對於動態的群組而言，群組成員可以在任意的時刻選擇加入或離開這個群組，為了確保只有合法的群組成員才能持續不斷地接收並解讀群組通訊的內容，利用密碼學將通訊內容加密提供了相關的需求，加密用的群組金鑰成了提供安全性的關鍵，而面對一個動態的群組，群組金鑰也需要動態的做更新，因此需要一個有效率的金鑰管理機制來處理相關問題。

在這篇論文中，我們提出了一個應用於安全群組通訊的適應性群播金鑰管理機制 (adaptive multicast key management scheme)，並且設計了一種新的邏輯樹結構金鑰管理機制，我們稱這種邏輯樹結構為標準樹 (canonical tree)，標準樹的設計理念結合了週期性金鑰更新 (periodic rekey) 以及平衡樹 (balanced tree) 架構，利用群播 (multicast) 技術配合群組導向 (group-oriented) 的訊息發送方式來更新群組金鑰。

在許多文獻中，星結構 (star-based) 和邏輯樹結構 (tree-based) 廣泛的被應用於金鑰管理機制上，在這篇論文中，我們對於以標準樹為基礎的金鑰管理機制以及其他兩種著名的金鑰管理機制做了效能上的評估與比較。此外，我們發現群組成員離開的機率與速率主導著星結構和邏輯樹結構在金鑰更新花費上效能的差異，基於以上的觀點，相較於單純使用以星結構或是邏輯樹結構為基礎的金鑰管理機制，在動態的環境之下我們建議使用結合星結構與邏輯樹結構的適應性金鑰管理機制來獲得更佳的效能。

In this thesis, we propose an adaptive multicast key management scheme for secure group communications. In a secure communication session, group members could dynamically join and leave the group. Therefore, a multicast key management scheme is required to ensure that only legitimate users will continue to receive the latest information. In the literature, star-based key management schemes and tree-based key management schemes were proposed for secure group communications. In this thesis, we propose a novel canonical-tree-based key management scheme. We evaluate the average rekeying costs of the canonical-tree-based scheme as well as two well-known key management schemes. We find that the leaving probability of group members dominates the relative performance between the star-based scheme and the tree-based scheme. Based on the above observations, we propose an adaptive key management scheme that is superior to both the star-based scheme and the tree-based scheme in a dynamic environment.

誌謝 .................................................... i
中 文 摘 要 ............................................ ii
Abstract .............................................. iii
目 錄 .................................................. iv
圖 索 引 ............................................... vi
表 索 引 ............................................... ix

第一章 序論 ........................................... 1
1.1 研究背景與動機 ................................. 1
1.2 論文架構 ....................................... 3
第二章 金鑰管理系統架構 ............................... 4
2.1 群播技術 ....................................... 4
2.2 星結構 (star-based) 金鑰管理機制 ............... 5
2.2.1 新成員加入 ..................................... 6
2.2.2 舊成員離開 ..................................... 6
2.3 邏輯樹結構 (tree-based) 金鑰管理機制 ........... 7
2.3.1 新成員加入 ..................................... 9
2.3.2 舊成員離開 ..................................... 9
2.4 週期性金鑰更新、整批金鑰更新 .................. 10
2.5 平衡樹 ........................................ 11
2.6 使用者機率模型 ................................ 11
2.6.1 不連續時間馬可夫鏈 (DTMC) ..................... 11
2.6.2 連續時間馬可夫鏈 (CTMC) ....................... 13
2.7 適應性的金鑰管理機制 .......................... 15
第三章 標準樹結構 .................................... 17
3.1 參數和名詞的定義 .............................. 20
3.2 參數的計算 .................................... 22
3.3 重建標準樹的操作流程 .......................... 23
3.4 實例說明 ...................................... 26
3.4.1 J = L的情況 ................................... 26
3.4.2 J > L的情況 ................................... 30
3.4.3 J < L 的情況 .................................. 36
第四章 標準樹的評估與分析 ............................ 42
4.1 效能分析 ...................................... 42
4.2 計算複雜度 .................................... 43
第五章 模擬結果與討論 ................................ 45
第六章 結論 .......................................... 60
參考文獻 ............................................... 62

[1] Suman Banerjee and Bobby Bhattacharjee, “Scalable Secure Group Communication over IP Multicast,” IEEE Journal on Selected Areas in Communications, Vol. 20, No. 8, October 2002, p. 1511-1527.

[2] Ran Canetti, Juan Garay, Gene Itkis, Daniele Micciancio, Moni Naor, and Benny Pinkas, “Multicast Security: A Taxonomy and Some Efficient Constructions,” IEEE INFOCOM 1999, p. 708-716.

[3] Isabella Chang, Robert Engel, Dilip Kandlur, Dimitrios Pendarakis, and Debanjan Saha, “Key Management for Secure Internet Multicast using Boolean Function Minimization Techniques,” IEEE INFOCOM 1999, p. 689-698.

