Analysis And Implementation Of The Secure Multicast System Based On TLS

While application of the wide bandwidth technique and multimedia operation is becoming more and more widespread, the confliction of the expenditure on the bandwidth and the network jam is also becoming more and more acute. As multicast technique can radically alleviate the burden of the network, it becomes a hot search field, the multicast security becomes urgent to fix as it counteracts the development of the application of multicast.MSEC working group has released many group key management protocols like the GSAKMP,GDOI,MIKEY. From the view of supported data security protocols, although the MSEC protocols profess to be extensible, currently they mainly support ESP and AH protocols, which work on the IP layer. Now, using IPSec technology to provide security protection for multicast data, becomes an important research field in building a multicast security system. But this scheme has defect of compatibility, and is lack of agility.Realization the multicast security system on the transport layer is still in primary stage of research. This thesis introduces and analyzes a central transport layer secure multicast communication protocol which is based on TLS technique, called TLSMC for short. The protocol is composed of two parts, data security and group key management. The data security part refers to the TLS protocol, and provides the protection of the data, such as the encryption, integrity check, anti-replay, source authentication, group authentication and so on. The group key management part refers to the TLS and GDOI protocol, it's mainly used to administrate the group security association. TLSMC works above UDP and runs between the transport layer and the application layer. It's a separate security layer, which provides standard APIs to the application layer.This thesis has mainly done the following works:1)Introduce the risk of the multicast security and the factors influencing the multicast communication security, research on the primary group key management protocols and analyze the characteristics of providing multicast data security on IP layer, transport layer, application layer.2)Detailedly describe the framework and the content of TLS protocol.3)Introduce a TLS-based multicast security protocol, TLSMC. Analyze the application and security performance of TLSMC.4)Decompose system to modules according to the function, realize the data structures, design the APIs which refer to the socket programming API. By transferring the API of TLSMC, this thesis realizes an example multicast security system.While the popularization of the multicast technique, the security of multicast faces great danger. This thesis introduces and implements a central security multicast protocol, which is based on the TLS technique. It satisfies the confidentiality, integrality, source authentication, perfect forward and backward security in the multicast communication, and it also has good ability of compatibility, expansibility and deployment.