The Design of Key Management Schemes for Secure Broadcasting

• Main Authors: Ren-Hung Lin, 林仁宏
• Other Authors: Jinn-Ke Jan
• Format: Others
• Language: en_US
• Published: 2008
• Online Access: http://ndltd.ncl.edu.tw/handle/25376888109081115624

博士 === 國立中興大學 === 應用數學系所 === 96 === Due to the great improvement in speed and reliability of Internet technology, servers are able to provide many different services for end users. One popular application is broadcast service. Millions of broadcast messages are transmitted to end users every day. For examples, video transmissions, daily news feeds, live multi-party conferencing, and online video games are some of end users’ favorite broadcast services. If some end users are not authorized to access the particular messages, senders should protect the confidentiality of what are broadcasting. Therefore, a major security challenge for broadcast communications is to provide efficient methods for controlling authorized accesses. Encrypting the original messages (plain text) with secret information (secret key) is a popular way to keep the privacy of messages. The plain text will be transformed to a confused one (cipher text) after being processed with encryption techniques. Usually, when authorized end users register at a server, they are assigned their own secret keys and are able to recover (decrypt) the cipher text received later. On the other side, even though unauthorized end users may receive each broadcast message through public mediums used for transmission, they cannot read the confidential messages because they do not own the specific secret key. Enabling the available protocols such as IPsec (IP security), SSL (Secure Sockets Layer), or TLS (Transport Layer Security) can encrypt the packets to achieve the secrecy requirements. However, the complexity of communications will be raised substantially. When using IPsec or SSL/TLS to ensure the secrecy, each of the two parties must establish a secure point-to-point link respectively for communications. In an n-members group, if one sender wants to transmit (broadcast) an identical message to the other members simultaneously, the system needs to establish distinct links for secure transmissions. The needed bandwidth goes up with the order of n, namely the communication complexity is O (n). When the size of group goes up, it needs much more computing power and communication bandwidth to handle the problem of scalability. Moreover, when the communicating has lasted for a period of time, the system has to be enabled with a negotiation for each link to produce a different secret key. If we use IPsec or SSL/TLS to secure the broadcast messages, the communication complexity of re-keying will increase with n, namely with respect to the size of group. The scalability of system will be degenerated by the increasing of end users. Particularly when communicating via wireless mediums, the available bandwidth in a wireless environment is much less than in a wired one. Therefore, an efficient scheme must be developed to solve the scalability problem of secure broadcasting. We propose key management schemes for secure broadcasting to reduce the key storage requirement of senders and the order of communication complexity when re-keying the session keys used for secure broadcasting. A service provider can efficiently manage each member’s content request and provide various services at the same time. When the initiation phase is completed, group members can freely communicate one another in security as long as they are the same network system with no need of a group controller. Moreover, with our schemes, group members are not required to be on-line constantly for saving the changes to the system.