Adding Reliable and Self-healing Key Distribution to the Subset Difference Group Rekeying Method for Secure Multicast

  • Sencun Zhu
  • Sanjeev Setia
  • Sushil Jajodia
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2816)


We study two important issues related to the Subset Difference Rekeying (SDR) method [4]. First, we present a reliable key distribution scheme, called WFEC-BKR, that enables members to receive the current group key in a reliable and timely fashion inspite of packet losses in the network. Through simulation, we show that in most scenarios, WFEC-BKR outperforms previously proposed schemes for reliable rekey transport. Second, we present a group key recovery scheme that adds the self-healing property to SDR, i.e., our scheme enables a member that has missed up to a certain number m of previous rekey operations to recover the missing group keys without asking the key server for retransmission. The additional communication overhead imposed by our key recovery scheme is quite small (less than 3m additional keys).


Packet Loss Bandwidth Overhead Parity Packet Subset Cover Membership Duration 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Balenson, D., McGrew, D., Sherman, A.: Key Management for Large Dynamic Groups: One-Way Function Trees and Amortized Initialization. IETF Internet draft (August 2000) (work in progress)Google Scholar
  2. 2.
    Briscoe, B.: MARKS: Zero Side Effect Multicast Key Management Using Arbitrarily Revealed Key Sequences. In: Rizzo, L., Fdida, S. (eds.) NGC 1999. LNCS, vol. 1736, pp. 301–320. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  3. 3.
    Chen, W., Dondeti, L.: Performance comparison of stateful and stateless group rekeying algorithms. In: Proc. of Fourth International Workshop on Networked Group Communication, NGC 2002 (2002) Google Scholar
  4. 4.
    Naor, D., Naor, M., Lotspiech, J.: Revocation and Tracing Schemes for Stateless Receivers. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 41–62. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  5. 5.
    Setia, S., Koussih, S., Jajodia, S.: Kronos: A Scalable Group Re-Keying Approach for Secure Multicast. In: Proc. of the IEEE Symposium on Security and Privacy, Oakland, CA (May 2000)Google Scholar
  6. 6.
    Staddon, J., Miner, S., Franklin, M., Balfanz, D., Malkin, M., Dean, D.: Self- Healing Key Distribution with Revocation. In: Proc. of the IEEE Symposium on Security and Privacy, oakland, CA (May 2002)Google Scholar
  7. 7.
    Setia, S., Zhu, S., Jajodia, S.: A Comparative Performance Analysis of Reliable Group Rekey Transport Protocols for Secure Multicast. Performance Evaluation 49(1/4), 21–41 (2002); special issue Proceedings of Performance 2002, Rome, Italy (September 2002)zbMATHCrossRefGoogle Scholar
  8. 8.
    Wong, C., Gouda, M., Lam, S.: Secure Group Communication Using Key Graphs. In: Proc. of SIGCOMM 1998, Vancouver, British Columbia, pp. 68–79 (1998)Google Scholar
  9. 9.
    Wallner, D., Harder, E., Agee, R.: Key Management for Multicast: Issues and Architecture. Internet Draft, draft-wallner-key-arch-01.txt (September 1998)Google Scholar
  10. 10.
    Yang, Y., Li, X., Zhang, X., Lam, S.: Reliable group rekeying: Design and Performance Analysis. In: Proc. of ACM SIGCOMM 2001, San Diego, CA, USA, pp. 27–38 (August 2001)Google Scholar
  11. 11.
    Zhu, S., Setia, S., Jajodia, S.: Performance Optimizations for Group Key Management Schemes. In: Proc. of the 23rd IEEE ICDCS 2003, Providence, RI (May 2003)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2003

Authors and Affiliations

  • Sencun Zhu
    • 1
  • Sanjeev Setia
    • 1
  • Sushil Jajodia
    • 1
  1. 1.Center for Secure Information SystemsGeorge Mason UniversityFairfaxUSA

Personalised recommendations