,1997
- Core based trees (CBT)Published by Association for Computing Machinery (ACM) ,1993