A Taxonomy of Group Key Management Protocols: Issues and Solutions
Group key management is an important functional
building block for any secure multicast architecture.
Thereby, it has been extensively studied in the literature.
In this paper we present relevant group key management
protocols. Then, we compare them against some pertinent
performance criteria.
[1] D. Balenson, D. McGrew, and A. Sherman. Key Manage-
ment for Large Dynamic Groups : One-Way Function Trees
and Amortized Initialization. draft-balenson-groupkeymgmt-
oft-00.txt, February 1999. Internet-Draft.
[2] A. Ballardie. Scalable Multicast Key Distribution, May 1996.
RFC 1949.
[3] A. Ballardie. Core Based Trees (CBT version 2) Multicast Rout-
ing protocol specification, September 1997. RFC 2189.
[4] T. Ballardie, I.P. Francis, and J. Crowcroft. Core Based Trees:
an Architecture for Scalable Inter-domain Multicast Routing.
ACM SIGCOMM, pages 85-95, 1993.
[5] C. Becker and U. Wille. Communication complexity of group
key distribution. 5th ACM Conference on Computerand Com-
munications Security, Nowember 1998.
[6] C. Boyd. On key agreement and conference key agreement.
Information Security and Privacy: Australasian Conference,
LNCS(1270):294-302, 1997.
[7] B. Briscoe. MARKS: Multicast key management using arbi-
trarily revealed key sequences. 1st International Workshop on
Networked Group Communication, November 1999.
[8] M. Burmester and Y. Desmedt. A secure and efficient conference
key distribution system. EUROCRYP-94, LNCS(950):275-286,
1994
[9] R. Canetti, J. Garay, G. Itkis, D. Micciancio, M. Naor, and
B. Pinkas. Multicast Security: A taxonomy and Efficient Con-
structions. IEEE INFOCOM, pages 708-716, March 1999.
[10] G. Chaddoud, I. Chrisment, and A. Shaff. Dynamic Group Com-
munication Security. 6th IEEE Symposium on computers and
communication, 2001.
[11] G. H. Chiou and W. T. Chen. Secure Broadcast using Secure
Lock. IEEE Transactions on Software Engineering, 15(8):929-
934, August 1989.
[12] H.H. Chu, L. Qiao, and K. Nahrstedt. A Secure Multicast Pro-
tocol with Copyright Protection. ACM SIGCOMM Computer
Communications Review, 32(2):42:60, April 2002.
[13] B. DeCleene, L. Dondeti, S. Griffin, T. Hardjono, D. Kiwior,
J. Kurose, D. Towsley, S. Vasudevan, and C. Zhang. Secure
group communications for wireless networks. MILCOM, June
2001.
[14] W. Diffie and M.E. Hellman. New directions in cryptogra-
phy. IEEE Transactions on Information Theory, IT-22:644-654,
November 1976.
[15] L. Dondeti, S. Mukherjee, and A. Samal. A distributed group
key management scheme for secure many-to-many communica-
tion. Technical Report PINTL-TR-207-99, 1999.
[16] L. R. Dondeti, S. Mukherjee, and A. Samal. Scalable secure one-
to-many group communication using dual encryption. Computer
Communications, 23(17):1681-1701, November 2000.
[17] L.R. Dondeti, S. Mukherjee, and A. Samal. Comparison of Hi-
erarchical Key Distribution Schemes. IEEE Globcom Global In-
ternet Symposium, 1999.
[18] L.R. Dondeti, S. Mukherjee, and A. Samal. Survey and Compar-
ison of Secure Group Communication Protocols, 1999. Technical
Report.
[19] T. Dunigan and C. Cao. Group Key Management. Technical
Report ORNL/TM-13470, 1998.
[20] A. Fiat and M. Naor. Broadcast Encryption. CRYPTO-93,
LNCS(773):480-491, 1993.
[21] L. Gong and N. Shacham. Trade-offs in Routing Private Multi-
cast Traffic. GLOBECOM-95, November 1995.
[22] T. Hardjono, B. Cain, and I. Monga. Intra-domain Group
Key Management for Multicast Security. IETF Internet draft,
September 2000.
[23] H. Harney and C. Muckenhirn. Group Key Management Pro-
tocol (GKMP) Architecture, July 1997. RFC 2093.
[24] H. Harney and C. Muckenhirn. Group Key Management Pro-
tocol (GKMP) Specification, July 1997. RFC 2094.
[25] I. Ingemarson, D. Tang, and C. Wong. A Conference Key Dis-
tribution System. IEEE Transactions on Information Theory,
28(5):714-720, September 1982.
