The Research On Problem And Model Of IP Multicast Security

With the quickly development of Internet, many new applications in Internet have appeared, lots of them are multimedia applications need large bandwidth, such as video conferences, video on demand (VOD), stock information and so on. Multicast was born to handle such situation. Multicast could improve the data transport rate. These advantages make multicast one of the most attractive network technologies. The limitation of IP multicast applications is caused by the contradiction between security and opening. The measure used in unicast cannot be migrated in multicast simply. It is important to implement special secrity guarantee for multicast.Based on the problem of IP multicast, this paper carefully expounded Internet Group Management Protocol for IPv4 and Multicast Listener Discovery Protocol for IPv6, analysed the security problem about the management of group. Although the security problem about the management of group does not directly menace the security of traffic and keys management of multicast, it is still important because the group management protocol and the inter domain router protocol was the base of transmition of multicast data. This paper expounded the Management using Arbitrarily Revealed Key Sequences scheme and the Logical Key Hierarchy scheme. The Management using Arbitrarily Revealed Key Sequences scheme uses the method of preplanned communication time to realize key management. The Logical Key Hierarchy scheme is security and scalable, and it can be transformated to lower the overhead of key management. We combine the Management using Arbitrarily Revealed Key Sequences scheme and the Logical Key Hierarchy scheme into a new scheme, and modelized the new scheme. This paper used the active attack model and the passive attack model to analyse the Logical Key Hierarchy scheme and found that it cannot provide the backward-security under the active attack. We modelized the key graph and found that this problem will be eliminated by using a one-way function during rekey event. We transformated the Logical Key Hierarchy scheme and realized the backward-security in the active attack.