Abstract

The group key management problem is an important research area in multicast communication security field. The one-way function tree (OFT) scheme proposed by Balenson et al. is widely regarded as an efficient key management solution for multicast communication in large dynamic groups. Following Horng's claim that the original OFT scheme was vulnerable to a collusion attack, Ku et al. proposed a solution to prevent the attack. The solution, however, requires to broadcast about h 2 + h ( h is the height of the key tree) keys for every eviction operation, whereas the original OFT scheme only requires about h keys. This modified OFT scheme thus loses a key advantage that the original OFT has over the logical key hierarchy (LKH) scheme, that is a halving in broadcast size. In this thesis, we revisit collusion attacks on the OFT scheme. We generalize the examples of attacks given by Horng and Ku et al. to a generic collusion attack on OFT, and derive necessary and sufficient conditions for such an attack to exist. We then show a solution for preventing collusion attacks while minimizing the average broadcast size. Our simulation results show that the proposed solution outperforms LKH in many cases and it has an improved performance over Ku and Chen's scheme. This performance gain is due to the fact that our method requires additional key updates only when attacks become possible. We also extend our analysis for the case where only the root (group) key needs to be protected. Using this relaxed security assumption, a more efficient key updating scheme is proposed and analyzed. Our simulation results confirm that if only the group key needs to be protected, the proposed OFT-based scheme outperforms LKH in all cases