Abstract
Secure multicast communication provides an efficient way to deliver data to a large group of recipients. Scalability, efficiency and authenticity are the key challenges for secure multicast. In this paper, we propose a novel group key agreement scheme called logical identity hierarchy(LIH) for multicast to support secure communications for large and dynamic groups, which is based on bilinear pairing. Compared with the previous tree-based schemes, LIH provides dual authentication between group controller(GC) and group members and hierarchical authentication among group members. GC and all the users do not need to execute any encryption/decryption process during the rekeying operation. Moreover, in LIH, the group members can be stateless receivers, who do not need to update their state during the protocol execution. Using a public board, GC does not need to multicast any rekeying message when a user joins/leaves the communication group. Security analysis shows that LIH satisfies both backward secrecy and forward secrecy.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Deering, S.E.: Multicast Routing in Internetworks and Extended LANs. In: Proceedings of the ACM SIGCOMM 1988, Stanford, California, pp. 55–64 (1988)
Deering, S.E.: Host Extensions for IP Multicasting. RFC 1112 (August 1989)
Deering, S.E., Estrin, D., Farinacci, D., Jacosen, V.: An Architecture for Wide-Area Multicasting. In: Proceedings of the ACM SIGCOMM 1994, London, pp. 126–135 (1994)
Lu, H.: A Novel High-Order Tree for Secure Multicast Key Management. IEEE Trans. Computers 54(2), 214–224 (2005)
Canetti, R., Garay, J., Itkis, G.: Multicast Security: A Taxonomy and Some Efficient constructions. In: Proc. of INFOCOM 1999, pp. 708–716 (1999)
Chang, I., Engel, R., Pendarakis, D., Saha, D.: Key management for Secure Internet Multicast Using Boolean Function Minimization Techniques. In: Proceedings of INFOCOM 1999, pp. 689–698 (1999)
Canetti, R., Malkin, T., Nissim, K.: Efficient Communication Storage Tradeoffs for Multicast Encryption. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 459–474. Springer, Heidelberg (1999)
Hardjono, T., Tsudik, G.: Ip Multicast Security: Issues and Directions. Annales de Telecom, pp. 324–340 (2000)
Micciancio, D., Panjwani, S.: Optimal Communication Complexity of Generic Multicast Key Distribution. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 153–170. Springer, Heidelberg (2004)
Steiner, M., Tsudik, G., Waidner, M.: Cliques: A new approach to group key agreement. IEEE Transactions on Distributed and Computing Systems, 380–387 (1998)
Wallner, D., Harder, E., Agee, R.: Key management for multicast: Issues and architectures. RFC 2627, Internet Engineering Task Force (June 1999)
Wong, C.K., Lam, S.: Secure Group Communications Using Key Graphs. In: Proceedings of SIGCOMM 1998, pp. 68–79 (1998)
Sherman, A.T., McGrew, D.A.: Key Establishment in Large Dynamic Groups Using One-Way Function Trees. IEEE Trans. Software Engineering 29(5), 444–458 (2003)
Kim, Y., Perrig, A., Tsudik, G.: Simple and Fault-Tolerant Key Agreement for Dynamic Collaborative Groups. In: 7th ACM Conference on Computer and Communications Security, pp. 235–244 (2000)
Dutta, R., Barua, R., Sarkar, P.: Provably Scure Authenticated Tree Based Key Agreement. In: López, J., Qing, S., Okamoto, E. (eds.) ICICS 2004. LNCS, vol. 3269, pp. 92–104. Springer, Heidelberg (2004)
Kim, Y., Perrig, A., Tsudik, G.: Tree-Based Group Key Agreement. ACM Transactions on Information and System Security 7(1), 60–96 (2004)
Perrig, A., Song, D., Tygar, J.D.: ELK, a New Protocol for Efficient Large Group Key Distribution. In: IEEE Symposium on Security and Privacy 2001, pp. 247–262 (2001)
