Research Of Multicast Key Management For Secure Group Communication

Security group communication has been an active research field, in which the key management mechanism research is one of the most important and also the most challenging work. This paper focuses on multicast key management scheme for secure group communication. On the basis of fully research on the merits and drawbacks of different multicast key management schemes, this paper tries to improve the existing key management schemes. Improved schemes are estabilished retaining the merits of those existing schemes as well as making up some deficiencies in their performance or security. There are the main contributions in this paper:The first is about the research on the representative key management schemes for multicast communication. The present existing key management schemes for multicast group are classified as three types:centralized, distributed and grouped schemes. Centralized scheme suffering from "one affecting N (many)" because of the excessive dependence on group controller, meanwhile the overloading on group controller also became the bottleneck of systerm performance. And they have poor scalability. Rekeying in distributed schemes is completed by member consultation, so that they effectively avoid the problems single point failure. But for large group communication, the computation cost and rekrying delay are considerable. In grouped schemes, multicast members are divided into sereval sub-groups and managed by group controller and sub-group controllers. When member join or leave, rekeying caused by member change was limited in sub-group. Grouped schemes reduce the storge cost and communication cost of group controller, but there is no security mechanism in the process of key generation.The second is about the research on key management for dynamic group multicast communication. Because of the diffenences and dynamics of the multicast members, multicast communication is more complex than unicast communication. This paper focuses on multicast communication systerm with large group member and frequent member change. First, this paper proposes an improved rekeying algorithm on the basis of LKH, which reduces calculation cost of GC and raises the scalability. But it also brings new problem. Since each member have to calculate and rekey related key on it's key path, that lead to considerable calculation amount for multicast members, especially for the members in large group. At this time, system performance will be seriously influenced. Therefore, the improved algorithm only applies to the small group communication. Then, in order to satisfy the higher requirements for rekeying cost and scalability in large dynamic multicast communication systerm, a hybrid multicast key management scheme was proposed based on SKDC,LKH and Iolus schemes. This scheme constructs a hierarchical and grouped key tree, adopts the RSA encryption algorithm, which increases the extensibility and security. Compared with the previous schemes, it shows that the cost of key storage, calculation and communication are significantly improved.The third is about the research on key management for mobile Ad Hoc network, in which the key management plays an important role. It is not only the improtant content to implement the secure group communication, but it is also the key technology to support the secure routing in mobile Ad Hoc network. This paper researchs the key management schemes for the context of the mobile Ad Hoc network. A new key management scheme was put forward to adapt to the particularity of mobile Ah Hoc network. In this scheme, the node clustering algorithm was employed to construct the virtual backbone network layers that performing management function. It also uses the elliptic curve cryptography to establish and allocate group key in and between the clusters, whicn effectively improves the security of key management scheme, and had low computation cost and low communication cost.