【作者】 刘广伟；

【导师】 张斌；

【作者基本信息】 东北大学 ， 计算机应用技术， 2010， 博士

【摘要】 随着网络技术的发展,组播得到了越来越广泛的应用,如视频会议、金融市场数据、远程教学等。组密钥管理是解决组播安全性问题的关键。因此设计一个高效率、低代价的安全密钥管理协议是当前安全组播研究的核心问题。按照密钥产生方式,组播密钥管理协议主要可以分为集中式和分布式两种。本文即针对以上两类组密钥管理协议展开深入的分析和研究。在集中式组密钥管理协议研究中,提出了基于分层数据处理(HDP,Hierarchical Data Processing)的组播逻辑密钥树代价分析模型、基于子树移动思想的完全树密钥管理算法和基于门限思想TOFT密钥管理协议;在分布式密钥管理协议研究中,将双线性配对思想引入分布式组播密钥管理,提出了DSTR分布式组密钥生成算法,设计了基于双线性配对的STR组密钥管理协议,为提供协议认证性,将证书机制引入分布式组密钥管理中,提出了基于双线性配对和证书的分布式组密钥管理协议;最后,对组播协议的容错性进行研究,通过引入失效检测器和口令认证机制,提出了一种具有容错性的安全组播密钥管理协议(Fault Tolerant andSecure Protocol,FTS协议)。以下几个方面是本文所取得的一些主要研究成果:(1)通过对组播逻辑密钥树的分析与研究,给出了有向逻辑密钥树系统化的定义和描述。应用HDP,从理论上提出了基于逻辑密钥树的集中式组播密钥管理代价分析模型,并应用该模型对m叉逻辑密钥作以理论上的代价分析。结合HDP的理论分析成果,构建了一种新的基于子树移动思想的完全组播密钥管理算法,该算法以4叉完全树作为密钥树逻辑上的管理和存储结构,采用子树移动思想进行完全树重建,从而减少了为维持树的平衡结构所付出的额外代价,因此该算法实现算法简单,代价开销较低,适用于组播规模较大且成员变化较频繁的情况。(2)研究和探讨了门限密秘共享理论和组播密钥管理的本质联系,并基于门限密码机制,提出了新的集中式TOFT密钥管理协议。TOFT协议引入了门限密码体制,采用了性能最优化的四叉树结构,提高了密钥管理系统综合性能。文中给出了TOFT协议的原理、密钥生成和密钥更新过程等方面的内容,并以通信代价、计算代价、存储代价和安全性四个方面作为衡量协议性能优劣的指标,对TOFT协议和其他组播密钥管理协议进行性能比较和分析,经过比较与分析,该协议优于其它同类协议。(3)根据双线性配对密码体制提出了新的分布式组播密钥生成算法和协商协议,即基于DSTR组密钥生成算法和基于双线性配对的STR组密钥协商协议(PSTR协议)。由于采用DSTR密钥树结构来求解组内成员相关节点的盲密钥,使得DSTR组密钥生成算法具有较低代价的开销。对DSTR的安全性分析,证明其在计算上是安全的。针对STR组密钥管理协议没有提供密钥认证,不能抵御主动攻击的问题,引入双线性配对密码体制和三叉密钥树来实现组密钥管理,提出PSTR协议,其中包括密钥产生过程及其6个子协议,对PSTR协议安全性进行分析,证明了PSTR协议在计算上是安全的。分析与比较了PSTR协议和STR协议的性能,结果表明PSTR协议在通信代价、计算代价和存储代价均优于STR协议。(4)进一步对分布式组播密钥管理协议进行深入研究,提出基于证书的CBPSTR(Certificate-owned and Bilinear Pairing-based STR)协议,该协议采用特殊的三叉密钥树结构,结合STR和TGDH协议并引入证书和双线性配对密码体制。CBPSTR协议包括6个子协议:建立组播组、成员加入、成员离开、合并组播组、拆分组播组和更新组密钥。安全性分析表明CBPSTR协议在计算上是安全的。与STR、TGDH协议进行比较,CBPSTR协议具有较低计算和通信代价。由于具有成员间的认证性,CBPSTR能抵抗中间人攻击、密钥泄漏假冒攻击和未知密钥共享攻击,是一种具有认证性的高效分布式组密钥管理协议。(5)对组播密钥管理协议的容错性进行研究。通过引入失效检测器和口令认证机制,提出一种具有容错性的FTS组播密钥管理协议。FTS采用失效检测器对成员进行动态检测,以保证协议独立于成员位置和成员状态。此外,采用服务器和每个成员共享一个独特口令的方式,对成员发送的消息进行加密、解密;同时,服务器通过密码学运算对消息内容进行更新,可有效抵抗中间人攻击。从安全性、通讯代价、计算代价、存储代价四个方面对FTS协议进行理论分析及实例化代价分析,并与同样具有容错性的FTKM组播密钥管理协议进行比较,结果表明,FTS协议在略微牺牲计算代价的情况下,大幅度降低了存储代价,并且具有良好的容错性,保证了协议的安全性,提高了综合性能。更多还原

