Research On Group Key Management Based On ABE

With the rapid development of broadband access technology and multicast technology,multicast communication has been widely used,such as the Internet TV,video conference,network game,Video surveillance network,UAV task.Group communication not only brings lots of convenience,but also with security hidden danger.How to realize the security of group communication becomes a key problem in the open environment.In order to prevent unauthorized user or malicious attackers from eavesdropping the group communication messages,it is necessary to ensure the security of group key.How to update the group key safely and efficiently is the focus of group security communication.Group key management system will update the group key as long as the members change in order to ensure forward security and backward security.In particular,many applications about group communication are in need of group merge and group partition,for example,multiple UAV clusters need to merge into a new cluster to accomplish the same task in the military field,a large UAV cluster needs to be divided into several subgroups to quickly complete several sub tasks.There are Only few schemes researching group merge and group partition in existing group key management sehemes,and they are with higher computation overhead.The existing attribute-based encryption schemes focus on how to update group key when a single member leave or join group,and no group merge and group partition are discussed in detail.This thesis designs two schemes about group key management based on attribute-based encryption with against conspiracy attack by improving the existing scheme.They solve group key update of group merge and group partition by combining binary bit allocation and attributes change.The contributions of this thesis are as follows:1.The existing group key management schemes are classified in accordance with encryption system.Then,it analyzes the advantages and disadvantages of all kinds of schemes.It explains the reason for choosing ciphertext-policy attribute-based encryption.2.The first scheme is proposed by improving the existing scheme,which includes group establishment,group encryption and decryption,key generation,a single member joining or leaving group,group merge and group partition.This scheme ensures the uniqueness of attribute for members by combining binary bit allocation and attributes change.During the group merge,when the number of attribute ID reaches upper limit,the scheme will set up group and distribute attributes for members again.3.During group merge in the first scheme,the number of attribute ID restrians from upper limit.Aiming at the limitation of the first scheme,this thesis proposes an improved scheme.The attributes of members are divided into two parts.The first part is used to identify group,the second part is used to identify member.These two parts ensure the uniqueness of attribute for members,in order to make access strategy and complete the group key updating quickly.4.Security analysis of the two proposed schemes is analysed.Then,communication overhead and computation overhead are analysed.Finally,the simulation of the proposed schemes is carried on.The results indicate that the proposed schemes can effectively reduce the overhead caused by group key update.