• Journal of the Korea Society of Computer and Information
• /
• v.9 no.3
• /
• pp.177-182
• /
• 2004

The existing group key management architectures applied to a small scale routing protocols may have many overheads with key distribution. Therefore this paper proposes a group key management protocol in PIM-SM multicast group communication. This method divide multicast groups with RP, and subgroup key managers are established in each RP and can be transmitted groups keys. And this does not have needs of the data translation and the new key distribution for path change. This does not have needs of the data translation and the new key distribution for path change, so the data transmission time can be reduced.

• ETRI Journal
• /
• v.23 no.3
• /
• pp.111-120
• /
• 2001

For scalable multicast transport, one of the promising approaches is to employ a control tree known as acknowledgement (ACK) tree which can be used to convey information on reliability and session status from receivers to a root sender. The existing tree configuration has focused on a 'bottom-up' scheme in which ACK trees grow from leaf receivers toward a root sender. This paper proposes an alternative 'top-down' configuration where an ACK tree begins at the root sender and gradually expands by including non-tree nodes into the tree in a stepwise manner. The proposed scheme is simple and practical to implement along with multicast transport protocols. It is also employed as a tree configuration in the Enhanced Communications Transport Protocol, which has been standardized in the ITU-T and ISO/IEC JTC1. From experimental simulations, we see that the top-down scheme provides advantages over the existing bottom-up one in terms of the number of control messages required for tree configuration and the number of tree levels.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2001.10b
• /
• pp.855-858
• /
• 2001

통신 및 컴퓨터의 보급 발전을 통해 새로운 정보 사회의 패러다임이 정립되고 있다. 특히 유 무선 네트워크 상에서 그름 기반 통신 응용 서비스의 요구 증가는 더욱 빠르고 정확한 정보 통신의 한 축으로서 매우 중요한 의미를 부여받고 있다. 이러한 필요성에 따라 멀티캐스트 기반 구조에 대한 연구가 활발히 진행되고 있다. 그러나 유 무선 멀티캐스트 키 관리 구조에 대한 안전성과 효율성 및 확장성 부분에 대한 해결책은 아직 미비한 상태이다. 본 연구에서는 유선 및 무선에서 멀티캐스트 서비스 지원을 위해 필요한 요구 사항들을 고찰함과 동시에 안전성과 효율성 및 확장성을 제공하는 새로운 멀티캐스트 키 관리 기법을 제안한다.

• Journal of the Korea Society of Computer and Information
• /
• v.18 no.11
• /
• pp.115-124
• /
• 2013

In this paper, we suggest a secure data dissemination by Lightweight Individual Encryption Multicast scheme over wireless sensor networks using the individual encryption method with Forward Error Correction instead of the group key encryption method. In wireless sensor networks, a sink node disseminates multicast data to the number of sensor nodes to update the up to date software such as network re-programming and here the group key encryption method is the general approach to provide a secure transmission. This group key encryption approach involves re-key management to provide a strong secure content distribution, however it is complicated to provide group key management services in wireless sensor networks due to limited resources of computing, storage, and communication. Although it is possible to control an individual node, the cost problem about individual encryption comes up and the individual encryption method is difficult to apply in multicast data transmission on wireless sensor networks. Therefore we only use 0.16% of individually encrypted packets to securely transmit data with the unicast to every node and the rest 99.84% non-encrypted encoded packets is transmitted with the multicast for network performance.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2000.10a
• /
• pp.837-840
• /
• 2000

For secure communications in using multicast applications such as Cable-TV, It is essential for us to manage shared keys to encrypt/decrypt data through crypto algorithm as DES, which is called Group Key Management. In GKM, It is a hot issue that reduces the number of join/leave operation and subgroup key in key tree model. In this paper, we propose optimized mechanism of group key management required for providing multicast security.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.2
• /
• pp.935-949
• /
• 2016

In this paper, we present a novel authenticated group key distribution scheme for large and dynamic multicast groups without employing traditional symmetric and asymmetric cryptographic operations. The security of our scheme is mainly based on the basic theories for solving linear equations. In our scheme, a large group is divided into many subgroups, where each subgroup is managed by a subgroup key manager (SGKM) and a group key generation center (GKGC) further manages all SGKMs. The group key is generated by the GKGC and then propagated to all group members through the SGKMs, such that only authorized group members can recover the group key but unauthorized users cannot. In addition, all authorized group members can verify the authenticity of group keys by a public one-way function. The analysis results show that our scheme is secure and efficient, and especially it is very appropriate for secure multicast communications in large and dynamic client-server networks.

