Efficient Multicast Key Distribution Using HOWP-based Dynamic Group Access Structures

When assigning personal keys, stateful multicast key distribution (MKD) protocols usually rely on some type of dynamic group access structure which helps achieve a better tradeoff among storage, communication and computation overheads. However, there exist some stateful MKD protocols whose personal key assignments are based on two static group access structures called Dual Hash Chain (DHC) and Binary Hash Tree (BHT). We introduce two new types of group access structures called Dual Homomorphic One-way Function Chain (D-HOFC) and Top-Down Homomorphic One-way Function Tree (TD-HOFT). Both can be regarded as dynamic counterparts of DHC and BHT, respectively. Our research motivation is to investigate what benefits these two new dynamic structures will bring for MKD protocols compared with their static counterparts. Using D-HOFC, we propose a time-based MKD protocol that counters the rejoining member attack on a DHC-based protocol, and a stateful user-based MKD protocol that has a lower computational overhead for Group Controller (GC) than the DHC-based protocol. Using TD-HOFT, we design a stateful user-based MKD protocol that outperforms the original EKT protocol. Performance comparisons and experiment results show that our protocols based on dynamic structures have their own advantages compared with those based on the corresponding static counterparts

Exclusive Key Based Group Rekeying Protocols

In this paper, we first clarify the meaning of research on 1-resilient group rekeying protocols by showing that they are actually building blocks for constructing hybrid group rekeying protocols with tunable collusion-bandwidth tradeoffs. We then construct secure and efficient 1-resilient group rekeying protocols based on the idea of exclusive key. Given a group of users, an exclusive key for a user i is a key shared by all users in this group except i, and thus can be used to exclude i from this group effectively. We first present three personal key assignment algorithms based on this idea. The first is based on independent exclusive keys, and thus has a great storage requirement. The other two are based on functionally-dependent exclusive keys, and thus greatly reduce the storage requirement. Employing each personal key assignment algorithm, we propose both a stateful group rekeying protocol and a stateless one. We prove that all six protocols are secure against single-user attacks (i.e., 1-resilient) in a symbolic security model. Performance comparisons between our protocols and related ones show that either of the proposed Protocol III and Protocol III’ is the best in its own class