A New Internet-Draft is available from the on-line Internet-Drafts directories.
Title : Key Management for Large Dynamic Groups: One-Way
Function Trees and Amortized Initialization
Author(s) : D. Balenson, D. McGrew, A. Sherman
Filename : draft-irtf-smug-groupkeymgmt-oft-00.txt
Pages : 32
Date : 06-Sep-00
We present and implement a scalable method for establishing
group session keys for secure large, dynamic groups such as
multicast sessions. Our method is based on a novel application
of One-Way Function Trees (OFTs). The number of keys stored by
group members, the number of keys broadcast to the group when
new members are added or evicted, and the computational efforts
of group members, are logarithmic in the number of group members.
The method provides perfect forward and backward security:
evicted members cannot read future messages, even with collusion
by arbitrarily many evicted members, and newly admitted group
members cannot read previous messages. In comparison with the
Logical Key Hierarchy (LKH) of Wallner et al., our algorithm
roughly halves the number of bits that need to be broadcast to
members in order to re-key after a member is added or evicted.
In addition, and unlike LKH, our algorithm has the option of being
member contributory in that members can be allowed to contribute
entropy to the group key. Running on a Pentium with 64 MB of RAM,
our prototype has handled groups with up to 100,000 members.
A URL for this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-irtf-smug-groupkeymgmt-oft-00.txt
Internet-Drafts are also available by anonymous FTP. Login with the username
"anonymous" and a password of your e-mail address. After logging in,
type "cd internet-drafts" and then
"get draft-irtf-smug-groupkeymgmt-oft-00.txt".
A list of Internet-Drafts directories can be found in
http://www.ietf.org/shadow.html
or ftp://ftp.ietf.org/ietf/1shadow-sites.txt
Internet-Drafts can also be obtained by e-mail.
Send a message to:
[EMAIL PROTECTED]
In the body type:
"FILE /internet-drafts/draft-irtf-smug-groupkeymgmt-oft-00.txt".
NOTE: The mail server at ietf.org can return the document in
MIME-encoded form by using the "mpack" utility. To use this
feature, insert the command "ENCODING mime" before the "FILE"
command. To decode the response(s), you will need "munpack" or
a MIME-compliant mail reader. Different MIME-compliant mail readers
exhibit different behavior, especially when dealing with
"multipart" MIME messages (i.e. documents which have been split
up into multiple messages), so check your local documentation on
how to manipulate these messages.
Below is the data which will enable a MIME compliant mail reader
implementation to automatically retrieve the ASCII version of the
Internet-Draft.
draft-irtf-smug-groupkeymgmt-oft-00.txt
