Rekeying in secure mobile multicast communications

摘要

A method of inter-area rekeying of encryption keys in secure mobile multicast communications, in which a Domain Group Controller Key Server (Domain GCKS) distributes Traffic Encryption Keys (TEK) to local Group Controller Key Servers (local GCKS) serving respective group key management areas. The local Group Controller Key Servers forward the Traffic Encryption Keys, encrypted using Key Encryption Keys (KEKi, KEKj) that are specific to the respective local Group Controller Key Server (local GCKSi, GCKSj), to group members situated in the respective group key management areas. The local Group Controller Key Servers (GCKSi, GCKSj) constitute Extra Key Owner Lists (EKOLi, EKOLj) for the group key management areas (areai, areaj). The EKOLi list tracks group members (MMij) possessing Key Encryption Keys (KEKi) that were situated in the corresponding group key management area (areai) but are visiting another area (areaj), The local Group Controller Key Servers forward the Traffic Encryption Keys (TEK) to group members (MMij) visiting the respective group key management areas (areaj) encrypted using a Visitor Encryption Key (VEKj) that is specific to the respective local Group Controller Key Server (GCKSj) and is different from the Key Encryption Key (KEKj). The local Group Controller Key Servers (GCKSi, GCKSj) also constitute Visitor Key Owner Lists (VKOLi, VKOLj). The VKOLi list tracks group members (MMij) possessing Visitor Encryption Keys (VEKi) that were situated in the corresponding group key management area (areai) but are visiting another area (areaj).