[26] Y. Kim, A. Perrig, and G. Tsudik. Simple and fault-tolerant
Key Agreement for Dynamic Collaborative groups. 7th ACM
Conference on Computer and Communications Security, pages
235-244, November 2000.
[27] Y. Kim, A. Perrig, and G. Tsudik. Communication-Efficient
group Key Agreement. IFIP SEC, June 2001.
[28] D.A. McGrew and A.T. Sherman. Key Establishement in Large
Dynamic Groups using One-way Function Trees. Technical Re-
port TR-0755, May 1998.
[29] S. Mittra. Iolus : A Framework for Scalable Secure Multicasting.
ACM SIGCOMM, 1997.
[30] R. Molva and A. Pannetrat. Scalable Multicast Security in dy-
namic groups. 6th ACM Conference on Computer and Commu-
nication Security, November 1999.
[31] R. Mukherjee and J.W. Atwood. Proxy Encryptions for Secure
Multicast Key Management. IEEE Local Computer Networks -
LCN-03, October 2003.
[32] R. Mukherjee and J.W. Atwood. SIM-KM: Scalable Infrastruc-
ture for Multicast Key Management. IEEE Local Computer
Networks - LCN-04, pages 335-342, November 2004.
[33] R. Oppliger and A. Albanese. Distributed registration and key
distribution (DiRK). Proceedings of the 12th International Con-
ference on Information Security IFIP SEC-96, 1996.
[34] A. Perrig. Efficient Collaborative key Management protocols
for Secure Autonomous Group Communication. International
Workshop on Cryptographic techniques and E-commerce, 1999.
[35] A. Perrig, D. Song, and J.D. Tygar. ELK, a new protocol for
Efficient Large-group Key distribution. IEEE Security and Pri-
avcy Symposium, May 2001.
[36] R. Poovendram, S. Ahmed, S. Corson, and J. Baras. A Scalable
Extension of Group Key Management Protocol. 2nd Annual
ATRIP Conference, pages 187-191, February 1998.
[37] S. Rafaeli and D. Hutchison. Hydra: a decentralized group key
management. 11th IEEE International WETICE: Enterprise
Security Workshop, June 2002.
[38] R. Rivest. The MD5 Message-Digest Algorithm, April 1992.
RFC 1321.
[39] O. Rodeh, K. Birman, and D. Dolev. Optimized group rekey for
group communication systems. Network and Distributed System
Security, February 2000.
[40] S. Setia, S. Koussih, S. Jajodia, and E. Harder. Kronos: A
scalable group re-keying approach for secure multicast. IEEE
Symposium on Security and Privacy, May 2000.
[41] C. Shields and J.J. Garcia-Luna-Aceves. The Ordered Core
Based Tree Protocol. IEEE INFOCOM-97, April 1997.
[42] C. Shields and J.J. Garcia-Luna-Aceves. KHIP-A scalable pro-
tocol for secure multicast routing. ACM SIGCOMM Computer
Communication Review, 29(4):53-64, October 1999.
[43] D. Steer, L.L. Strawczynski, W. Diffie, and M. Weiner. A Secure
Audio Teleconference System. CRYPTO-88, 1988.
[44] M. Steiner, G. Tsudik, and M. Waidner. Diffie-Hellman key dis-
tribution extended to group communication. 3rd ACM Confer-
ence on Computer and Communications Security, pages 31-37,
March 1996.
[45] M. Waldvogel, G. Caronni, D. Sun, N. Weiler, , and B. Plattner.
The VersaKey Framework : Versatile Group Key Management.
IEEE Journal on Selected Areas in Communications (Special
Issues on Middleware), 17(8):1614-1631, August 1999.
[46] D. Wallner, E. Harder, and R. Agee. Key Management for
Multicast : Issues and Architecture. National Security Agency,
June 1999. RFC 2627.
[47] C. K. Wong, M. Gouda, and S. S. Lam. Secure Group Commu-
nications Using Key Graphs. ACM SIGCOMM, 1998.
[48] C. K. Wong, M. Gouda, and S. S. Lam. Secure Group Com-
munications Using Key Graphs. IEEE/ACM Transactions on
Networking, 8(1):16-30, February 2000.
[49] C.K. Wong and S.S. Lam. Keystone: A group Key Management
Service. International Conference on Telecommunication, May
2000.
[50] Y.R. Yang, X.S. Li, X.B. Zhang, and S.S. Lam. Reliable Group
Rekeying: A Performance Analysis. TR-01-21, June 2001.
[1] D. Balenson, D. McGrew, and A. Sherman. Key Manage-
ment for Large Dynamic Groups : One-Way Function Trees
and Amortized Initialization. draft-balenson-groupkeymgmt-
oft-00.txt, February 1999. Internet-Draft.
