Abstract not found

Ensemble is a Group Communication System built at Cornell and the Hebrew universities. It allows processes to create process groups within which scalable reliable fifo-ordered multicast and point-to-point communication are supported. The system also supports other communication properties, such as causal and total multicast ordering, flow control, etc. This paper describes the security protocols and infrastructure of Ensemble. Applications using Ensemble with the extensions described here benefit from strong security properties. Under the assumption that trusted processes will not be corrupted, all communication is secured from tampering by outsiders. Our work extends previous work performed in the Horus system (Ensemble’s predecessor) by adding support for multiple partitions, efficient rekeying, and application defined security policies. Unlike Horus, which used its own security infrastructure with non-standard key distribution and timing services, Ensemble’s security mechanism is based on off-the shelf authentication systems, such as PGP and Kerberos. We extend previous results on group rekeying, with a novel protocol that makes use of diamond-like data structures. Our Diamond protocol allows the removal of untrusted members within milliseconds.

We present a simple, efficient, and secure multicast protocol with copyright protection in an open and insecure network environment. There is a wide variety of multimedia applications that can benefit from using our secure multicast protocol, e.g., the commercial pay-per-view video multicast, or highly secure military intelligence video conference. Our secure multicast protocol is designed to achieve the following goals. (1) It can run in any open network environment. It does not rely on any security mechanism on intermediate network switches or routers. (2) It can be built on top of any existing multicast architecture. (3) Our key distribution protocol is both secure and robust in the presence of long delay or membership message. (4) It can support dynamic group membership, e.g., JOIN/LEAVE/EXPEL operations, in a network bandwidth efficient manner. (5) It can provide copyright protection for the information provider. (6) It can help to identify insiders in the multicast session who are leaking information to the outside world. We have implemented a prototype system which validates our secure multicast protocol and evaluated it against various performance matrices. The experimental results are very encouraging, but also show where new engineering approaches need to be deployed to conform fully to the design goals.

This paper presents group key distribution techniques for large and dynamic groups over unreliable channels. The techniques proposed here are based on the self-healing key distribution methods (with revocation capability) recently developed by Staddon et al. [31]. By introducing a novel personal key distribution technique, this paper reduces (1) the communication overhead of personal key share distribution from O(t log q) to O(t log q), (2) the communication overhead of self-healing key distribution with t-revocation capability from O((mt + tm) log q) to O(mt log q), and (3) the storage overhead of the self-healing key distribution with t-revocation capability at each group member from O(m log q) to O(m log q), where t is the maximum number of colluding group members, m is the number of sessions, and q is a prime number that is large enough to accommodate a cryptographic key. All these results are achieved without sacrificing the unconditional security of key distribution. In addition, this paper presents two techniques that allow trade-off between the broadcast size and the recoverability of lost session keys. These two methods further reduce the broadcast message size in situations where there are frequent but short-term disruptions of communication and where there are long-term but infrequent disruptions of communication, respectively. Finally, this paper presents an API implementation of the proposed techniques.

In this paper we describe an efficient algorithm for the management of group-keys for Group Communication Systems. Our algorithm is based on the notion of key-graphs, previously used for managing keys in large IP-multicast groups. The standard protocol requires a centralized key-server that has knowledge of the full key-graph. Our protocol does not delegate this role to any one process. Rather, members enlist in a collaborative eort to create the group key-graph. The key-graph contains n keys, of which each member learns log 2 n. We show how to balance the key-graph, a result that is applicable to the centralized protocol. We also show how to optimize our distributed protocol and provide a performance study of its capabilities.

Group key management is an important functional building block for any secure multicast architecture. Thereby, it has been extensively studied in the literature. In this paper we present relevant group key management protocols. Then, we compare them against some pertinent performance criteria.

Multicast is an internetwork service that provides efficient delivery of data from a source to multiple receivers. It reduces the bandwidth requirements of the network and the computational overhead of the host devices. This makes multicast an ideal technology for communication among a large group of participants. Secure group communications involves many service types include teleconferencing, pay TV and realtime delivery of stock quotes.

In this paper we study the key management problem, in the context of Group Communication Systems (GCS). GCSs are mid-sized systems, scaling up to 100 members. We present a side-by-side comparison of three ways of managing keys, studing bandwidth and latency.

Secure group communication protocols, in particular multi-party key agreement and update algorithms, help promote traditional and new Internet multi-party applications such as video conferencing or distance education. We propose a framework for marrying such approaches with access management mechanisms and applications in real environments. Furthermore, we extend this framework with anonymisation techniques for the sake of the individual's privacy. Our solution combines traditional unicast based approaches for privacy with authenticated and encrypted group communication. Thereby, we are able to build closed groups in which the members are not disclosed to outsiders. The introduced secure and anonymous multicast (SAM) framework can be employed as a scalable, configurable architecture for pseudonym based group communication between qualified entities.

In recent years many different proposals have been presented to solve the problem of multicast communication security. There are proposals that employ a central entity, which is responsible for managing the whole group, and thus is not scalable for large groups. Other proposals distribute the group key generation among all members of the group. This also does not scale to large groups because every single member of a group participates in the key generation. Yet, other proposals divide large groups into smaller ones, employing a controller for each subgroup. Although these proposals solve the problem of scalability, other issues are raised. For example, some of these schemes employ a central controller for the subgroup controllers, and thus, if the central (subgroup) controller is compromised the whole group will be disrupted. On the other hand, the proposals, which have solved this issue by removing the subgroup central controller, have introduced new problems such as interference in ...