一种新的基于密钥树、XOR操作及单向函数的组密钥管理方案

摘要

在基于密钥树的组密钥管理方案中引入了XOR操作以及单向函数链,提出了一种新的基于密钥树、XOR操作以及单向函数链的组密钥管理方案,介绍了新方案中初始化、成员加入以及成员退出的操作,将新方案与3种基于密钥树的组密钥管理方案SKDC,LKH,OFT进行了比较,数据表明:就传输、计算以及存储开销而言,新的组密钥管理方案性能最优.分析了新方案的安全性问题,该方案能保证前向以及后向安全性:新加入的组成员不能获得以前的组播报文,而且即使任意多个退出组播组的组成员进行合谋也不能获得以后的组播报文.%By introducing XOR operation and one-way function chains to group key management schemes based on the keys tree, a new group key management scheme based on the keys tree, XOR operation and one-way function chains is proposed. Initialization, member adding and member evicting operations are introduced. The new scheme is compared with three other group key management schemes which are based on the keys tree:SKDC, LKH, and OFT. As far as transmission, computation and storage costs are concerned, the performance of the new group key management scheme is the best. The security problem of the new scheme is analyzed. This new scheme provides backward and forward security, i.e., newly admitted group members cannot read previous multicast messages and evicted members cannot read future multicast messages, even with collusion by many arbitrarily evicted members.