[2] A. Ballardie. Scalable Multicast Key Distribution, May 1996.
RFC 1949.
[3] A. Ballardie. Core Based Trees (CBT version 2) Multicast Rout-
ing protocol specification, September 1997. RFC 2189.
[4] T. Ballardie, I.P. Francis, and J. Crowcroft. Core Based Trees:
an Architecture for Scalable Inter-domain Multicast Routing.
ACM SIGCOMM, pages 85-95, 1993.
[5] C. Becker and U. Wille. Communication complexity of group
key distribution. 5th ACM Conference on Computerand Com-
munications Security, Nowember 1998.
[6] C. Boyd. On key agreement and conference key agreement.
Information Security and Privacy: Australasian Conference,
LNCS(1270):294-302, 1997.
[7] B. Briscoe. MARKS: Multicast key management using arbi-
trarily revealed key sequences. 1st International Workshop on
Networked Group Communication, November 1999.
[8] M. Burmester and Y. Desmedt. A secure and efficient conference
key distribution system. EUROCRYP-94, LNCS(950):275-286,
1994
[9] R. Canetti, J. Garay, G. Itkis, D. Micciancio, M. Naor, and
B. Pinkas. Multicast Security: A taxonomy and Efficient Con-
structions. IEEE INFOCOM, pages 708-716, March 1999.
[10] G. Chaddoud, I. Chrisment, and A. Shaff. Dynamic Group Com-
munication Security. 6th IEEE Symposium on computers and
communication, 2001.
[11] G. H. Chiou and W. T. Chen. Secure Broadcast using Secure
Lock. IEEE Transactions on Software Engineering, 15(8):929-
934, August 1989.
[12] H.H. Chu, L. Qiao, and K. Nahrstedt. A Secure Multicast Pro-
tocol with Copyright Protection. ACM SIGCOMM Computer
Communications Review, 32(2):42:60, April 2002.
[13] B. DeCleene, L. Dondeti, S. Griffin, T. Hardjono, D. Kiwior,
J. Kurose, D. Towsley, S. Vasudevan, and C. Zhang. Secure
group communications for wireless networks. MILCOM, June
2001.
[14] W. Diffie and M.E. Hellman. New directions in cryptogra-
phy. IEEE Transactions on Information Theory, IT-22:644-654,
November 1976.
[15] L. Dondeti, S. Mukherjee, and A. Samal. A distributed group
key management scheme for secure many-to-many communica-
tion. Technical Report PINTL-TR-207-99, 1999.
[16] L. R. Dondeti, S. Mukherjee, and A. Samal. Scalable secure one-
to-many group communication using dual encryption. Computer
Communications, 23(17):1681-1701, November 2000.
[17] L.R. Dondeti, S. Mukherjee, and A. Samal. Comparison of Hi-
erarchical Key Distribution Schemes. IEEE Globcom Global In-
ternet Symposium, 1999.
[18] L.R. Dondeti, S. Mukherjee, and A. Samal. Survey and Compar-
ison of Secure Group Communication Protocols, 1999. Technical
Report.
[19] T. Dunigan and C. Cao. Group Key Management. Technical
Report ORNL/TM-13470, 1998.
[20] A. Fiat and M. Naor. Broadcast Encryption. CRYPTO-93,
LNCS(773):480-491, 1993.
[21] L. Gong and N. Shacham. Trade-offs in Routing Private Multi-
cast Traffic. GLOBECOM-95, November 1995.
[22] T. Hardjono, B. Cain, and I. Monga. Intra-domain Group
Key Management for Multicast Security. IETF Internet draft,
September 2000.
[23] H. Harney and C. Muckenhirn. Group Key Management Pro-
tocol (GKMP) Architecture, July 1997. RFC 2093.
[24] H. Harney and C. Muckenhirn. Group Key Management Pro-
tocol (GKMP) Specification, July 1997. RFC 2094.
[25] I. Ingemarson, D. Tang, and C. Wong. A Conference Key Dis-
tribution System. IEEE Transactions on Information Theory,
28(5):714-720, September 1982.
[26] Y. Kim, A. Perrig, and G. Tsudik. Simple and fault-tolerant
Key Agreement for Dynamic Collaborative groups. 7th ACM
Conference on Computer and Communications Security, pages
235-244, November 2000.
[27] Y. Kim, A. Perrig, and G. Tsudik. Communication-Efficient
group Key Agreement. IFIP SEC, June 2001.
