Key Establishment in Large Dynamic Groups Using One-Way Function Trees

  title={Key Establishment in Large Dynamic Groups Using One-Way Function Trees},
  author={Alan T. Sherman and David A. McGrew},
  journal={IEEE Trans. Software Eng.},
We present, implement, and analyze a new scalable centralized algorithm, called OFT, for establishing shared cryptographic keys in large, dynamically changing groups. Our algorithm is based on a novel application of one-way function trees. In comparison with the top-down logical key hierarchy (LKH) method of Wallner et al., our bottom-up algorithm approximately halves the number of bits that need to be broadcast to members in order to rekey after a member is added or evicted. The number of keys… 

Figures and Tables from this paper

An LKH Method Based on the Behavior of Group Members in Secure Multicast
The simulation result indicate that R-LKH has a better improvement over LKH if the multicast group members’ behavior could be distinguished “approximately”.
A New Group Rekeying Method in Secure Multicast
The simulation results indicate that the new method has a better improvement over traditional LKH method even if the multicast group members’ behavior could be distinguished “approximately”.
New Method to Compute Auxiliary keys in LKH based Secure Group Key Management Scheme
  • R. Aparna, B. B. Amberker
  • Computer Science
    2008 16th International Conference on Advanced Computing and Communications
  • 2008
This paper proposes a scheme to reduce the load on the key server from O(mlogmn) to O(m) for a group of n users with the degree of the tree being m, which reduces the rekeying complexity.
Efficient Multicast Key Management for Stateless Receivers
A hierarchical binary tree-based key management scheme for a dynamic large group with one group controller(GC), especially well suitable to stateless receivers, who do not update their state from session to session.
An Improved Key Management Scheme for Large Dynamic Groups Using One-Way Function Trees
An improved version of the BMS scheme is described that ensures none of the evictee and the new member can collude to get the group key that they should not know without incurring much additional computational overhead to the system.
A Centralized Key Table based Communication Efficient Group Key Management Protocol
This paper presents a centralized key table based communication efficient group key management protocol in which number of rekeying messages is independent of the group size, and requires less computation.
A novel high-order tree for secure multicast key management
  • Haibin Lu
  • Computer Science
    IEEE Transactions on Computers
  • 2005
An NSBHO (nonsplit balancing high-order) tree in which balancing tree after member joining does not involve node splitting, thus having 2h worst-case rekeying cost.
Key History Tree: Efficient Group Key Management with Off-Line Members
A safe caching mechanism particularly suited for LKH (Logical Key Hierarchy) schemes, built using only publicly available information, so it can be safely replicated over the network, and its operation is transparent to clients and key managers.
A new probabilistic rekeying method for secure multicast groups
This paper focuses on further reducing the rekey cost by organizing LKH tree with respect to rekey probabilities of members using new join and leave operations, and shows results that show that this scheme performs 18 to 29% better than PLKH and 32 to 41%better than LKh.


Key Management for Large Dynamic Groups: One-Way Function Trees and Amortized Initialization
A scalable method for establishing group session keys for secure large, dynamic groups such as multicast sessions is presented and implemented based on a novel application of One-Way Function Trees (OFTs).
Key management for secure lnternet multicast using Boolean function minimization techniques
  • I-Pin Chang, R. Engel, D. Kandlur, D. Pendarakis, D. Saha
  • Computer Science
    IEEE INFOCOM '99. Conference on Computer Communications. Proceedings. Eighteenth Annual Joint Conference of the IEEE Computer and Communications Societies. The Future is Now (Cat. No.99CH36320)
  • 1999
This paper explores the use of batching of group membership changes to reduce the frequency, and hence the cost, of key re-distribution operations and presents an algorithm that minimizes the number of messages required to distribute new keys to the remaining group members.
ELK, a new protocol for efficient large-group key distribution
ELK, a novel key distribution protocol, is designed and implemented to address security challenges of secure media broadcast over the Internet with perfectly reliable, super-efficient member joins and smaller key update messages than previous protocols.
Efficient security for large and dynamic multicast groups
  • G. Caronni, M. Waldvogel, Dan Sun, B. Plattner
  • Computer Science
    Proceedings Seventh IEEE International Workshop on Enabling Technologies: Infrastucture for Collaborative Enterprises (WET ICE '98) (Cat. No.98TB100253)
  • 1998
A series of novel approaches for achieving scalable security in IP multicast, providing privacy and authentication on a group-wide basis are proposed, and have low complexity (O(log N) or less) which grants scalability even for large groups.
Probabilistic Methods in Multicast Key Management
Simulation results show that these algorithms can reduce the cost of multicast key management significantly, depending on the variation of rekey characteristics among group members.
Secure group communications using key graphs
It is shown that the group key management service, using any of the three rekeying strategies, is scalable to large groups with frequent joins and leaves, and the average measured processing time per join/leave increases linearly with the logarithm of group size.
Using AVL trees for fault-tolerant group key management
This paper describes an efficient algorithm for the management of group keys for group communication systems based on the notion of key graphs, and shows how to balance the key graph, a result that is applicable to the centralized protocol.
Communication-Efficient Group Key Agreement
A key agreement protocol previously proposed by Steer et al. is resurrected and extended to handle dynamic groups and network failures such as network partitions and merges and provides key independence, i.e. a passive adversary who knows any proper subset of group keys cannot discover any other group keys not included in the subset.
Perfectly-Secure Key Distribution for Dynamic Conferences
This paper considers the model where interaction is allowed in the common key computation phase, and shows a gap between the models by exhibiting an interactive scheme in which the user's information is only k + t - 1 times the size of the commonKey.
An Information Theoretic Analysis of Rooted-Tree Based Secure Multicast Key Distribution Schemes
It is shown that the optimal average number of keys per member in a rooted tree is related to the entropy of the member revoke event and the relationship between entropy of member revocation event and key length.