Information Technology Reference
In-Depth Information
where evictions across the leaves of the tree occur randomly with a reasonably
uniform distribution. Therefore, since we cannot exploit any locality constraints,
the number of evictions within a given time window directly correlates to the
size of the KHT-WS.
6
Conclusion
We have proposed a new method to deal with off-line members in dynamic, secure
groups that share a key. In many applications, members that are back on-line
are just interested on knowing the current key, and not all the keys negotiated
while they were off-line. We use a simple data structure, the KHT, to filter
updates from a popular group rekeying algorithm, LKH. We further prune this
information with an estimation of the current rekey status of valid members,
obtaining a compact annotation. We present an example application, AGCD,
that embeds this annotation with subscribed content, allowing recovery of off-
line members without jeopardizing their anonymity. Simulation results show the
benefit of our approach over more conventional methods.
Acknowledgements
We would like to thank the members of the Serrano team at HPL-ASD, in
particular, Patrick Goldsack and Peter Toft, for many discussions that heavily
influenced the ideas in this paper. Brian Monahan and other members of HPL-
TSL gave important feedback to this document. Chris Tofts and Richard Taylor
suggested the method used to generate simulation traces. Lada Adamic gave
feedback on creating more realistic simulation workloads.
References
1. Debby M. Wallner and Eric J. Harder and Ryan C. Agee: Key Management for
Multicast: Issues and Architectures. IETF, no 2627 (1999)
2. Ran Canetti and Juan Garay and Gene Itkis and Daniele Micciancio and Moni
Naor and Benny Pinkas: Multicast Security: A Taxonomy and Some Ecient Con-
structions. INFOCOMM'99 (1999) 708-716
3. David A. McGrew and Alan T. Sherman, Key Establishment in Large Dynamic
Groups Using One-Way Function Trees. (1998)
4. Wong, Chung Kei and Mohamed G. Gouda and Simon S. Lam: Secure Group
Communications Using Key Graphs. (1998) Proceedings of the ACM SIGCOMM
Computer Communication Review, Vol. 28, No. 4 (Oct. 1998) 68-79
5. Ran Canetti and Pau-Chen Cheng and Frederique Giraud and Dimitrios Pen-
darakis and Josyula R. Rao and Pankaj Rohatgi: An IPSec-based Host Architec-
ture for Secure Internet Multicast. 49-65
6. Mark Baugher and Ran Canetti and Thomas Hardjono and Brian Weis: IP Multi-
cast issues with IPsec. (2002)
7. Adrian Perrig and Dawn Song and Doug Tygar: ELK, a New Protocol for Ecient
Large-Group Key Distribution. 247-262
