The Community for Technology Leaders
RSS Icon
Subscribe
Issue No.03 - July-September (2009 vol.6)
pp: 188-201
ABSTRACT
Wireless broadcast is an effective approach for disseminating data to a number of users. To provide secure access to data in wireless broadcast services, symmetric-key-based encryption is used to ensure that only users who own the valid keys can decrypt the data. With regard to various subscriptions, an efficient key management for distributing and changing keys is in great demand for access control in broadcast services. In this paper, we propose an efficient key management scheme, namely, key tree reuse (KTR), to handle key distribution with regard to complex subscription options and user activities. KTR has the following advantages. First, it supports all subscription activities in wireless broadcast services. Second, in KTR, a user only needs to hold one set of keys for all subscribed programs instead of separate sets of keys for each program. Third, KTR identifies the minimum set of keys that must be changed to ensure broadcast security and minimize the rekey cost. Our simulations show that KTR can save about 45 percent of communication overhead in the broadcast channel and about 50 percent of decryption cost for each user compared with logical-key-hierarchy-based approaches.
INDEX TERMS
Wireless broadcast, key management, access control, key hierarchy, secure group communication, key distribution.
CITATION
Qijun Gu, Peng Liu, Wang-Chien Lee, Chao-Hsien Chu, "KTR: An Efficient Key Management Scheme for Secure Data Access Control in Wireless Broadcast Services", IEEE Transactions on Dependable and Secure Computing, vol.6, no. 3, pp. 188-201, July-September 2009, doi:10.1109/TDSC.2008.12
REFERENCES
[1] J. Xu, D. Lee, Q. Hu, and W.-C. Lee, “Data Broadcast,” Handbook ofWireless Networks and Mobile Computing, I. Stojmenovic, ed., JohnWiley & Sons, pp. 243-265, 2002.
[2] D. Wallner, E. Harder, and R. Agee, Key Management for Multicast: Issues and Architectures, IETF RFC 2627, 1999.
[3] J. Snoeyink, S. Suri, and G. Varghese, “A Lower Bound for Multicast Key Distribution,” Proc. IEEE INFOCOM '01, vol. 1, pp.422-431, 2001.
[4] S. Mittra, “Iolus: A Framework for Scalable Secure Multicasting,” Proc. ACM SIGCOMM '97, pp. 277-288, 1997.
[5] C.K. Wong, M. Gouda, and S.S. Lam, “Secure Group Communications Using Key Graphs,” Proc. ACM SIGCOMM '98, pp.68-79, 1998.
[6] Y. Kim, A. Perrig, and G. Tsudik, “Simple and Fault-Tolerant Key Agreement for Dynamic Collaborative Groups,” Proc. Seventh ACM Conf. Computer and Comm. Security, pp. 235-244, 2000.
[7] S. Setia, S. Koussih, S. Jajodia, and E. Harder, “Kronos: A Scalable Group Rekeying Approach for Secure Multicast,” Proc. IEEE Symp. Security and Privacy, pp. 215-228, 2000.
[8] Y.R. Yang, X.S. Li, X.B. Zhang, and S.S. Lam, “Reliable Group Rekeying: A Performance Analysis,” Proc. ACM SIGCOMM '01, pp. 27-38, 2001.
[9] M. Onen and R. Molva, “Reliable Group Rekeying with a Customer Perspective,” Proc. IEEE Global Telecom. Conf., vol. 4, pp. 2072-2076, 2004.
[10] B. Briscoe, “Marks: Zero Side Effect Multicast Key Management Using Arbitrarily Revealed Key Sequences,” Proc. First Int'l Workshop Networked Group Comm., pp. 301-320, 1999.
[11] A. Wool, “Key Management for Encrypted Broadcast,” ACM Trans. Information and System Security, vol. 3, no. 2, pp. 107-134, 2000.
[12] M. Just, E. Kranakis, D. Krizanc, and P.V. Oorschot, “On Key Distribution via True Broadcasting,” Proc. Second ACM Conf. Computer and Comm. Security, pp. 81-88, 1994.
[13] M. Luby and J. Staddon, “Combinatorial Bounds for Broadcast Encryption,” Advances in Cryptology—Proc. Int'l Conf. Theory andApplication of Cryptographic Techniques, pp. 512-526, 1998.
[14] A. Fiat and M. Naor, “Broadcast Encryption,” Advances in Cryptology—Proc. Int'l Conf. Theory and Application of Cryptographic Techniques, pp. 480-491, 1994.
[15] C. Blundo and A. Cresti, “Space Requirements for Broadcast Encryption,” Advances in Cryptology—Proc. Int'l Conf. Theory andApplication of Cryptographic Techniques, pp. 471-486, 1994.
[16] D. Naor, M. Naor, and J.B. Lotspiech, “Revocation and Tracing Schemes for Stateless Receivers,” Advances in Cryptology—Proc. 21st Ann. Int'l Cryptology Conf., pp. 41-62, 2001.
[17] Basic Interoperable Scrambling System, http://www.ebu.ch/CMSimages/entec_doc_t3292_tcm6-10493.pdf , 2002.
[18] North American mpeg-2 Information, http://www.coolstf.commpeg/, 2008.
[19] Irdeto Access, http://www.irdeto.comindex.html, 2006.
[20] M.G. Kuhn, “Analysis of the Nagravision Video Scrambling Method,” technical report, Univ. of Cambridge, 1998.
[21] Viaccess, http://www.viaccess.comen/, 2006.
[22] NDS Videoguard: Security, Flexibility, and Growth, http://www. ndsworld.com/conditional_access conditional_access.html, 2006.
[23] R. Canetti, J. Garay, G. Itkis, D. Micciancio, M. Naor, and B. Pinkas, “Multicast Security: A Taxonomy and Some Efficient Constructions,” Proc. IEEE INFOCOM '99, vol. 2, pp. 708-716, 1999.
[24] A. Perrig, D. Song, and D. Tygar, “ELK: A New Protocol for Efficient Large-Group Key Distribution,” Proc. IEEE Symp. Security and Privacy, pp. 247-262, 2001.
[25] C.K. Wong and S.S. Lam, “Keystone: A Group Key Management Service,” Proc. Int'l Conf. Telecomm., 2000.
[26] M. Moyer, J. Rao, and P. Rohatgi, Maintaining Balanced Key Trees for Secure Multicast, draft-irtf-smug-key-tree-balance-00.txt, 1999.
[27] J. Staddon, S. Miner, M. Franklin, D. Balfanz, M. Malkin, and D. Dean, “Self-Healing Key Distribution with Revocation,” Proc. IEEE Symp. Security and Privacy, pp. 241-257, 2002.
[28] Y. Sun and K.R. Liu, “Scalable Hierarchical Access Control in Secure Group Communications,” Proc. IEEE INFOCOM, 2004.
17 ms
(Ver 2.0)

Marketing Automation Platform Marketing Automation Tool