群密钥分配的动态安全性及其方案

相对于端到端的通信、安全群组通信更为复杂,从基本算法,系统及安全协议到安全实现都存在需解决的问题,安全群通信的一个基本方法是所有群成员共享一个群密钥、如何将群密钥安全有效地分配给群组的成员是安全群通信应用的一个基本问题,它的难点在于群线的动态性,针对该问题,目前已提出了各种解决方案,这些方案大致可分为两类：集中式管理和分布式管理,现有的群密钥分配方案分析,该文提出了可扩展的安全群密钥分配方案的教学模型,基于该模型形式地定义了群密钱分配的动态安全性,现有群密钥分本的数学描述只能刻画群密钥分配静态的安全性,与之相比该文提出的模型是更为实用的。随后,定义了群密钥分配方案的方法,作为这种构造方法的应用实例,提出了一个新的适用于大数量的,动态组播群组的群密钥分配方案,该方案采用分层管理结构,可高效地处理群成员的动态加入和退出,在单向函数假设条件下,它的安全性是可证明的,不依赖计算复杂性密码学假设,该方案中可以通过设立了群管理员分散对成员的管理,降低群中心管理员的负担,因而,可灵活应用于集中式和分布式的应用环境。

Dynamic Security of Group Key Distribution and Its Solutions

Secure group communication is more complicated than peer to peer communication, and poses a number of challenges ranging from basic algorithms, systems and secure protocols to secure implementation. One standard approach to secure group communication is to have a group key shared by every group member. It is an essential problem for secure group communication applications to distribute securely and efficiently the group key to every group member. The difficulty of this problem is due to group dynamics. To solve the problem, many solutions have been proposed, which can mainly be classified into two kinds: centralized key management and distributed key management. In this paper, by analyzing the existing schemes of group key distribution, we propose a mathematical model for scalable secure group key distribution schemes, and the dynamic security of group key distribution is formally defined based on this model. The model is more practical by noting that existing formal models are only capable of characterizing the "static" security. Furthermore, a composition operation for group key distribution schemes is introduced, and a sufficient condition that preserves the security under the composition operation is given. Then it develops an approach for constructing secure scalable group key distribution schemes. As a practical example for applying this approach, a new group key distribution scheme for large and dynamic multicast groups is proposed. The scheme proposed in this paper is based on hierarchical management and can efficiently handle the joining and leaving of group members. Its security is provable under the assumption of one way function and independent of the computational complexity of cryptography. In the scheme subgroup managers may be introduced to distribute the management for group members and reduce the overhead of the group center manager. Alternatively, the scheme can be applied to centralized and distributed environments.