Group communication is a suitable and effective communication model for large-scale distributed systems. To be fully exploitable, group communication must be protected. This is normally achieved by providing members with a group key which is revoked and redistributed upon every member's joining (backward security) or leaving (forward security). Such a rekeying process must be efficient and highly scalable. In this paper, we present HISS, a highly scalable group rekeying scheme that efficiently rekeys the group into two broadcast rekeying messages. HISS features two novel contributions. First, it exhibits a rekeying cost which is constant and independent of the group size, thus being highly scalable with the number of users. At the same time, memory occupancy and computational overhead are affordable on customary platforms. Second, HISS considers collusion as a first-class attack and recovers the group in such a way that it does not require a total group recovery. Efficiency of collusion recovery gracefully decreases with the attack severity. We prove the correctness of HISS, analytically evaluate its performance and argue that it is deployable on customary platforms. Finally, we show that it is possible to practically contrast or even prevent collusion attacks by properly allocating users to subgroups.
HISS: a HIghly Scalable Scheme for group rekeying
DINI, GIANLUCA;TILOCA, MARCO
2012-01-01
Abstract
Group communication is a suitable and effective communication model for large-scale distributed systems. To be fully exploitable, group communication must be protected. This is normally achieved by providing members with a group key which is revoked and redistributed upon every member's joining (backward security) or leaving (forward security). Such a rekeying process must be efficient and highly scalable. In this paper, we present HISS, a highly scalable group rekeying scheme that efficiently rekeys the group into two broadcast rekeying messages. HISS features two novel contributions. First, it exhibits a rekeying cost which is constant and independent of the group size, thus being highly scalable with the number of users. At the same time, memory occupancy and computational overhead are affordable on customary platforms. Second, HISS considers collusion as a first-class attack and recovers the group in such a way that it does not require a total group recovery. Efficiency of collusion recovery gracefully decreases with the attack severity. We prove the correctness of HISS, analytically evaluate its performance and argue that it is deployable on customary platforms. Finally, we show that it is possible to practically contrast or even prevent collusion attacks by properly allocating users to subgroups.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
