Chinese Remainder Theorem based single and multi-group key management protocols.

摘要

Modern communication network has made information sharing very easy. Information can be transmitted between two users through unicasts, or among a group of users through broadcasts or multicasts. Since most of the communication networks are transmitting information through public media, it brings the need for access control to transmitted data. Cryptographic techniques have been widely used to protect messages exchanged among users. Sharing a common secret, key only among the legitimate information users is the fundamental requirement of current available cryptographic techniques. There are many widely accepted algorithms which are designed to distribute a, shared key to two users. However, it is a challenge to efficiently distribute a common secret key to a group of users.; Researchers have proposed different designs for group key management (GKM). In general GKM protocols need to consider the trade-off between key server side and user side costs, which includes space, computation, and messaging requirements. The currently available representative set of GKM protocols require the key server to do O(log n) of key computation and transmission, and each user to have O(log n) of key space and do O(log n) of key processing, for a group with n users.; In this dissertation, we propose a set of GKM protocols, which are based on the Chinese Remainder Theorem. Each of our protocols is specifically designed for a different scenario. The Fast Chinese Remaindering Group Key Management Protocol is designed for small groups. The Hierarchical Chinese Remaindering Group Key Management Protocol is designed for medium to very large groups. The Chinese Remaindering Multi-Group Key Management Protocol is provided to manage multiple groups simultaneously. In general our protocols optimize the number of re-key message and user-side key computation and storage to O(1), and require the server to do O(n) computation for a small group and the server and subgroup controllers to do O(m) computation for a large group, where n is the group size and m is the average subgroup size. Additionally, the main computation of our protocols only involves XOR, modulo arithmetic, and multiplication. While, other protocols use encryption, decryption, and hashing, which are slower since those computations involve multiple rounds of the basic operations (XOR, multiplication, modulo, and so on). Security analysis has shown that our protocols satisfy all of the three security requirements of group communication: forward secrecy, backward secrecy, and counter collusion attack. Our protocols have also been demonstrated to be practically deployable by our simulated performance evaluation.