Research On Secure IP Multicast Communication Technology

IP multicast technology provides an effective transmission scheme for group applications. Limited support for security, traffic management and reliability restricts broad application of IP multicast technology. Among these security is a key factor. During multicast communication, the environment must provide confidentiality, integrity and source authentication protection. Furthermore, due to openness of IP multicast model, secure IP multicast environment must provide IP multicast member access control scheme to defend DoS attack.This paper make detailed research on most fields of secure IP multicast technology. The major works are as follow:1 Group key agreement is fit for dynamic peer multicast applications. Most of those algorithms are based on extension to DH key exchange protocol. By combined with thought of logical keys tree, a computation efficient distributed group key management scheme is presented in this paper. Compared with TGDH scheme which is currently the best one among those which are based on DH protocol, when a member joins into the group, new scheme reduces the modular exponential computation cost of the member which need the most modular exponential computation by 33%. If the leaving of a member does not result in unbalance of the logical keys tree, modular exponential computation is not needed in new scheme. Even the leaving of a member results in unbalance of the logical keys tree, new scheme reduces the modular exponential computation cost of the member which need the most modular exponential computation by 33% also.2 For one to many, few to many multicast applications, centralized group key manage algorithm is the best choice. By introducing XOR operation and one-way function chain technology, an improved centralized group key management algorithm based on logical keys tree is presented in this paper. New scheme reduces communication, computation and storage cost needed by group key updating.3 This paper makes comparison analysis on some kinds of typical multicast source authentication schemes. Based on digital signature and one-way function chain, a new scheme without delay is presented in this paper. Compared with others schemes, sender can generate source authentication data right away after application requests to send a message. After receiving a package, receivers can make verification right away. This scheme is the best choice of real time multicast applications.4 By introducing dual logical keys tree structure and access control key, the Gothic IP multicast receivers access control scheme is improved. The computation cost of access router is reduced and the trust relationship between group members and multicast routers is removed. IP multicast senders access control scheme based on dual logical keys tree is provided.5 Different multicast applications have different secure requirements. New multicast applications will have new secure requirements. Providing a steady secure IP multicast infrastructure is the key to meeting mutative secure requirements and different multicast environment. This paper makes detailed research on distributed secure IP multicast architecture based on policy management.