KTR: An Efficient Key Management Scheme for Secure Data Access Control in Wireless Broadcast Services

Qijun Gu; Chao-Hsien Chu; Peng Liu; Wang-Chien Lee

doi:10.1109/TDSC.2008.12

Publication
2009
Issue No. 3 - July-September
Abstract - KTR: An Efficient Key Management Scheme for Secure Data Access Control in Wireless Broadcast Services

	This Article
	Subscribers, please Login Purchase article: $19 PDF HTML IEEE Xplore Subscribers RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/EndNote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Qijun Gu Articles by Peng Liu Articles by Wang-Chien Lee Articles by Chao-Hsien Chu

KTR: An Efficient Key Management Scheme for Secure Data Access Control in Wireless Broadcast Services

July-September 2009 (vol. 6 no. 3)

pp. 188-201

	ASCII Text	x
	Qijun Gu, Peng Liu, Wang-Chien Lee, Chao-Hsien Chu, "KTR: An Efficient Key Management Scheme for Secure Data Access Control in Wireless Broadcast Services," IEEE Transactions on Dependable and Secure Computing, vol. 6, no. 3, pp. 188-201, July-September, 2009.

	BibTex	x
	@article{ 10.1109/TDSC.2008.12, author = {Qijun Gu and Peng Liu and Wang-Chien Lee and Chao-Hsien Chu}, title = {KTR: An Efficient Key Management Scheme for Secure Data Access Control in Wireless Broadcast Services}, journal ={IEEE Transactions on Dependable and Secure Computing}, volume = {6}, number = {3}, issn = {1545-5971}, year = {2009}, pages = {188-201}, doi = {http://doi.ieeecomputersociety.org/10.1109/TDSC.2008.12}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - JOUR JO - IEEE Transactions on Dependable and Secure Computing TI - KTR: An Efficient Key Management Scheme for Secure Data Access Control in Wireless Broadcast Services IS - 3 SN - 1545-5971 SP188 EP201 EPD - 188-201 A1 - Qijun Gu, A1 - Peng Liu, A1 - Wang-Chien Lee, A1 - Chao-Hsien Chu, PY - 2009 KW - Wireless broadcast KW - key management KW - access control KW - key hierarchy KW - secure group communication KW - key distribution. VL - 6 JA - IEEE Transactions on Dependable and Secure Computing ER -

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/TDSC.2008.12

Wireless broadcast is an effective approach for disseminating data to a number of users. To provide secure access to data in wireless broadcast services, symmetric-key-based encryption is used to ensure that only users who own the valid keys can decrypt the data. With regard to various subscriptions, an efficient key management for distributing and changing keys is in great demand for access control in broadcast services. In this paper, we propose an efficient key management scheme, namely, key tree reuse (KTR), to handle key distribution with regard to complex subscription options and user activities. KTR has the following advantages. First, it supports all subscription activities in wireless broadcast services. Second, in KTR, a user only needs to hold one set of keys for all subscribed programs instead of separate sets of keys for each program. Third, KTR identifies the minimum set of keys that must be changed to ensure broadcast security and minimize the rekey cost. Our simulations show that KTR can save about 45 percent of communication overhead in the broadcast channel and about 50 percent of decryption cost for each user compared with logical-key-hierarchy-based approaches.

