Key Establishment in Large Dynamic Groups Using One-Way Function Trees
| dc.contributor.author | Sherman, Alan T. | |
| dc.contributor.author | McGrew, David A. | |
| dc.date.accessioned | 2019-02-19T16:45:33Z | |
| dc.date.available | 2019-02-19T16:45:33Z | |
| dc.date.issued | 2003-05-21 | |
| dc.description | IEEE Transactions on Software Engineering | |
| dc.description.abstract | We present, implement, and analyze a new scalable centralized algorithm, called OFT, for establishing shared cryptographic keys in large, dynamically changing groups. Our algorithm is based on a novel application of one-way function trees. In comparison with the top-down logical key hierarchy (LKH) method of Wallner et al., our bottom-up algorithm approximately halves the number of bits that need to be broadcast to members in order to rekey after a member is added or evicted. The number of keys stored by group members, the number of keys broadcast to the group when new members are added or evicted, and the computational efforts of group members, are logarithmic in the number of group members. Among the hierarchical methods, OFT is the first to achieve an approximate halving in broadcast length, an idea on which subsequent algorithms have built. Our algorithm provides complete forward and backward security: Newly admitted group members cannot read previous messages, and evicted members cannot read future messages, even with collusion by arbitrarily many evicted members. In addition, and unlike LKH, our algorithm has the option of being member contributory in that members can be allowed to contribute entropy to the group key. Running on a Pentium II, our prototype has handled groups with up to 10 million members. This algorithm offers a new scalable method for establishing group session keys for secure large-group applications such as broadcast encryption, electronic conferences, multicast sessions, and military command and control. | en |
| dc.description.sponsorship | Support for this research was provided in part by the Defense Advanced Research Projects Agency under contract F30602-97-C-0277. | en |
| dc.description.uri | https://ieeexplore.ieee.org/document/1199073 | en |
| dc.format.extent | 13 pages | en |
| dc.genre | conference papers and proceedings preprints | en |
| dc.identifier | doi:10.13016/m2sfti-7zee | |
| dc.identifier.citation | Alan T. Sherman and David A. McGrew, Key Establishment in Large Dynamic Groups Using One-Way Function Trees, IEEE Transactions on Software Engineering, VOL. 29, NO. 5, MAY 2003, DOI: 10.1109/TSE.2003.1199073 | en |
| dc.identifier.uri | http://doi.org/10.1109/TSE.2003.1199073 | |
| dc.identifier.uri | http://hdl.handle.net/11603/12820 | |
| dc.language.iso | en | en |
| dc.publisher | IEEE | en |
| dc.relation.isAvailableAt | The University of Maryland, Baltimore County (UMBC) | |
| dc.relation.ispartof | UMBC Center for Research and Exploration in Space Sciences & Technology II (CRSST II) | |
| dc.relation.ispartof | UMBC Computer Science and Electrical Engineering Department | |
| dc.rights | This item is likely protected under Title 17 of the U.S. Copyright Law. Unless on a Creative Commons license, for uses protected by Copyright Law, contact the copyright holder or the author. | |
| dc.rights | © 2003 IEEE | |
| dc.subject | broadcast encryption | en |
| dc.subject | conference keying | en |
| dc.subject | cryptography | en |
| dc.subject | cryptographic protocols | en |
| dc.subject | Dynamic Cryptographic Context Management (DCCM) Project | en |
| dc.subject | group keying | en |
| dc.subject | key agreement | en |
| dc.subject | key establishment | en |
| dc.subject | key management | en |
| dc.subject | logical key hierarchy (LKH) | en |
| dc.subject | one-way functions | en |
| dc.subject | one-way function chain (OFC) | en |
| dc.subject | one-way function tree (OFT) | en |
| dc.subject | secure conferences | en |
| dc.subject | secure group applications | en |
| dc.title | Key Establishment in Large Dynamic Groups Using One-Way Function Trees | en |
| dc.type | Text | en |