[4] Gary Chartrand and Ortrud R. Oellermann, Applied and Algorithm Graph Theory, 1993, The McGraw-Hill Companies, Inc.

[5] Li Gong and Nachum Shacham, “Multicast Security and its extension to a mobile environment,” ACM/Kluwer Wireless Networks, Vol. 1, No. 3, 1995, p. 281-295.

[6] Li Gong, “Enclaves: Enabling Secure Collaboration Over the Internet,” IEEE Journal on Selected Areas in Communications, Vol. 15, No. 3, April 1997, p. 567-575.

[7] Yu-Lun Huang, Shiuhpyng Shieh, Fu-Shen Ho, and Jian-Chyuan Wang, “Efficient Key Distribution Schemes for Secure Media Delivery in Pay-TV Systems,” IEEE Transcations on Multimedia, Vol. 6, No. 5, October 2004, p. 760-769.

[8] Paul Judge and Mostafa Ammar, “Gothic: A Group Access Control Architecture for Secure Multicast and Anycast,” IEEE INFOCOM 2002, p. 1547-1556.



[9] Yongdae Kim, Adrian Perrig, and Gene Tsudik, “Group Key Agreement Efficient in Communication,” IEEE Transcations on Computers, Vol. 53, No. 7, July 2004, p. 905-921.

[10] Xiaozhou Steve Li, Yang Richard Yang, Mohamed G. Gouda, and Simon S. Lam, “Batch Rekeying for Secure Group Communications,” ACM SIGCOMM 2001, p. 525-534.

[11] Suvo Mittra, “Iolus: A Framework for Scalable Secure Multicasting,” ACM SIGCOMM 1997, p. 277-288.

[12] Yinian Mao, Yan Sun, Min Wu, and K. J. Ray Liu, “Dynamic Join-Exit Amortization and Scheduling for Time-Efficient Group Key Agreement,” IEEE INFOCOM 2004, p. 2617-2627.

[13] M. J. Moyer, J. R. Rao, and P. Rohatgi, “Maintaining Balanced Key Trees for Secure Multicast,” INTERNET-DRAFT, June 1999.

[14] Radha Poovendran, and John S. Baras, “An Information-Theoretic Approach for Design and Analysis of Rooted-Tree-Based Multicast Key Management Schemes,” IEEE Transcations on Information Theory, Vol. 47, No. 7, Novenber 2001, p. 2824-2834.

[15] Yan Sun and K. J. Ray Liu, “Scalable Hierarchical Access Control in Secure Group Communications,” IEEE INFOCOM 2004, p. 1296-1306.

[16] Yan Sun, Wade Trappe, and K.J. Ray Liu, “A Scalable Multicast Key Management Scheme for Heterogenous Wireless Networks,” IEEE/ACM Transcations on Networking, Vol. 12, No. 4, August 2004, p. 653-666.

[17] Alan T. Sherman and David A. McGrew, “Key Establishment in Large Dynamic Groups Using One-Way Function Trees,” IEEE Transcations on Software Engineering, Vol. 29, No. 5, May 2003, p. 444-458.

[18] Sanjeev Setia, Samir Koussih, Sushil Jajodia, and Eric Harder, “Kronos: A Scalable Group Re-Keying Approach for Secure Multicast,” IEEE Symposium on Security & Privacy 2000, p. 215-228.

[19] Jack Snoeyink, Subhash Suri, and George Varghese, “A Lower Bound for Multicast Key Distribution,” IEEE INFOCOM 2001, p. 422-431.

[20] Wade Trappe, Yuke Wang, and K. J. Ray Liu, “Resource-Aware Conference Key Establishment for Heterogeneous Networks,” IEEE/ACM Transcations on Networking, Vol. 13, No. 1, February 2005, p. 134-146.

[21] Wade Trappe, Jie Song, Radha Poovendran, and K. J. Ray Liu, “Key Management and Distribution for Secure Multimedia Multicast,” IEEE Transcations on Multimedia, Vol. 5, No. 4, December 2003, p. 544-557.

[22] Chung Kei Wong and Simon S. Lam, “Digital Signatures for Flows and Multicasts,” IEEE/ACM Transactions on Networking, Vol. 7, No. 4, August 1999, p. 513-520.

[23] Chung Kei Wong, Mohamed Gouda, and Simon S. Lam, “Secure Group Communications Using Key Graphs,” IEEE/ACM Transcations on Networking, Vol. 8, No. 1, February 2000, p. 16-30.

[24] Marcel Waldvogel, Germano Caronni, Dan Sun, Nathalie Weiler, and Bernhard Plattner, “The VersaKey Framework: Versatile Group Key Management,” IEEE Journal on Selected Areas in Communications, Vol. 17, No. 9, September 1999, p. 1614-1631.

[25] X. Brian Zhang, Simon S. Lam, Dong-Young Lee, and Y. Richard Yang, “Protocol Design for Scalable and Reliable Group Rekeying,” IEEE/ACM Transcations on Networking, Vol. 11, No. 6, December 2003, p. 908-922.