Research On Key Management Scheme In Secure Multicast

With the extensive application and popularization of Internet, multicast also remains rapid development,and is broadly applied to many-to-many or one-to-many data communication. The main advantage of multicast is that the sender only needs to send the message once and the routers will forward the message to every receiver automatically. Compared with unicast, multicast can save network bandwidth and reduce sender's overhead and network flow. However, as multicast involves multiple receivers, the reliability and security problems in multicast also become more complex than unicast. To ensure secure communication, every multicast member shares a common group key for encrypting data. Since multicast membership is dynamic, the group key should be updated in order that the member after who has left or before who adds in the group can not decrypt the encrypted data. Among all the problems in multicast security, multicast key management is a vital topic, which has attracted many researcher's interests.This thesis begins with an introduction of multicast techniques and the security requirements. We also classified existing multicast key management schemes, among which, several typical schemes are compared and analyzed, and the problems in existing schemes is also given. Then, this thesis introduced the design and development of a group secure collaboration and multi-sessions talk system. We made some improvements on the system: first, multicast mechanism is applied to the system to improve communication efficiency and meet the real time requirement; second, a distributed architecture is designed to avoid single point of failure problem.In addition, this thesis proposed two novel multicast key management schemes: GC-PE and R-LKH. Their design principles, architecture and key updating algorithms are also given. These two schemes are compared with several related works. The schemes are evaluated using the following four metrics: key storage, encryption complexity, communication costs, and protection against attacks. The analysis and experimental results show that GC-PE has good performances in all metrics, which is suitable for larges-scale dynamic multicast groups and R-LKH is more efficient because it reduced LKH's key storage using a improved method.