摘要
目前越来越多的应用需要群组通信的模式。利用多维空间圆的几何性质设计了安全群组通信密钥管理方案,该方案分为用户注册、分配组密钥影子、成员计算组密钥等3个阶段。用户注册阶段使成员与群组管理器共享一个长期秘密;在分配组密钥影子阶段,群组管理器利用几何方法为成员分配组密钥影子;在成员计算组密钥阶段,成员通过公告牌上的公开信息与自己拥有的私有信息重构圆而获得组密钥。在简单群组密钥分配的基础上,建立二叉树结构的密钥树进行组密钥分配,其组密钥更新的计算代价从O(m)降低到O(log(m)),公开信息无需变化,无需安全信道,使方案具可有扩展性。
Many emerging applications are based upon a group communications model. A new group key management scheme for a secure group communication system based on a geometric approach was proposed. The proposed scheme can be divided into three phases., user registration, group key assignment, and group key computation. In the user registration phase, the group manager computes and gives a secret to the new user based on geometric approaches over a secure channel. In the group key assignment phase, the group manager first constructs a secret circle using the group key. Then it computes a shadow of the group key for each member based on the member's private key. Finally, each member obtains an additional secret point based on his private key. The member reconstructs the secret circle by its shadow and the public information,and then obtains the group key in the group key computation phase. Based on simple scheme of group key management, a binary tree of keys is set up to redesign the scheme and demonstrate it. The computation complexity for rekeying decreases from O(m) to O(log(m)). The public information on the note board keeps the same. No a secure channel is needed when the group key is updated. So this scheme is scalable.
出处
《计算机科学》
CSCD
北大核心
2009年第11期101-105,119,共6页
Computer Science
基金
国家"863"项目(2007AA01Z424)
国家自然科学基金资助项目(60572139)
国家科技支撑计划(2007BAH13B03)
教育部新世纪优秀人才支持计划(NCET-06-0744)
霍英东教育基金资助项目(101069)资助
关键词
组密钥分配
安全群组通信
几何方法
N维空间
二叉树
Group key management, Secure group communication, Geometric approach, n-dimensional space, Binary tree
