Browse > Article

A Bandwidth-Efficient Revocation Scheme for Stateless Receivers in Broadcasting Communication Environment  

Kim, Pyung (KAIST 전산학과)
Hur, Jun-Beom (KAIST 전산학과)
Yoon, Hyun-Soo (KAIST 전산학과)
Publication Information
Journal of KIISE:Information Networking / v.37, no.5, 2010 , pp. 327-338 More about this Journal
Abstract
Complete Subtree scheme(CS) is a well known broadcast encryption scheme to perform group rekeying in a stateless manner. However, statelessness comes at a cost in terms of storage and message overhead in transmitting key material. We propose a Merged Complete Subtree scheme(MCS) to reduce the communication overhead. It is more practical to make broadcast encryption schemes in network environments with limited bandwidth resources. We define all possible subset unions for ever two subsets of CS as new subsets having own key. The modification causes more storage overhead. Nevertheless, it is possible to make the size of a header, including key materials, half using subset unions of MCS, because the size of a header depends on the number of used subsets. Our evaluation therefore shows that the proposed scheme significantly improves the communication overhead of CS, reducing by half the rekey communication cost. The proposed scheme has the advantage of rekey communication cost when the number of revoked users is significant percentage of the number of potential users. The proposed scheme is fully collusion resistant.
Keywords
broadcast encryption; revocation scheme; group communication; stateless receiver;
Citations & Related Records
연도 인용수 순위
  • Reference
1 O. Goldreich, S. Goldwasser, S. Micali, "How to Construct Random Functions," Journal of the ACM, vol.33, no.4, pp.792-807, Oct 1986.   DOI   ScienceOn
2 M. Johansson, G. Kreitz, F. Lindholm, "Stateful Subset-Cover," ACNS 2006, LNCS, vol.3989, pp. 178-193, 2006.
3 W. Chen, Z. Ge, C. Zhang, J. Kurose, D. Towsley, "On Dynamic Subset Difference Revocation scheme," NETWORKING 2004, LNCS vol.3042, pp.743-758, 2004.
4 M. J. Mihaljevic, "Broadcast Encryption Schemes Based on the Sectioned Key Tree," ICICS 2003, LNCS, vol.2836, pp.158-169, 2003.
5 C. K. Wong, M. G. Gouda, S. S. Lam, "Secure Group Communications Using Key Graphs," ACM SIGCOMM, pp.68-79, 1998. (in Canada)
6 D.A. McGrew, A.T. Sherman, "Key Establishment in Large Dynamic Groups Using One-Way Function Trees," Technical Report No. 0755, TIS Labs at Network Associates, Inc., Glenwood, MD (1998).
7 D. Naor, M. Noar, J. Lotspiech, "Revocation and tracing schemes for stateless receivers," CRYPTO 2001, LNCS, vol.2139, pp.41-62, 2001.
8 A. Fiat, M. Naor, "Broadcast encryption," Advances in Cryptology - CRYPTO'93, LNCS, vol.773, pp.480-491, 1994.
9 R. Nojima, Y. Kaji, "Secure, Efficient and Practical Key Management scheme in the Complete-Subtree method," IEICE TRANS. FUNDAMENTALS, vol.E88-A, no.1, 2005.
10 D. Halevy, A. Shamir, "The LSD broadcast encryption scheme," CRYPTO'02, LNCS, vol.2442, pp.47-60, 2002.
11 T. Asano, "A revocation scheme with minimal storage at receivers," ASIACRYPT'02, LNCS vol.2501, pp.433-450, 2002.