Design of Secure Group Key Management System

초록

Needs of Information Security in Multicast is increased. As clients join or leave a specific service group, Backward and Forward Secrecy problem occurred. Solving this problem, service group will make a re-key operation periodically. But because of this operation need translation frequently, it may have a bad influence to Real time property which needs minimum bandwidth requirement. In this paper, we proposed a Group Key Management System, which is comprised of two levels, KD(Key Distributor) subsystem and subgroup, for managing encryption key. A KD(Key Distributor) subsystem is composed of SKD(Subgroup Key Distributor)s and TKD(Top-level Key Distributor). A SKD manages a encryption key of a subgroup. A TKD generates a KD group key that is a encryption key used in a KD group and transmits it to SKDs with safety. Subgroup consists of hosts in Multicast group. Hosts and a SKD share a encryption key, a subgroup key. This key is generated by a SKD and cannot be disclosed outside of the subgroup. As a result, a load of key management can be distributed into many KD so that the overhead of key translation can be decreased, which is needed at each stage of Multicast traffic. In joining and leaving a Multicast group frequently, a group key is distributed only in a specific subgroup. Therefore the overhead needed to redistribute a key can be decreased. By reducing overhead from security service, we expect to satisfy real time property.