[28] D.A. McGrew and A.T. Sherman. Key Establishement in Large
Dynamic Groups using One-way Function Trees. Technical Re-
port TR-0755, May 1998.
[29] S. Mittra. Iolus : A Framework for Scalable Secure Multicasting.
ACM SIGCOMM, 1997.
[30] R. Molva and A. Pannetrat. Scalable Multicast Security in dy-
namic groups. 6th ACM Conference on Computer and Commu-
nication Security, November 1999.
[31] R. Mukherjee and J.W. Atwood. Proxy Encryptions for Secure
Multicast Key Management. IEEE Local Computer Networks -
LCN-03, October 2003.
[32] R. Mukherjee and J.W. Atwood. SIM-KM: Scalable Infrastruc-
ture for Multicast Key Management. IEEE Local Computer
Networks - LCN-04, pages 335-342, November 2004.
[33] R. Oppliger and A. Albanese. Distributed registration and key
distribution (DiRK). Proceedings of the 12th International Con-
ference on Information Security IFIP SEC-96, 1996.
[34] A. Perrig. Efficient Collaborative key Management protocols
for Secure Autonomous Group Communication. International
Workshop on Cryptographic techniques and E-commerce, 1999.
[35] A. Perrig, D. Song, and J.D. Tygar. ELK, a new protocol for
Efficient Large-group Key distribution. IEEE Security and Pri-
avcy Symposium, May 2001.
[36] R. Poovendram, S. Ahmed, S. Corson, and J. Baras. A Scalable
Extension of Group Key Management Protocol. 2nd Annual
ATRIP Conference, pages 187-191, February 1998.
[37] S. Rafaeli and D. Hutchison. Hydra: a decentralized group key
management. 11th IEEE International WETICE: Enterprise
Security Workshop, June 2002.
[38] R. Rivest. The MD5 Message-Digest Algorithm, April 1992.
RFC 1321.
[39] O. Rodeh, K. Birman, and D. Dolev. Optimized group rekey for
group communication systems. Network and Distributed System
Security, February 2000.
[40] S. Setia, S. Koussih, S. Jajodia, and E. Harder. Kronos: A
scalable group re-keying approach for secure multicast. IEEE
Symposium on Security and Privacy, May 2000.
[41] C. Shields and J.J. Garcia-Luna-Aceves. The Ordered Core
Based Tree Protocol. IEEE INFOCOM-97, April 1997.
[42] C. Shields and J.J. Garcia-Luna-Aceves. KHIP-A scalable pro-
tocol for secure multicast routing. ACM SIGCOMM Computer
Communication Review, 29(4):53-64, October 1999.
[43] D. Steer, L.L. Strawczynski, W. Diffie, and M. Weiner. A Secure
Audio Teleconference System. CRYPTO-88, 1988.
[44] M. Steiner, G. Tsudik, and M. Waidner. Diffie-Hellman key dis-
tribution extended to group communication. 3rd ACM Confer-
ence on Computer and Communications Security, pages 31-37,
March 1996.
[45] M. Waldvogel, G. Caronni, D. Sun, N. Weiler, , and B. Plattner.
The VersaKey Framework : Versatile Group Key Management.
IEEE Journal on Selected Areas in Communications (Special
Issues on Middleware), 17(8):1614-1631, August 1999.
[46] D. Wallner, E. Harder, and R. Agee. Key Management for
Multicast : Issues and Architecture. National Security Agency,
June 1999. RFC 2627.
[47] C. K. Wong, M. Gouda, and S. S. Lam. Secure Group Commu-
nications Using Key Graphs. ACM SIGCOMM, 1998.
[48] C. K. Wong, M. Gouda, and S. S. Lam. Secure Group Com-
munications Using Key Graphs. IEEE/ACM Transactions on
Networking, 8(1):16-30, February 2000.
[49] C.K. Wong and S.S. Lam. Keystone: A group Key Management
Service. International Conference on Telecommunication, May
2000.
[50] Y.R. Yang, X.S. Li, X.B. Zhang, and S.S. Lam. Reliable Group
Rekeying: A Performance Analysis. TR-01-21, June 2001.
@article{"International Journal of Information, Control and Computer Sciences:58717", author = "Yacine Challal and Abdelmadjid Bouabdallah and Hamida Seba", title = "A Taxonomy of Group Key Management Protocols: Issues and Solutions", abstract = "Group key management is an important functional
building block for any secure multicast architecture.
Thereby, it has been extensively studied in the literature.
In this paper we present relevant group key management
protocols. Then, we compare them against some pertinent
performance criteria.", keywords = "Multicast, Security, Group Key Management.", volume = "1", number = "6", pages = "1708-13", }
