Two-level controllers hierarchy for a scalable and distributed multicast security protocol

• Published in: Computers & security Vol. 24; no. 5; pp. 399 - 408
• Main Author: Aslan, Heba K.
• Format: Journal Article
• Language: English
• Published: Amsterdam Elsevier Ltd 01.08.2005; Elsevier Sequoia S.A
• Subjects: Boolean tree and logical key hierarchy; Centralized approaches; Communication; Data encryption; Distributed approaches; Group key distribution protocols; Internet Protocol; Network security; Protocol; Studies; Boolean tree and logical key hierarchy; Centralized approaches; Group key distribution protocols; Distributed approaches
• ISSN: 0167-4048; 1872-6208
• DOI: 10.1016/j.cose.2005.01.003

LKH protocols are considered one of the best solutions proposed for solving the scalability of multicast security protocols. It has been proved that binary trees have the best computation and communication overheads. For a binary tree, the computation and communication overheads – in case of a member join or leave – of LKH protocols is about 2 h encryption operations, where h represents the tree height. Many enhancements to LKH protocols are proposed in order to lower the computation and communication overheads. One of these solutions, a protocol that we named CEKPS protocol achieves a lower computation overhead, which is about h encryption operations and h one-way functions. In addition, its communication overhead is h messages. The abovementioned protocols rely on one manager, which could represent a bottleneck in case of a group with large number of members and where many join/leave operations occur. In the present paper, we propose a protocol for a scalable and distributed multicast security protocol. The aim of the proposed protocol is to achieve a lower computation overhead compared to CEKPS protocol. In order to achieve its goal, the proposed protocol relies on two levels of managers in order to distribute the computation required in case of a member join or leave. The proposed protocol is based on the idea of LKH protocols. To fasten the operations required in case of a member leave or join, the proposed protocol uses one-way functions as in CEKPS protocol. The proposed protocol is compared with LKH and CEKPS protocols. The comparison is undertaken according to two criteria: the cost of encryption required for the re-key operation in case of member join or leave and the length of the re-key message. The results show that the proposed protocol outperforms both LKH and CEKPS protocols.