| As dynamic-group-oriented, collaborative, distributed and interactive applications such as video conferencing, grid computing, instant messaging, online games and peer to peer data sharing services are increasingly important, safe and reliable group communication service has become a challenge of modem computing. In order to achieve communication confidentiality, authentication, integrity and non-repudiation, the design of safe and efficient dynamic group key agreement protocol is the premier research topic.In group key agreement, each user exchanges information with others in the same group interactively over public network. All users agree on a common session key and each one has a contribution to it. Parties involved in communication use the key for symmetric encryption and generating message authentication code to achieve subsequent security goals. First of all, group key agreement protocol must implement mutual authentications of members to prevent the middle-man-attack. Secondly, unlike two sides and tripartite key agreement, the efficiency of group communication associated with the number of members and distances between them is much more important. Thirdly, membership changes in dynamic group occur at any time, so we should consider the joining and leaving of members, merging and splitting of subgroups. Finally, in those dynamic cases the key should be updated timely to achieve forward secrecy and backward secrecy. Overload for updating keys should be minimized as far as possible using existing results.Our paper focuses on the dynamic group key agreement and analyzes representative protocols and security models. We present a new scalable dynamic group key agreement protocol based on safety and efficiency requirements.Firstly, classical protocols are presented and discussed. Typical group key agreement protocols are analyzed and compared in detail at aspects of security, authentication, efficiency, dynamic, scalability and data structures based-on. Secondly, security model for group key agreement are analyzed in detail. Formal definitions of passive adversary, active adversary, malicious partner and security against three attacks in security models are discussed.Thirdly, we present a scalable authenticated dynamic group key exchange protocol based on an multi-tree. Compared to others based on linear structures, binary and ternary trees, our protocol has its own unique advantages and characteristics in computation complexity and communication complexity, therefore it is more scalable and suitable for large groups.At last, the protocol above is extended to dynamic group. Concrete protocols are presented for group membership changes. In addition, our protocols achieve forward secrecy and backward secrecy and reduce the overload for updating session key in four dynamic cases as much as possible. |
PDF Full Text Request