This document describes a key management mechanism for multicastcommunication sessions that is based on the 'Subset-Difference'algorithm. The Subset-Difference algorithm is a new revocationscheme which allows a Center (such as a Group Controller/ Key Manager)to send a message so that *every* authorized receiver, butnone of the revoked receivers, can decrypt. This message consists of only 2rkeys, where r is the number of revoked group members.In this draft we first describe this new revocation scheme, andthen then discuss how it can be used for key managementin Secure Multicast applications. Its main advantage is that iteliminates the need for a mechanism that allows individual updates incase a user did not receive or did not perform the required re-keingoperations. This is particularly useful in settings with unreliablecommunication or high rates of packet loss. It also providesan elegant and efficient solution for the backward secrecyproblem. The algorithm guarantees complete secure multicastcommunication even if all revoked users (non group-members)collude their keys.
展开▼
