| Secure distribution of information to authorized recipients is an important prerequisite for group applications with commercial potential. Typically in such applications data traffic is encrypted using a single key, called the group key. Group Key Management (GKM) is the core problem for secure group communication because the restriction on the access to the data relies on that only legitimate receivers know the group keys. This dissertation addresses the scalability and robustness of existing GKM systems. First of all, we define a new metric, exposure, to explicitly measure the deviation from perfect secrecy due to relaxed rekey policies. Based on this new metric, exposure-oriented rekeying gives a tighter control on the deviation and reduces the maximum resource requirement of rekeying at the key server. Second, we propose an approach to use peer receivers to help members recover from rekey packet loss. This approach reduces the resource requirement at the key server by offloading the reliability functionality to group members. Third, we address the approach to use multiple servers to act as a single logical server. By overlapping the group membership at multiple servers, the robustness and the scalability of a GKM system is further improved. Finally, we discuss the implementation issues of our improved GKM system.; Keywords. Secure Multicast, Group Key Management, scalability, reliable multicast, robustness... |
