Abstract
We present a new approach to deal with off-line members that are part of a secure dynamic group, where all the group members share a secret key, and this key is continuously changed to match current membership. Instead of re-negotiating keys when members become off-line or forcing direct interaction with the key manager, we propose a safe caching mechanism particularly suited for LKH (Logical Key Hierarchy) schemes. The basis of our approach is that in many applications, members that are back on-line just need to know the current key and not all the intermediate keys negotiated while they were off-line. We have devised a compact representation for that purpose called KHT (Key History Tree). A KHT is built using only publicly available information, so it can be safely replicated over the network, and its operation is transparent to clients and key managers. We use as an example of the benefits of our approach a web-based subscription service that anonymizes customer interactions while enforcing membership payments. Extensive simulations show the advantage of our approach over more conventional schemes.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Wallner, D.M., Harder, E.J., Agee, R.C.: Key Management for Multicast: Issues and Architectures. IETF, no 2627 (1999)
Canetti, R., Garay, J., Itkis, G., Micciancio, D., Naor, M., Pinkas, B.: Multicast Security: A Taxonomy and Some Efficient Constructions. In: INFOCOMM 1999, pp. 708–716 (1999)
McGrew, D.A., Sherman, A.T.: Key Establishment in Large Dynamic Groups Using One-Way Function Trees (1998)
Wong, C.K., Gouda, M.G., Lam, S.S.: Secure Group Communications Using Key Graphs. Proceedings of the ACM SIGCOMM Computer Communication Review 28(4), 68–79 (1998)
Canetti, R., Cheng, P.-C., Giraud, F., Pendarakis, D., Rao, J.R., Rohatgi, P.: An IPSec-based Host Architecture for Secure Internet Multicast, pp. 49–65
Baugher, M., Canetti, R., Hardjono, T., Weis, B.: IP Multicast issues with IPsec (2002)
Perrig, A., Song, D., Tygar, D.: ELK, a New Protocol for Efficient Large-Group Key Distribution, pp. 247–262
Kim, Y., Perrig, A., Tsudik, G.: Simple and fault-tolerant key agreement for dynamic collaborative groups. In: Jajodia, S., Samarati, P. (eds.) Proceedings of the 7th ACM Conference on Computer and Communications Security (CCS 2000), pp. 235–244. ACM Press, New York (2000)
Fiat, A., Naor, M.: Broadcast Encryption. pp. 480–491
Naor, D., Naor, M., Lotspiech, J.: Revocation and Tracing Schemes for Stateless Receivers, pp. 41–62
Pinkas, B.: Efficient State Updates for Key Management. In: ACM CCS Workshop on Security and Privacy in Digital Rights Management. LNCS (2001)
Setia, S., Koussih, S., Jajodia, S.: Kronos: A Scalable Group Re-keying Approach for Secure Multicast, pp. 215–228
Haverkort, B.R.: Performance of Computer-Communication Systems, p. 515. John Wiley and Sons, Chichester (1998)
RealNetworks, Inc. Press Releases: RealNetworks’ consumer media subscription service surpasses 400,000 monthly subscribers (2001)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2003 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Lain, A., Borisov, V. (2003). Key History Tree: Efficient Group Key Management with Off-Line Members. In: Gorodetsky, V., Popyack, L., Skormin, V. (eds) Computer Network Security. MMM-ACNS 2003. Lecture Notes in Computer Science, vol 2776. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-45215-7_20
Download citation
DOI: https://doi.org/10.1007/978-3-540-45215-7_20
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-40797-3
Online ISBN: 978-3-540-45215-7
eBook Packages: Springer Book Archive