• The Journal of Korean Association of Computer Education
• /
• v.9 no.2
• /
• pp.111-124
• /
• 2006

Multicast services are provided on the Internet in fast increasing. Therefore it is important to keep security for multicast communication. If a member of the group is removed, new group key has to be generated and distributed to all remaining members of group. Minimizing number of messages and operation cost for generation of the composite keys to be used to encrypting group key are important evaluating criteria of multicast key management scheme since generation and distribution of new keys for rekeying require expensive operation. Periodic batch rekeying can reduce these important parameters rather than rekeying sequentially in fashion one after another. In this paper, Hamming distance is calculated between every members to be removed. In batch rekeying the members with Hamming distance less than threshold are selected for rekeying procedure. With running the round assignment algorithm in the case of removing several members simultaneously, our scheme has advantages of reducing messages and operation cost for generation of the composite keys and eliminating possibility of collusion attack for rekeying. We evaluate performance of round assignment algorithm through simulation and show that our scheme is excellent after performance comparison of existent schemes and our scheme.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.2
• /
• pp.31-40
• /
• 2003

The current security issue for the Internet is focused on the security for user data. On the other hand, the research on the security for routing protocols is not so active, considering the importance of its role for the harmonious and accurate operation of the Internet. In this paper, we investigate the security problems of the link-state routing protocol which has been employed in the Internet, and suggest a new authentication mechanism for routing messages which complements and extends the previous ones. For this purpose, a concept of dual hash chains is newly introduced, which is provably secure, and we explain how to provide both the integrity and source authentication service for routing messages based on the session hash chains.

• The KIPS Transactions:PartC
• /
• v.10C no.5
• /
• pp.625-634
• /
• 2003

More than a decade after its initial proposal, deployment of IP Multicast has been limited due to the problem of traffic control in multicast routing, multicast address allocation in global internet, reliable multicast transport techniques etc. Lately, according to increase of multicast application service such as internet broadcast, real time security information service etc., overlay multicast is developed as a new internet multicast technology. In this paper, we describe an overlay multicast protocol and propose fast join mechanism that considers switching of the tree. To find a potential parent, an existing search algorithm descends the tree from the root by one level at a time, and it causes long joining latency. Also, it is try to select the nearest node as a potential parent. However, it can't select the nearest node by the degree limit of the node. As a result, the generated tree has low efficiency. To reduce long joining latency and improve the efficiency of the tree, we propose searching two levels of the tree at a time. This method forwards joining request message to own children node. So, at ordinary times, there is no overhead to keep the tree. But the joining request came, the increasing number of searching messages will reduce a long joining latency. Also searching more nodes will be helpful to construct more efficient trees. In order to evaluate the performance of our fast join mechanism, we measure the metrics such as the search latency and the number of searched node and the number of switching by the number of members and degree limit. The simulation results show that the performance of our mechanism is superior to that of the existing mechanism.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2000.10a
• /
• pp.821-824
• /
• 2000

통신 및 컴퓨터의 보급 발전을 통해 공개 네트워크 상에서 그룹에 기반한 통신 응용 서비스의 요구가 증가하고 있다. 이러한 필요성에 따라 멀티캐스트 기반 구조에 대한 연구가 활발히 진행되고 있다. 하지만 멀티캐스트 구조에 대한 안전성과 효율성 및 확장성 부분에 대한 해결책은 아직 미비한 상태이다. 본 연구에서는 기존의 대표적인 멀티캐스트 키 관리 구조를 고찰함과 동시에 안전성과 효율성 및 확장성을 분석한다. 이에 기초해 확장성을 제공하는 안전한 멀티캐스트 키 관리 구조를 제안하고 기존 방식과 비교 분석한다.