Share Email Print
cover

Proceedings Paper

Protocol design for scalable and reliable group rekeying
Author(s): Xincheng Brian Zhang; Simon S. Lam; Dong Young Lee; Yang Richard Yang
Format Member Price Non-Member Price
PDF $14.40 $18.00
cover GOOD NEWS! Your organization subscribes to the SPIE Digital Library. You may be able to download this paper for free. Check Access

Paper Abstract

We present the design and specification of a scalable and reliable protocol for group rekeying together with performance evaluation results. The protocol is based upon the use of key trees for secure groups and periodic batch rekeying. At the beginning of each rekey period, the key server sends a rekey message to all users consisting of encrypted new keys (encryptions, in short) carried in a sequence of packets. We present a simple strategy for identifying keys, encryptions, and users, and a key assignment algorithm which ensures that the encryptions needed by a user are in the same packet. Our protocol provides reliable delivery of new keys to all users eventually. It also attempts to deliver new keys to all users with a high probability by the end of the rekeying period. For each rekey message, the protocol runs in two steps: a multicast step followed by a unicast step. Proactive FEC multicast is used to control NACK implosion and reduce delivery latency. Our experiments show that a small FEC block size can be used to reduce encoding time at the server without increasing server bandwidth overhead. Early transition to unicast, after at most two multicast rounds, further reduces the worst-case delivery latency as well as user bandwidth requirement. The key server adaptively adjusts the proactivity factor based upon past feedback information; our experiments show that the number of NACKs after a multicast round can be effectively controlled around a target number. Throughout the protocol design, we strive to minimize processing and bandwidth requirements for both the key server and users.

Paper Details

Date Published: 25 July 2001
PDF: 22 pages
Proc. SPIE 4526, Scalability and Traffic Control in IP Networks, (25 July 2001); doi: 10.1117/12.434417
Show Author Affiliations
Xincheng Brian Zhang, Univ. of Texas at Austin (United States)
Simon S. Lam, Univ. of Texas at Austin (United States)
Dong Young Lee, Univ. of Texas at Austin (United States)
Yang Richard Yang, Univ. of Texas at Austin (United States)


Published in SPIE Proceedings Vol. 4526:
Scalability and Traffic Control in IP Networks
Sonia Fahmy; Kihong Park, Editor(s)

© SPIE. Terms of Use
Back to Top