Group Key Management And Applications In Military Communication

Multicast is an important network technology in group communication. More and more applications of multicast appear with the development of Internet, and become a hot issue at present. Especially in military communication, multicast has its advantage. To achieve a secure multicast, members of a group share a symmetrical Traffic Encryption Key(TEK) and use it to encrypt or decrypt the traffic information. Group key management is an important functional building block for any secure multicast architecture. Particularly in the military communication applications, key management protocol has higher requirement on efficiency and security.The group key management protocols may be devided into group key distribution protocols and group key agreement protocols. The former mostly come from the Pairwise Keys. In this approach, the key distribution function is assured by a single entity which is responsible for generating and distributing the traffic encryption key (TEK) whenever required. It is suitable for the circumstance which has a management centre and large number of members. The latter is also called distributed key management. The group members cooperate to establish a group key without any managers. This improves the reliability of the overall system and reduces the bottlenecks in the network in comparison to the former.In this paper, we classify existing schemes into two approaches: the common approach which all members share a TEK and the second approach which each sub-group has its independent TEK. We present the categories and development of some typical protocols.Our work in this paper consists of two parts. In the first part we propose a new key management scheme for military hierarchical group communication, which is based on security multicast and satisfies the security requirements, considering the requirements on real-time of transmission, efficiency of rekeying, bandwidth overhead and storage overhead. In the second part we propose another scheme which is based on the former scheme. In military group communication, lots of schemes consider the content access control wholly. A member of group may hold the privilege to access all the data or have nothing at all. In our scheme, we classfy the members into several safe classes and orgnize them into a tree hierarchical group, implement the content access control.