【Abstract】 With the development of network technology, multicast technology has been applied widely, such as video conference, financial market data and distance learning. Multicast key management is the crux of solving the security problems in multicast. Thus it’s very important for multicast security. So designing an efficient and secure key management protocol is a crucial question in secure multicast studying field.In general, group key management protocols can also be divided into two types, centralized and distributed according to key generation methods. This thesis makes an in-depth research on group key management protocol (centralized and distributed) in secure multicast. In the research of the centralized group key management protocols, the cost analysis model of the multicast logical key tree based hierarchical data processing (HDP), the completed tree key management algorithm based on subtree moving, and the TOFT key management protocol based on threshold-key-mechanism are proposed in this thesis. In the research of the distributed group key management protocols, by introducing the bilinear pairing cryptosystem, a distributed group key generation algorithm based on DSTR is proposed.The bilinear pairing-based STR (PSTR) is also given. In order to get authentication , this thesis introduces certificate mechanism and bilinear pairing function in elliptic curve, proposes a new distributed group key management protocol based on certificate mechanism and bilinear pairing.Finally, in the research of fault-tolerant of multicast key management protocol, by introducing the fault-tolerant algorithm and the password authentication mechanism, a fault-tolerant and secure multicast key management (FTS, for short) is also proposed in this thesis.There is some research production mainly in the following aspects:(1)Through the research and analysis of logical key tree of multicast, the concept and the systematic definition of the directed logical key tree in theory is given in this thesis. This thesis applies HDP to give a cost analysis model of the multicast key management based on the logical key tree, with which the m-ray logical key tree is also analyzed theoretically. Combined with the theoretical analysis results of HDP, a new multicast key management algorithm based on the completed quad tree is proposed. The algorithm take completed quad tree as the logical structure which manages and stores the keys of a logical key tree, and use the subtree moving method to rebuild the complete tree, so the external cost which caused by tree balancing can be reduced. Therefore the algorithm is applicable to the situation where the group size is enormous and the changing of group member is frequent.(2) In the thesis, the essential communication of threshold secret sharing theory and multicast key management is analyzed. A new threshold-based one-way function tree (TOFT) protocol based on threshold cryptography is protosed. The quad-tree structure and the threshold-key-mechanism are used in the TOFT protocol, which improves the performance of the key management system.The design principle of TOFT, the realization protocols including keys generation and distribution, dynamic membership management is given in the thesis. In addition, we evaluate TOFT compared with other proposed protocols from the following four aspects: computation cost, storage requirements, communication cost and security. Finally, we conclude that the TOFT protocol is more efficient than others.(3) Based on the bilinear pairing cryptosystem, a new group key generation algorithm based on DSTR and bilinear pairing-based STR multicast key agreement protocol are proposed. With using DSTR logical key tree to obtain efficient algorithm for computing the blinded keys of the relevant nodes of the group members, the DSTR group key generation algorithm has high efficiency. The security of DSTR is also proved. But on security property, STR cannot resist active attacks without providing key authentication. By introducing the bilinear pairing cryptosystem and the 3-ary key tree, the improved STR protocol which is called PSTR (Bilinear Pairing-based STR) is proposed. This protocol includes the key generation process and six basic sub-protocols. Through proving the bilinear form of PSTR key tree, the security of the PSTR in computation is proved. Finally we compare PSTR with STR through performance analysis, the results of which show that: PSTR is more efficient than STR in the communication cost and the computation cost as well as the storage requirement.(4) In the further research of the distributed group key management protocol, based on the STR and TGDH, this thesis introduces certificate mechanism and bilinear pairing function in elliptic curve with the ternary tree, propose a novel multicast key management scheme CBPSTR. The key generation process and six basic sub-protocols (Setup protocol, Join protocol, Leave protocol, Merge protocol, Partition protocol and Refresh protocol) were included in the protocol. Through the security analysis, it shows that the CBPSTR is secure in computation. Finally, CBPSTR were compared with STR and TGDH, the results of which show that: CBPSTR possesses low communication cost as STR and low computing cost as TGDH. Moreover, CBPSTR can effectively resist man-in-the-middle attack, key-compromise impersonation resilience and unknown key-share resilience. Therefore CBPSTR protocol is a novel, authentication and efficient distributed key management protocol.(5) In the research of the fault-tolerant of the multicast key management, this thesis proposes a fault-tolerant and secure multicast key management protocol (FTS, for short) with using the fault-tolerant algorithm and the password authentication mechanism. Failure detector is used to dynamically test the members, which ensures that FTS will be independent from the location and the status of group members. In addition, each member has a unique password with the server, which is used to encrypt or decrypt the massages in FTS and cryptology arithemtic updates the messages among members, which could effectively prevent insider attacks. Finally, to compare multicast key management protocols, communication cost, computation cost, memory cost and security are taken as the performance criteria. Through theoretical and instantiation analysis, we compare FTS protocol with the FTKM from the four aspects above.FTS slightly increases the computation cost, but greatly reduces the storage cost. In conclusion, FTS enhances the comprehensive performance, which is also a fault-tolerant and secure protocol without the single-point bottleneck.更多还原