Abstract

Efficiently managing cryptographic keys for large, dynamically changing groups is a difficult problem. Every time a member is evicted from a group, the group key must change; it may also be required to change when new members are added. The members of the group must be able to compute a new key efficiently, while arbitrary coalitions of evicted members must not be able to obtain it. Communication costs must also be considered.
Real-time applications, such as secure audio and visual broadcasts, pay TV, secure conferencing, and military command and control, need very fast re-keying so that changes in group membership are not disruptive. To deal with large group sizes (eg 100,000 members), we seek solutions whose rekeying operations “scale” well in the sense that time, space, and broadcast requirements of the method grow at most logarithmically in the group size. Key management for these applications should be able to take advantage of efficient broadcast channels, such as radio broadcast and Internet multicast.

Date

1999

Authors

David Balenson, David McGrew, Alan Sherman

Pages

28

Publisher

Internet-Draft