| The openness and uncertainty of network communication environments easily result in communication failures, and even bring disastrous consequences to network communications. Now how to prevent the occurrence of communication failures, as well as how to enable the system to provide normal services when failure occurred is a hot topic. The security goal of traditional system is building a defensive mechanism of the system, so that systems can not be attacked from the illegal invasions. However, the actual experience has shown that there are a considerable number of vulnerable points in the majority of applications, especially in the network-based distributed systems. Because of the complexity of interactions between system components, the weak points are particularly difficult to prevent and the invasion can not be avoided. Hence, resilient key distribution schemes have fully taken into account the vulnerability. The goal of resilient the key distribution schemes is that when system is attacked, even if some components have been damaged, or manipulated by a malicious attacker, the system can trigger the appropriate protective mechanisms to continue to provide normal and key services for users.Self-healing key distribution and time-bound hierarchical key distribution are two ways to realize the resilience. The character of self-healing key distribution is that users who have missed up to a certain number of previous rekeying operations can recover the missing group keys without requesting additional transmissions from the group manager. The character of time-bound hierarchical key distribution is that key is related of the time. Since the keys change as time changes, an attacker even if gets hold on a key in one point of time, nor get the following keys.Implementation of self-healing key distribution needs to pay high maintenance costs. How to reduce network traffic and storage of group members in self-healing key distribution is one of hot research area. Dutta has designed constant storage self-healing key distribution scheme, which greatly reduces the storage of keys of members. But Dutta scheme is not secure throught our analysis. Hence, this paper improves Dutta's scheme, and analyses its performance. Improved scheme makes up for the flaw of Dutta's scheme, and keeps the key storage of members with constant-level. In order to further optimize the traffic, this paper designes a computational secure constant storage self-healing key kistribution scheme. At the same time, this paper proves the security of ICSKD scheme and CCSKD scheme in the corresponding models. Finally, examples of the proposed schemes by C++ illustrate the feasibility of the proposed schemes.Chien has proposed a time-bound hierarcal key distribution scheme based on tamper-resistant devices and hash function, which greatly reduces the burden of computation. However, Chien's scheme can not resist to tripartite attack proposed by X. Yi. This paper presents an improved time-bound hierarchical key distribution scheme, which can not only resist the tripartite attack proposed by X. Yi, but also has same efficiency in the implementation with Chien's scheme. In order to meet the requirements of the general partial order, based on Chinese Remainder Theorem and bilinear maps respectively, this paper designs a time-bound hierachical key distribution scheme, analyses the security of the proposed scheme, and gives examples of the proposed schemes. |
PDF Full Text Request