Research On Distributed Key Management Protocols For Secure Group Communication

Secure Group Communication System has been an active research domain, in which the group key management scheme is the most challenging work. This paper focuses on research on key management protocols for multicast communication and dynamic peer group communication. On the basis of plentiful research on the merits and drawbacks of existing group key management protocols, this paper tries to improve the existing mainstream schemes. Our protocols are established retaining the merits of those existing schemes as well as making up some deficiencies in their performance or security. There are three main contributions in this paper:The first is about the research on key management protocols for multicast communications. The present existing key management protocols for multicast group are classified as centralized and distributed schemes, with the former suffering from "one affecting N(many)" while the latter suffering from upper overloads of decryption and re-encryption and communication delays. A compromising way of thinking is adopted in this paper. On the basis of secure multicast key management framework offered by Iolus, the representative one of the distributed protocols, a new distributed group key management architecture is designed. In this architecture, the whole multicast group is divided into some subgroups, each of which is equipped with a Group Security Controller Agent of group controller that implements the key management task. An improved logical key hierarchy is also adopted as the key management scheme inside the subgroup. A distributed key management protocol based on agent for large dynamic multicast group is also presented in this paper, through which the flaw of member authentication in the existing key management protocols has been improved through adding signed tokens. The protocol also effectively mitigates the problem of "one affecting N", the overload of GSCA decryption and re-encryption and the communication delay that results from it, suitable for large dynamic multicast groups.The second is about the research on key management protocols for dynamic peer group communications. The Tree-based Group Diffie-Hellman Protocol is a fairly good key management secheme for dynamic peer group communications. Through analyzing TGDH protocol, we have found out that a deficiency exists with its mode of communication. A lot of redundant messages are used to complete group re-keying so that more communication bandwidth will be consumed in TGDH. We aim to solve the deficiency and improve TGDH through designing a preparatory algorithm of finding a Key Association Set. A new re-keying protocol is also designed by using the algorithm. Theoretical analysis shows that our protocol effectively decreases the communication and storage overload of TGDH, with the communication bandwidth descending from O(nlogn) to O(n) and the key storage descending from O(n) to O(logn). The simulation result also shows the improved protocol has a better communication performance.The third is about the research on group key management architecture for the mobile Ad-hoc Network, in which the group key management protocol plays an important role. It is not only the key technique to implement secure group communication system, but its support is also needed by the secure routing technique in the mobile Ad-hoc Network. This paper discusses the group key management schemes for the context of the mobile Ad-hoc network, presenting a group key management architecture based on a hybrid strategy through integrating LKH and TGDH. Our scheme suits heterogeneous mobile Ad-hoc network and can effectively avoid single-point failure due to its high expandability.