Waldvogel, M., Caronni, G., Sun, D., Weiler, N., Plattner, B.: The VersaKey Framework: Versatile Group Key Management. IEEE Journal on Selected Areas in Communications 17(8), 1614–1631 (1999)
McGrew, D.A., Sherman, A.T.: Key Establishment in large Dynamic Groups Using One-Way Function Trees. Technical Report No.0755, TIS Labs at Network Associates, Inc., Glenwood, MD (May 1998)
Canetti, R., Halevi, S., Katz, J.: A Forward-Secure Public-Key Encryption Scheme. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 255–271. Springer, Heidelberg (2003)
Boneh, D., Katz, J.: Improved Efficiency for CCA-Secure Cryptosystems Built Using Identity-Based Encryption. In: Menezes, A. (ed.) CT-RSA 2005. LNCS, vol. 3376, pp. 87–103. Springer, Heidelberg (2005)
Canetti, R., Halevi, S., Katz, J.: Chosen-Ciphertext Security from Identity-Based Encryption. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 207–222. Springer, Heidelberg (2004)
Boneh, D., Franklin, M.: Identity-Based Encryption from the Weil Pairing. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 213–229. Springer, Heidelberg (2001)
Boneh, D., Boyen, X.: Efficient Selective-ID Secure Identity-Based Encryption Without Random Oracles. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 223–238. Springer, Heidelberg (2004)
Hess, F.: Efficient Identity Based Signature Schemes Based on Pairings. In: Nyberg, K., Heys, H.M. (eds.) SAC 2002. LNCS, vol. 2595, pp. 310–324. Springer, Heidelberg (2003)
Libert, B., Quisquater, J.J.: New Identity Based Signcryption Schemes from Pairing. Cryptology ePrint Archive, Report 2003/023, available at: http://eprint.iacr.org/2003/023
Lynn, B.: Authenticated Identity-Based Encryption, Cryptology ePrint Archive, Report 2002/072, available at: http://eprint.iacr.org/2003/023
Gentry, C., Silverberg, A.: Hierarchical ID-Based Cryptography. In: Zheng, Y. (ed.) ASIACRYPT 2002. LNCS, vol. 2501, pp. 548–566. Springer, Heidelberg (2002)
Boyen, X.: Multipurpose Identity-Based Signcryption. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 383–399. Springer, Heidelberg (2003)
Barreto, P.S.L.M., Kim, H.Y., Scott, M.: Efficient Algorithms for Pairing-Based Cryptosystems. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 354–368. Springer, Heidelberg (2002)
Barreto, P.S.L.M., Lynn, B., Scott, M.: On the Selection of Pairing-Friendly Groups. In: Matsui, M., Zuccherato, R.J. (eds.) SAC 2003. LNCS, vol. 3006, pp. 17–25. Springer, Heidelberg (2004)
Steven, D.G., Harrison, K., Soldera, D.: Implementing the Tate Pairing. In: Fieker, C., Kohel, D.R. (eds.) ANTS 2002. LNCS, vol. 2369, pp. 324–337. Springer, Heidelberg (2002)
Blake, I., Seroussi, G., Smart, N.: Elliptic Curves in Cryptography. Cambridge Unversity Press, Cambridge (2001)
Choie, Y.J., Lee, E.: Implementation of Tate Pairing on Hyperelliptic Curves of Genus 2 ICISC 2003. In: Lim, J.-I., Lee, D.-H. (eds.) ICISC 2003. LNCS, vol. 2971, pp. 97–111. Springer, Heidelberg (2004)
Miller, V.S.: The Weil Pairing and Its Efficient Calculation. Journal of Cryptology 17(4), 235–261 (2004)
Scott, M., Barreto, P.S.L.M.: Compressed Pairings. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 140–156. Springer, Heidelberg (2004)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Wang, L., Wu, CK. (2006). Authenticated Group Key Agreement for Multicast. In: Pointcheval, D., Mu, Y., Chen, K. (eds) Cryptology and Network Security. CANS 2006. Lecture Notes in Computer Science, vol 4301. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11935070_4
Download citation
DOI: https://doi.org/10.1007/11935070_4
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-49462-1
Online ISBN: 978-3-540-49463-8
eBook Packages: Computer ScienceComputer Science (R0)