Multi-User Security: A Signal Processing and Networking Perspective

Thumbnail Image


Trappe, W..pdf (2.11 MB)
No. of downloads: 36

Publication or External Link





The advancements in communication and multimedia technologies have paved the way for a new suite of multi-user applications that will allow users to interact. Although the new communication infrastructure makes it easier to reach the end user, it also makes it easier for adversaries to mount attacks against security measures intended to protect data. Thus, there must be mechanisms in place that guarantee the confidentiality and rights of both the customer and the service provider during the delivery of content across future communication networks. This thesis examines security issues related to communications involving more than two participants or adversaries. We approach the problem of multi-user security by developing security measures at different stages of the content distribution process, ranging from the establishment of initial keying information before transmission, to key management while delivering through networks, and finally to content protection and collusion prevention/tracing after delivery. We address the issue of establishing a group key prior to content delivery by introducing the butterfly scheme and a conference keying scheme that addresses user heterogeneity. These schemes employ the two-party Diffie-Hellman scheme in conjunction with an underlying algorithmic tree called the conference tree. In order to address client heterogeneity, we design the conference tree using source coding techniques to account for the different user cost and budget profiles. We also introduce the PESKY performance measure, which quantifies the likelihood that a conference key can be established in a heterogeneous environment. We then consider the problem of managing keys during content delivery by proposing a multicast key management system that uses a composite message format with member join and departure operations. Compared with the traditional format of the rekeying messages used in tree-based multicast key management, our composite message format reduces the amount of header information, while maintaining the same payload size. Finally, we address the issue of protecting the digital rights of multimedia content after it has left the protected or encrypted domain. Since traditional multimedia fingerprints are susceptible to collusion attacks made by a coalition of adversaries, we develop fingerprints for multimedia that are based upon code modulation and able to identify groups of colluders.