Presentation By: Garrett Lund
Paper By: Sandro Rafaeli and David Hutchison

Overview
 Background Information
 IP Multicast



Assumptions
Requirements
 Rekeying Methods
Centralized Group Key Management Protocols


Decentralized Architectures
Distributed
 Ethics
 Sources

IP Multicast
 Between Unicast and Broadcast
 Network Switches and Routers are responsible for replication and distribution

IP Multicast Applications

IP Multicast Applications

Encryption Review
 Obviously some of these applications require limited access.
 No public key, but a “group key”

Assumptions
 When a user joins, we have a way to get them their first key
 When a user leaves there is a possibility of them continuing to acquire messages
 Every user eventually gets the intended messages

Membership Changes
 Groups need to be dynamic, allowing (authorized) members to join the group and allowing administrators to expel members from the group
 Backwards Secrecy
 Forward Secrecy

Rekeying
 We need a way to get new keys to the users
 Since multicast is being used for group transmission, it is assumed that multicast should be used for rekeying the group
 Three Approaches
 Centralized
 Decentralized
 Distributed

Rekeying Requirements
 Storage Requirements
 Size of Rekey Messages
 Backwards Secrecy
 Forwards Secrecy
 Collusion

Overview
 Background Information


IP Multicast
Assumptions
 Requirements
 Rekeying Methods


Centralized Group Key Management Protocols
Decentralized Architectures
 Distributed
 Ethics
 Sources

Centralized Approaches
 We have a Key Distribution Center (KDC)
 KDC is in charge of managing all of the group’s keys

Simple
 Assign a secret key to each member
 Use a group key to send group messages
 Each member can recover the group key from the appropriate segment of the rekey message using its secret key

Simple Example
Rekey Message
DSFDBSAF
SDFREGEF
DSFAGFAS
FD@#DSG
FDGFDPG
GFDSFDH
JHFTY546
GFD5FGS&
GF5REYHH
. . .
User F
GFDSFDH
Secret Key
Group Key

Simple Example
DFDS#@FDSA
User F
Secret Key
Group Key
Secret Message

Simple Problems
 1. The KDC has to encrypt the new key n times
 2. The message could potentially be huge
 If n = 1 million and K is 56 bits
 The message would be 10 MB long
 3. You have to develop a protocol so that each user knows which part of the message is appropriate for them to decrypt with their secret key

Group Key Management Protocol
(GKMP)
 Have 2 group keys and no secret key
 One Group Transmission Encryption Key (GTEK)
 One Group Key Encryption Key (GKEK)
 GKEK used to encrypt the GTEK when it changes
 Since GKEK will never change, the system lacks forward secrecy, you cannot kick a member out since they will always know the GKEK

Logical Key Hierarchy (LKH)
 Use a balanced Binary Tree to store keys hierarchically

LKH Example
Rekey Message
DSFDBSAF
…
SDFREGEF
…
DSFAGFAS
…
FD@#DSG
…
FDGFDPG
…
GFDSFDH
…
JHFTY546
Corresponds to: k
K14
K58
K12
K34
K56
K78
We Want k k3 k34 k14 k
User u3

Logical Key Hierarchy (LKH)

Other Centralized Approaches
 One-Way Function Trees (OFT)
 One-Way Function Chain Trees (OFCT)
 Clustering
 Centralized Flat Table (FT)
 Efficient Large-Group Key (ELK)

Centralized Approach Summary

Decentralized Approaches
 Split the group into subgroups

Decentralized Approaches

Distributed Models
 Two methods
 Every member contributes
 Pick a member at random

Distributed Example LKH

Distributed Summary

Ethics

Sources
 "IP Multicast Technical Overview." Cisco Systems, Inc.
Web.< http://www.cisco.com/en/US/prod/collateral/io sswrel/ps6537/ps6552/prod_white_paper0900aecd804 d5fe6.pdf
>.
 Rafaeli, Sandro, and David Hutchison. "A Survey of
Key Management for Secure Group Communication."
ACM Digital Library. Lancaster University, Sept. 2003.
Web. < http://portal.acm.org/citation.cfm?id=937506 >.
 Wikipedia