Abstract
In an open network such as the Internet, multicast security services typically start with group session-key distribution. Considering scalability for group communication among widely-distributed members, we can find a currently-leading approach based on a CBT (Core-Based Tree) routing protocol, where Group Key Distribution Centers (GKDCs) are dynamically constructed during group-member joining process.
In search of practical use of it, this paper first analyzes the CBT protocol in terms of its efficiency as well as security management. Then the paper proposes several improvements on the protocol with an aim to solve the problem identified. In particular, (1) an overuse of encryption and signatures is avoided and (2) a hybrid trust model is introduced by a simple mechanism for controling the GKDC distribution. A comprehensive comparison among the costs of several implementations is also carried out.
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Atkinson R. J.: Toward a More Secure Internet, IEEE Computer 30 (1997) 57–61
Oppliger R.: Internet Security: Firewalls and Beyond, Comm. ACM 40 (1997) 92–102
Fenner W.: Internet Group Management Protocol, Version 2., RFC2236 (1997)
Estrin D., et. al.: Protocol Independent Multicast-Sparse Mode (PIM-SM): Protocol Specification, RFC2117 (1997)
Ballardie T., Francis P., and Crowcroft J.: An Architecture for Scalable Inter-Domain Multicast Routing, Proc. of ACM SIGCOMM (1993) 85-95
Ballardie A.: Core Based Trees (CBT version 2) Multicast Routing — Protocol Specification —, RFC2189 (1997)
Ballardie A.: Core Based Trees (CBT) Multicast Routing Architecture, RFC2201 (1997)
Billhartz T., et. al.: Performance and Resource Cost Comparisons for the CBT and PIM Multicast Routing Protocols, IEEE Journal on Selected Area in Communications 15 (1997) 304–315
Ballardie A.: Scalable Multicast Key Distribution, RFC1949 (1996)
Moy J.: Multicast Routing Extensions for OSPF, Comm. ACM 37 (1994) 61–66
Eastlake D. 3rd and Kaufman C.: Domain Name System Security Extensions, RFC2065 (1997)
Berners-Lee T., et. al.: The World-Wide-Web, Comm. ACM 37 (1994) 76–82
Maughan D., et. al.: Internet Security Association and Key Management Protocol (ISAKMP), (work in progress).
Karn P. and Simpson W. A.: Photuris: Session-Key Management Protocol, (work in progress).
Stinson D. R.: CRYPTOGRAPHY: Theory and Practice, CRC Press (1995)
Zheng Y.: Digital Signcryption or How to Achieve Cost(Signature & Encryption) ≪ Cost(Signature) + Cost (Encryption), Lecture Notes in Computer Science 1294, Springer-Verlag (1997) 165–179
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 1998 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Matsuura, K., Zheng, Y., Iman, H. (1998). Compact and flexible resolution of CBT multicast key-distribution. In: Masunaga, Y., Katayama, T., Tsukamoto, M. (eds) Worldwide Computing and Its Applications — WWCA'98. WWCA 1998. Lecture Notes in Computer Science, vol 1368. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-64216-1_49
Download citation
DOI: https://doi.org/10.1007/3-540-64216-1_49
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-64216-9
Online ISBN: 978-3-540-69704-6
eBook Packages: Springer Book Archive