The Community for Technology Leaders
RSS Icon
Issue No.10 - October (2009 vol.58)
pp: 1421-1434
Abdulhadi Shoufan , Technische Universitaet Darmstadt, Darmstadt
Sorin A. Huss , Technische Universitaet Darmstadt, Darmstadt
Group key management is a critical task in secure multicast applications such as Pay-TV over the Internet. The communication group key must be updated and distributed after every change in the group membership. Many solutions have been proposed in the last years to minimize the cost of this rekeying process on the server side. Most of these solutions are tree-based approaches such as the logical key hierarchy. These approaches suffer from three problems. First, tree-based solutions aim at minimizing rekeying costs only by reducing the number of needed cryptographic operations such as encryption or secure hashing. Second, these solutions do not treat the time-consuming digital signing needed to authenticate rekeying messages. Third, tree-based approaches manage huge amounts of keys by software which compromises security. In this paper, a novel hardware/software architecture is proposed, which optimizes the rekeying performance not only by minimizing the number of cryptographic operations, but also by reducing the execution times of these operations including digital signing with the aid of hardware acceleration. All help-keys are generated, managed, and stored on hardware, which enhances the system security. To keep flexibility, control-intensive tasks such as tree management are performed as software functions on the embedded processor. The presented rekeying processor is designed based on a comprehensive security analysis with the aid of a novel illustration for security threats, requirements, and technical solutions, a so-called Security Y-Diagram. A performance measurement on a prototype implementation shows that the rekeying processor can join and disjoin members much faster than software solutions besides supporting much larger groups.
Multicast security, group rekeying, application-specific processor, HW/SW codesign.
Abdulhadi Shoufan, Sorin A. Huss, "High-Performance Rekeying Processor Architecture for Group Key Management", IEEE Transactions on Computers, vol.58, no. 10, pp. 1421-1434, October 2009, doi:10.1109/TC.2009.88
[1] C.K. Wong, M. Gouda, and S.S. Lam, “Secure Group Communication Using Key Graph,” IEEE/ACM Trans. Networking, vol. 8, no. 1, pp. 16-30, Feb. 2000.
[2] W.H.D. Ng and Z. Sun, “Multi-Layers Balanced LKH,” Proc. IEEE Int'l Conf. Comm. (ICC), pp. 1015-1019, May 2005.
[3] X.S. Li, Y.R. Yang, M. Gouda, and S.S. Lam, “Batch Rekeying for Secure Group Communications,” Proc. ACM 10th Int'l World Wide Web Conf., May 2001.
[4] Y. Amir, Y. Kim, C. Nita-Rotaru, and G. Tsudik, “On the Performance of Group Key Agreement Protocols,” ACM Trans. Information Systems Security, vol. 7, no. 3, pp. 457-488, 2004.
[5] J. Pegueroles and F. Rico-Novella, “Balanced Batch LKH: New Proposal, Implementation and Performance Evaluation,” Proc. IEEE Symp. Computers Comm., pp. 815-820, 2003.
[6] W. Chen and L.R. Dondeti, “Performance Comparison of Stateful and Stateless Group Rekeying Algorithms,” Proc. Int'l Workshop Networked Group Comm., 2002.
[7] A. Sherman and D. McGrew, “Key Establishment in Large Dynamic Groups Using One-Way Function Trees,” IEEE Trans. Software Eng., vol. 29, no. 5, pp. 444-458, May 2003.
[8] M. Waldvogel, G. Caronni, D. Sun, N. Weiler, and B. Plattner, “The VersaKey Framework: Versatile Group Key Management,” IEEE J. Selected Areas Comm., vol. 17, no. 8, pp. 1614-1631, Aug. 1999.
[9] H. Lu, “A Novel High-Order Tree for Secure Multicast Key Management,” IEEE Trans. Computers, vol. 54, no. 2, pp. 214-224, Feb. 2005.
[10] S. Mittra, “Iolus: A Framework for Scalable Secure Multicasting,” Proc. ACM SIGCOMM, pp. 277-288, Sept. 1997.
[11] M.J. Moyer, G. Tech, J.R. Rao, and P. Rohatgi, “Maintaining Balanced Key Trees for Secure Multicast,” Internet draft, http://www.securemulticast.orgdraft-irtf-smug-key-tree-balance-00.txt , June 1999.
[12] M. Moharrum, R. Mukkamala, and M. Eltoweissy, “Efficient Secure Multicast with Well-Populated Multicast Key Trees,” Proc. IEEE Int'l Conf. Parallel and Distributed Systems (ICPADS), pp. 215-222, July 2004.
[13] O. Rodeh, K.P. Birman, and D. Dolev, “Using AVL Trees for Fault Tolerant Group Key Management,” Technical Report 2000-1823, Cornell Univ., 2000.
[14] J. Goshi and R.E. Ladner, “Algorithms for Dynamic Multicast Key Distribution Trees,” Proc. ACM Symp. Principles Distributed Computing, pp. 243-251, 2003.
[15] D.D. Gajski, A. Wu, N. Dutt, and S. Lin, High-Level Synthesis, Introduction to Chip and System Design. Kluwer Academic Publishers, 1992.
[16] National Institute of Standards and Technology (NIST), “Advanced Encryption Standard (AES),” Fed. Information Processing Standard 197, Nov. 2001.
[17] S. Matyas, C. Meyer, and J. Oseas, “Generating Strong One-Way Functions with Cryptographic Algorithm,” IBM Disclosure Bull., vol. 27, no. 10A, pp. 5658-6559, Mar. 1985.
[18] B. Schneier, Applied Cryptography. John Wiley & Sons, Inc., 1996.
[19] International Organization for Standardization (ISO), “Data Cryptographic Techniques—Data Integrity Mechanism Using a Cryptographic Check Function Employing a Block Cipher Algorithm,” ISO 9797, 1989.
[20] Standard Specifications for Public-Key Cryptography, Institute of Electrical and Electronics Engineers (IEEE), Annex A,, 2000.
[21] National Institute of Standards and Technology (NIST), “American National Standard for Financial Institution Key Management (Wholesale),” Am. Banker Assoc., 1985.
[22] Xilinx, Virtex-II Pro Platform FPGA Handbook, Oct. 2002.
[23] Xilinx, PowerPC 405 Processor Block Reference Guide, V2.1, July 2005.
[24] Digilent, Inc., http:/, 2009.
[25] A. Shoufan, R. Laue, and S.A. Huss, “High-Flexibility Rekeying Processor for Key Management in Secure Multicast,” Proc. IEEE Int'l Symp. Embedded Computing (SEC '07), May 2007.
[26] B. Cohen and B. Laurie, “AES-Hash,” aes-hash.pdf, May 2001.
[27] R. Laue, O. Kelm, S. Schipp, A. Shoufan, and S.A. Huss, “Compact AES-Based Architecture for Symmetric Encryption, Hash Function, and Random Number Generation,” Proc. IEEE Int'l Conf. Field Programmable Logic Application (FPL '07), Aug. 2007.
[28] AES Lounge, AES/, 2009.
[29] C.J. McIvor, M. McLoone, and J.V. McCanny, “Hardware Elliptic Curve Cryptographic Processor over GF(p),” IEEE Trans. Circuits Systems, vol. 53, no. 9, pp. 1946-1957, Sept. 2006.
17 ms
(Ver 2.0)

Marketing Automation Platform Marketing Automation Tool