Key Management for Multicast: Issues and Architectures

Wallner, D.; Harder, Eric J.; Agee, R.

doi:10.17487/rfc2627

Cited by 801 publications

(707 citation statements)

References 6 publications

Supporting

Mentioning

681

Contrasting

Unclassified

Order By: Relevance

“…The ability to handle member revocation is modelled by allowing the adversary to corrupt members and obtain their secret keys. This formalization is general and captures the security notions of many multicast schemes such as those LKH schemes [3,4] which are based on symmetric key cryptography. However we note that in all the construction we introduce later, the secret keys of the revoked members constitute the actual encryption key.…”

Section: Notion Of Securitymentioning

confidence: 99%

How to Construct Multicast Cryptosystems Provably Secure Against Adaptive Chosen Ciphertext Attack

Duan

Canny

2006

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Abstract. In this paper we present a general framework for constructing efficient multicast cryptosystems with provable security and show that a line of previous work on multicast encryption are all special cases of this general approach. We provide new methods for building such cryptosystems with various levels of security (e.g., IND-CPA, IND-CCA2). The results we obtained enable the construction of a whole class of new multicast schemes with guaranteed security using a broader range of common primitives such as OAEP. Moreover, we show that multicast cryptosystems with high level of security (e.g. IND-CCA2) can be based upon public key cryptosystems with weaker (e.g. CPA) security as long as the decryption can be securely and efficiently "shared". Our constructions feature truly constant-size decryption keys whereas the lengths of both the encryption key and ciphertext are independent of group size.

show abstract

Section: Notion Of Securitymentioning

confidence: 99%

How to Construct Multicast Cryptosystems Provably Secure Against Adaptive Chosen Ciphertext Attack

Duan

Canny

2006

Lecture Notes in Computer Science

View full text Add to dashboard Cite

show abstract

“…al. [27], which have each led to several derivative works. In the framework laid out above, both these works take a similar approach: They take a universe of an exponential (in n) number of decryption devices, and distribute them according to some scheme to the users.…”

Section: Introductionmentioning

confidence: 99%

“…As one might imagine, when given such a large number of decryption devices, it is quite simple to design distribution schemes which achieve the goals stated above. Indeed, [27] uses a simple balanced binary tree based scheme. By using such a large number of decryption keys, both [13] and [27] are in fact able to achieve stronger properties, for example the scheme of [27] can allow the number of excluded users k to be arbitrary, rather than fixed in advance.…”

Section: Introductionmentioning

confidence: 99%

Coding Constructions for Blacklisting Problems without Computational Assumptions

Kumar

Rajagopalan

Sahai³

1999

Advances in Cryptology — CRYPTO’ 99

127

View full text Add to dashboard Cite

Abstract. We consider the broadcast exclusion problem: how to transmit a message over a broadcast channel shared by N = 2 n users so that all but some specified coalition of k excluded users can understand the contents of the message. Using error-correcting codes, and avoiding any computational assumptions in our constructions, we construct natural schemes that completely avoid any dependence on n in the transmission overhead. Specifically, we construct: (i) (for illustrative purposes,) a randomized scheme where the server's storage is exponential (in n), but the transmission overhead is O(k), and each user's storage is O(kn); (ii) a scheme based on polynomials where the transmission overhead is O(kn) and each user's storage is O(kn); and (iii) a scheme using algebraic-geometric codes where the transmission overhead is O(k 2 ) and each user is required to store O(kn) keys. In the process of proving these results, we show how to construct very good cover-free set systems and combinatorial designs based on algebraic-geometric codes, which may be of independent interest and application. Our approach also naturally extends to solve the problem in the case where the broadcast channel may introduce errors or lose information.

show abstract

“…SIM-KM [6] is an efficient key management scheme to distribute and change keys as required [16] for secure group communication. While we provide a description of SIM-KM to show how asymmetric keys are used for multicast data protection the proposed authentication scheme may be used with any asymmetric multicast data protection scheme to provide multicast group authentication.…”

Section: Sim-kmmentioning

confidence: 99%

“…While we provide a description of SIM-KM to show how asymmetric keys are used for multicast data protection the proposed authentication scheme may be used with any asymmetric multicast data protection scheme to provide multicast group authentication. SIM-KM uses proxy encryptions [16] to split the multicast distribution tree into subgroups when needed. A re-key message combines the subgroups to form a single distribution tree.…”

Section: Sim-kmmentioning

confidence: 99%

Multicast Group Authentication

Mukherjee¹,

Atwood²

IFIP — The International Federation for Information Processing

View full text Add to dashboard Cite

Abstract.Multicast is an attractive mechanism for delivering data to multiple receivers over the Internet as it saves bandwidth. However the delivery of copyrighted data over the Internet requires it to be encrypted to render the data useless for eavesdroppers or illegal users. Authentication is necessary to ensure that the received packet is sent by the actual sender. Message integrity is necessary to ensure that the packet was not changed by an attacker while in transit. The network must be able to perform these tasks even if packets are dropped, rearranged, changed or injected into the stream. This paper presents an efficient scheme for multicast authentication and to check multicast message integrity when asymmetric keys are used to protect the data. The proposal is validated using SPIN, which uses PROMELA to design the validation model.

show abstract

Key Management for Multicast: Issues and Architectures

Cited by 801 publications

References 6 publications

How to Construct Multicast Cryptosystems Provably Secure Against Adaptive Chosen Ciphertext Attack

How to Construct Multicast Cryptosystems Provably Secure Against Adaptive Chosen Ciphertext Attack

Coding Constructions for Blacklisting Problems without Computational Assumptions

Multicast Group Authentication

Contact Info

Product

Resources

About