Information Technology Reference
In-Depth Information
decrypt new information. There are other features of schemes that are directly
related to reliability. One of them is the
self-healing
property: in some schemes
members are able to obtain lost keying material without needing to make new
requests to the Key Server. Finally, secure multicast protocols can be divided
into
stateful
and
stateless
. In the former, re-key messages contain modifications
on the previous keying states and thus users must be aware of all re-key op-
erations performed since their arrival. In the latter, members may obtain all
the keying material from scratch at every re-key operation, which clearly makes
them more resilient against faulty networks. Addressing these reliability issues
has become the trend in the last years due to the popularization of mobile and
ad-hoc networks.
Centralized secure multicast schemes are of great use thanks to its simplicity
and the popularization of services like IPTV [1] and ad-hoc networks. Even in
decentralized architectures for huge audiences they appear at the core of ev-
ery separate group. Therefore, centralized schemes are an important part of the
secure multicast global field. This paper presents a selection of the most im-
portant centralized secure multicast protocols to the date, due to the recent
appearance of new proposals that, for obvious reasons, were not included in
previous surveys [2][3] (another interesting, updated survey is [4]). Schemes are
discussed and compared attending to the properties mentioned above, and di-
vided into three main categories attending to the scenario they are addressed
to: (1) general-purpose schemes, suitable for a wide range of applications, (2)
multi-group schemes, specially useful in scenarios that involve several different
information channels (such as IPTV platforms) and (3) self-healing schemes for
ad-hoc networks. The following notation will be used along the paper. The single
entity that manages the re-keying process receives the name
Key Server
.Hosts
that conform the main body of the network are named
members
.
h
and
d
denote
trees height and degree, respectively. The total number of members is given by
n
.
b
is the bitlength of a symmetric key. Additional specific notation will be indi-
cated where needed. Sections 2, 3 and 4 review the three categories respectively,
discuss them and show comparisons. Section 5 concludes the survey and gives a
global vision of the field.
2 General-Purpose Schemes: LKH and Extensions
General purpose schemes were the first ones to appear and have been around for
more than ten years now. One of the earliests is the Group Key Management
Protocol (GKMP) [5], in which the Key Server shares a key with every member
in the audience and a common group key. Some re-key operations require a uni-
cast connection with each member, hence the scheme scales poorly. Among the
different existing approaches, the hierarchical tree of keys is clearly the preferred
one, due to its smart arrangement of users and keys. The first scheme of that
kind was the Logical Key Hierarchy (LKH) [6] [7]. In order to reduce the num-
ber of re-key messages per join/leave operation of the trivial approach, a logical
tree is built with randomly chosen
user keys
at the leaves. Figure 1(a) depicts
Search WWH ::
Custom Search