Cryptographic Technologies Group TIS Labs at Network Associates, Inc.
Abstract:
We present and analyze a new algorithm for establishing shared cryptographic keys in large, dynamically changing groups. Our algorithm is based on a novel application of one-way function trees. In comparison with previously published methods, our algorithm achieves a new minimum in the number of bits that need to be broadcast to members in order to re-key after a member is added or evicted. The number of keys stored by group members, the number of keys broadcast to the group when new members are added or evicted, and the computational efforts of group members, are logarithmic in the number of group members. Our algorithm provides complete forward and backwards security: newly admitted group members cannot read previous messages, and evicted members cannot read future messages, even with collusion by arbitrarily many evicted members. This algorithm offers a new scalable method for establishing group session keys for secure large-group applications such as electronic conferences, multicast sessions, and military command and control.
Citations
| 268 | Secure group communications using key graphs – Wong, Gouda, et al. - 1998 |
| 216 | Password authentication with insecure communication – Lamport - 1981 |
| 177 | Key management for multicast: Issues and architectures,” RFC 2627 – Wallner, Harder, et al. - 1999 |
| 131 | The S/Key One-Time Password System – Haller - 1994 |
| 104 | DiffieHellman key distribution extended to group communication – Steiner, Tsudik, et al. - 1996 |
| 95 | CLIQUES: A New Approach to Group Key Agreement – Steiner, Tsudik, et al. - 1997 |
| 63 | The MD5 Message-Digest Algorithm," RFC 1321 – Rivest - 1992 |
| 56 | Random mapping statistics – Flajolet, Odlyzko |
| 2 | Secrecy, authentication, and public-key cryptosystems – Merkle - 1979 |
| 1 | Yvo Desmedt, "A secure and efficient conference key distribution system – Burmester - 1994 |
| 1 | Moni Naor, "Broadcast encryption – Fiat - 1993 |