[1] J. Xu, D. Lee, Q. Hu, and W.-C. Lee, “Data Broadcast,” Handbook ofWireless Networks and Mobile Computing, I. Stojmenovic, ed., JohnWiley & Sons, pp. 243-265, 2002.
[2] D. Wallner, E. Harder, and R. Agee, Key Management for Multicast: Issues and Architectures, IETF RFC 2627, 1999.
[3] J. Snoeyink, S. Suri, and G. Varghese, “A Lower Bound for Multicast Key Distribution,” Proc. IEEE INFOCOM '01, vol. 1, pp.422-431, 2001.
[4] S. Mittra, “Iolus: A Framework for Scalable Secure Multicasting,” Proc. ACM SIGCOMM '97, pp. 277-288, 1997.
[5] C.K. Wong, M. Gouda, and S.S. Lam, “Secure Group Communications Using Key Graphs,” Proc. ACM SIGCOMM '98, pp.68-79, 1998.
[6] Y. Kim, A. Perrig, and G. Tsudik, “Simple and Fault-Tolerant Key Agreement for Dynamic Collaborative Groups,” Proc. Seventh ACM Conf. Computer and Comm. Security, pp. 235-244, 2000.
[7] S. Setia, S. Koussih, S. Jajodia, and E. Harder, “Kronos: A Scalable Group Rekeying Approach for Secure Multicast,” Proc. IEEE Symp. Security and Privacy, pp. 215-228, 2000.
[8] Y.R. Yang, X.S. Li, X.B. Zhang, and S.S. Lam, “Reliable Group Rekeying: A Performance Analysis,” Proc. ACM SIGCOMM '01, pp. 27-38, 2001.
[9] M. Onen and R. Molva, “Reliable Group Rekeying with a Customer Perspective,” Proc. IEEE Global Telecom. Conf., vol. 4, pp. 2072-2076, 2004.
[10] B. Briscoe, “Marks: Zero Side Effect Multicast Key Management Using Arbitrarily Revealed Key Sequences,” Proc. First Int'l Workshop Networked Group Comm., pp. 301-320, 1999.
[11] A. Wool, “Key Management for Encrypted Broadcast,” ACM Trans. Information and System Security, vol. 3, no. 2, pp. 107-134, 2000.
[12] M. Just, E. Kranakis, D. Krizanc, and P.V. Oorschot, “On Key Distribution via True Broadcasting,” Proc. Second ACM Conf. Computer and Comm. Security, pp. 81-88, 1994.
[13] M. Luby and J. Staddon, “Combinatorial Bounds for Broadcast Encryption,” Advances in Cryptology—Proc. Int'l Conf. Theory andApplication of Cryptographic Techniques, pp. 512-526, 1998.
[14] A. Fiat and M. Naor, “Broadcast Encryption,” Advances in Cryptology—Proc. Int'l Conf. Theory and Application of Cryptographic Techniques, pp. 480-491, 1994.
[15] C. Blundo and A. Cresti, “Space Requirements for Broadcast Encryption,” Advances in Cryptology—Proc. Int'l Conf. Theory andApplication of Cryptographic Techniques, pp. 471-486, 1994.
[16] D. Naor, M. Naor, and J.B. Lotspiech, “Revocation and Tracing Schemes for Stateless Receivers,” Advances in Cryptology—Proc. 21st Ann. Int'l Cryptology Conf., pp. 41-62, 2001.
[17] Basic Interoperable Scrambling System, http://www.ebu.ch/CMSimages/entec_doc_t3292_tcm6-10493.pdf , 2002.
[18] North American mpeg-2 Information, http://www.coolstf.commpeg/, 2008.
[19] Irdeto Access, http://www.irdeto.comindex.html, 2006.
[20] M.G. Kuhn, “Analysis of the Nagravision Video Scrambling Method,” technical report, Univ. of Cambridge, 1998.
[21] Viaccess, http://www.viaccess.comen/, 2006.
[22] NDS Videoguard: Security, Flexibility, and Growth, http://www. ndsworld.com/conditional_access conditional_access.html, 2006.
[23] R. Canetti, J. Garay, G. Itkis, D. Micciancio, M. Naor, and B. Pinkas, “Multicast Security: A Taxonomy and Some Efficient Constructions,” Proc. IEEE INFOCOM '99, vol. 2, pp. 708-716, 1999.
[24] A. Perrig, D. Song, and D. Tygar, “ELK: A New Protocol for Efficient Large-Group Key Distribution,” Proc. IEEE Symp. Security and Privacy, pp. 247-262, 2001.
[25] C.K. Wong and S.S. Lam, “Keystone: A Group Key Management Service,” Proc. Int'l Conf. Telecomm., 2000.
[26] M. Moyer, J. Rao, and P. Rohatgi, Maintaining Balanced Key Trees for Secure Multicast, draft-irtf-smug-key-tree-balance-00.txt, 1999.
[27] J. Staddon, S. Miner, M. Franklin, D. Balfanz, M. Malkin, and D. Dean, “Self-Healing Key Distribution with Revocation,” Proc. IEEE Symp. Security and Privacy, pp. 241-257, 2002.
[28] Y. Sun and K.R. Liu, “Scalable Hierarchical Access Control in Secure Group Communications,” Proc. IEEE INFOCOM, 2004.

Index Terms:

Wireless broadcast, key management, access control, key hierarchy, secure group communication, key distribution.

Citation:

Qijun Gu, Peng Liu, Wang-Chien Lee, Chao-Hsien Chu, "KTR: An Efficient Key Management Scheme for Secure Data Access Control in Wireless Broadcast Services," IEEE Transactions on Dependable and Secure Computing, vol. 6, no. 3, pp. 188-201, July-Sept. 2009, doi:10.1109/TDSC.2008.12

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.