Multicast Security Issues and Solutions Outline Explain multicast and its applications Show why security is needed Discuss current security implementations Explain the different ways of doing multicast Go in-depth into key management What is Multicast? Unicast Broadcast One-to-one communication One-to-all communication Multicast One-to-many communication Many-to-many communication Applications of Multicast Online chat groups Streaming video/audio Videoconferencing Multiplayer games Need for Security Protecting trade secrets Confidential chat Government use Pay-per-view Online auctions Why Security is Hard Open group membership Everyone gets same packets Anyone can view or insert data into group No individualization or customization Senders need not be members Can’t control information that goes to the group Security Solutions Authentication (senders and receivers) Access control (senders and receivers) Restrict membership Restrict who can send data Key management Identify the members of the group Provide confidentiality and integrity Fingerprinting Make each receiver’s data unique IP vs. Application-Layer Multicast IP Multicast Network supported Minimum traffic Least control over access Application-Layer Multicast More versatile (no network support required) Full control over the group More network overhead Group Key Management Basic schemes Hierarchical schemes Iolus, Logical Key Hierarchy Batch schemes GKMP, SMKD MARKS Trade-off schemes CVA, HySOR Basic Key Distribution Single group key Pair-wise distribution Slow Non-scalable Hierarchical Key Distribution Logical groups Central management Tree structure Isolation of keying Node hierarchies Sub-group managers Batch Rekeying Reduce rekey operations Less overhead Sacrifice forward/backward secrecy New Approach No group key Arbitrary message key Personal keys for each node Key encryption keys New Approach Extreme hierarchical case Sub-group size of 1 Rekey isolation Take advantage of inherent topology How it Works Certificates Personal keys Message keys Join/Leave operations Advantages Highly scalable Fast rekey operations Low message overhead Remaining Issues Vulnerable to Denial of Service Performance dependent on the overlay topology Takeaway Points Wide range of applications Many require security Current approaches are insufficient Need a usable key management scheme Resources http://www.cs.virginia.edu/~mngroup http://www.securemulticast.org/ References Paul Judge and Mostafa Ammar, Security Issues and Solutions in Multicast Content Distribution: A Survey, IEEE Network. January/February 2003. Germano Caronni, M.W., Dan Sun, Bernhard Plattner, Efficient Security for Large and Dynamic Multicast Groups. in IEEE 7th Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises, (1998). Guang-Huei Chiou, W.-T.C. Secure Broadcasting Using the Secure Lock. IEEE Transactions on Software Engineering, 15 (8). Suvo Mittra Iolus: A Framework for Scalable Secure Multicasting, Proceedings of the ACM SIGCOMM '97. September 1997.