摘要
针对安全多播中密钥更新的可扩展性问题,提出了一种改进的逻辑密钥分层机制.在更新密钥树时,由密钥服务器产生随机数,而多播组成员使用单向散列函数可以直接计算出变动路径中的全部或部分密钥,减少了更新密钥的计算量和在多播信道中的通信量,因此使密钥服务器的平均代价减少约1/3.在此基础上提出了适合于这种改进机制的批处理更新算法,可以对多次成员变动仅进行一次更新操作.实验分析表明,与原机制的批处理更新算法相比,该算法又可使密钥服务器的代价至少减少1/3.因此,采用这种改进机制的批处理更新算法可以进一步提高计算和通信性能.
Aiming at the scalability of rekeying in secure multicast, an improved logic key hierarchy mechanism is proposed. When a key tree is updated, the key server produces random numbers, and all or the part of new keys in update paths are directly calculated by the multicast group members using one-way hash function. Therefore, the burdens of the computation and communication for updating keys through multicast channels are decreased. It is estimated that the key server's average cost can be reduced by about 1/3. A batch update algorithm is also presented in the paper based on the improved scheme, in which changing of members several times can be carried out only by update operation once. It is shown by experiments that the key server's cost of this algorithm can be reduced again at least 1/3. So the performance is further improved when this batch update algorithm is applied to the improved scheme.
出处
《西安交通大学学报》
EI
CAS
CSCD
北大核心
2004年第10期1053-1056,共4页
Journal of Xi'an Jiaotong University
基金
国家自然科学基金资助项目 (60 1 73 0 66)
教育部"教育振兴行动计划"西安交通大学培植项目 (PZ1 2 8)
关键词
安全多播
会话密钥更新
密钥树
单向散列函数
Algorithms
Cryptography
Data privacy
Hierarchical systems
Performance
Security of data