Key Management for Secure Multicast Communications

Abstract

This dissertation considers the single sender, multiple receiver model of secure multicast communication. The goal is to develop schemes that have reduced computational overhead at the time of key generation, minimize the amount of message units required at the time of key updates, andminimize the number of keys to be stored by the sender as well as receivers.In order to achieve this goal, a key generation and distribution architecture based on rooted trees and control panels is proposed. A control panel is assumed to consist of mutually suspicious members who jointly generate the keys that are distributed to the rest of the members. Based on the assumption about the control panel, we provide a distributed key generation mechanism which allows a set of mutually suspicious members to contribute to the generation of a joint secret without revealing their individual contributions. The key distribution scheme presented considers the member revocation event and relates it to the key assignment of individual users. We define and show that the entropy of the member revocation event plays an important role in determining the number of keys assigned to a member. We claim that the number of keys allocated to a member based on the elementary concepts from information theory will also correspond to the minimum number of keys that need to be assigned to a member unless additional functional relationship among keys exists, since it "completely captures" the uncertainty of the member revocation event. We also identify some weaknesses in the recent schemes, and solvean open problem posed at Eurocrypt'99.