Abstract
We study the problem of multicasting encryption to some subsets of the privileged users and ensuring that only non-revoked users can decrypt the contents in the context of a single source multicast. We concentrate on large dynamic multicast group case with low-state users or stateless users. We propose a Practical Clumped-tree Multicast Encryption scheme (PCME) based on the idea of two-layer tree (container-tree and clumped-tree) and digital label method. The important feature of this scheme is the separation between the static container-tree and the dynamic clumped-tree. We regard a clumped-tree as an autonomous unit, and do not spread the information about revoked users in a clumped-tree to the container-tree. The separation also provides secure multicast channel for distinct GC to multicast completely different content and for any user to multicast encryption to any collection of intended subtrees. Let n be the number of privileged users. Group center, clumped-tree center and user each stores only n/29 –1, (212-1)/3+log(n/210)+1 and 6 keys independently with revocation cost being only 15 to revoke a user. Digital label method accelerates the collection of privileged subsets and the multicast of encryption, and any subtree or user can determine its size and relative position in the whole tree immediately from its digital label. The PCME scheme is truly realistic: even for an astronomical number of 256,000,000 stateless users, GC storage is less than 4 Mbytes, CC storage is less than 10K bytes, and user storage is less than 100 bytes, while for 512 revocations, message length is only 512. Except for efficiency, PCME scheme is fully scalable and it is resistant to adversarial coalitions of various sizes.
This work was partially supported by NSFC 60303026 and 60473020, SRFDP 20050248043, and also the Foundation of NLMC 51436040405JW0304.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Berkovits, S.: How to Broadcast a Secret. In: Davies, D.W. (ed.) EUROCRYPT 1991. LNCS, vol. 547, pp. 535–541. Springer, Heidelberg (1991)
Fiat, A., Naor, M.: Broadcast Encryption. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 480–491. Springer, Heidelberg (1994)
Wong, C.K., Gouda, M., Lam, S.S.: Secure Group Communications Using Key Graphs. IEEE/ACM Transactions on Networking 8(1), 16–29 (2000)
Wallner, D.M., Harder, E.J., Agee, R.C.: Key Management for Multicast: Issues and Architectures. Internet draft draft-wallner-key-arch-01.txt (September 1998)
Naor, D., Naor, M., Lotspiech, J.: Revocation and Tracing Schemes for Stateless Receivers. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 41–62. Springer, Heidelberg (2001)
Halevy, D., Shamir, A.: The LSD broadcast encryption scheme. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 47–60. Springer, Heidelberg (2002)
Gafni, E., Staddon, J., Yin, Y.L.: Efficient Methods for Integrating Traceability and Broadcast Encryption. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 372–387. Springer, Heidelberg (1999)
Canetti, R., Malkin, T., Nissim, K.: Efficient Communication–Storage Tradeoffs for Multicast Encryption. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 459–474. Springer, Heidelberg (1999)
Desmedt, Y., Wang, Y.: Perfectly Secure Message Transmission Revisited (Extended Abstract). In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 502–517. Springer, Heidelberg (2002)
Micciancio, D., Panjwani, S.: Optimal Communication Complexity of Generic Multicast Key Distribution. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 153–170. Springer, Heidelberg (2004)
Goodrich, M.T., Sun, J.Z., Tamassia, R.: Efficient Tree-Based Revocation in Groups of Low-State Devices. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 511–527. Springer, Heidelberg (2004)
Jho, N., Hwang, J.Y., Cheon, J.H., Kim, M.H., Lee, D.H., Yoo, E.S.: One-Way Chain Based Broadcast Encryption Schemes. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 559–574. Springer, Heidelberg (2005)
Chor, B., Fiat, A., Naor, M.: Tracing traitors. In: Desmedt, Y.G. (ed.) CRYPTO 1994. LNCS, vol. 839, pp. 257–270. Springer, Heidelberg (1994)
Chor, B., Fiat, A., Naor, M., Pinkas, B.: Tracing traitors. IEEE Transactions on Information Theory 46(3), 893–910 (2000)
Chabanne, H., Phan, D.H., Pointcheval, D.: Public Traceability in Traitor Tracing Schemes. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 542–558. Springer, Heidelberg (2005)
Canetti, R., Garay, J., Itkis, G., Micciancio, D., Naor, M., Pinkas, B.: Multicast Security: A Taxonomy and Some Efficient Constructions. In: Proc. INFOCOM 1999, New York, NY, vol. 2, pp. 708–716 (March 1999)
Boneh, D., Durfee, G., Franklin, M.: Lower Bounds for Multicast Message Authentication. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 437–452. Springer, Heidelberg (2001)
Perrig, A., Canetti, R., Song, D., Tygar, J.D.: Efficient and Secure Source Authentication for Multicast. In: Proc. NDSS 2001, San Diego, pp. 1–12 (2001)
Wong, C.K., Lam, S.S.: Digital Signatures for Flows and Multicasts. IEEE/ACM Transactions on Networking 7(4), 502–513 (1999)
Jung, E., Liu, X.Y.A., Gouda, M.G.: Key Bundles and Parcels: Secure Communication in Many Groups. In: Stiller, B., Carle, G., Karsten, M., Reichl, P. (eds.) NGC 2003 and ICQT 2003. LNCS, vol. 2816, pp. 119–130. Springer, Heidelberg (2003)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Dong, L., Chen, K. (2006). A Practical Clumped-Tree Multicast Encryption Scheme. In: Chen, K., Deng, R., Lai, X., Zhou, J. (eds) Information Security Practice and Experience. ISPEC 2006. Lecture Notes in Computer Science, vol 3903. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11689522_16
Download citation
DOI: https://doi.org/10.1007/11689522_16
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-33052-3
Online ISBN: 978-3-540-33058-5
eBook Packages: Computer ScienceComputer Science (R0)