【作者】 陈璟；

【导师】 杨波；

【作者基本信息】 西安电子科技大学 ， 密码学， 2004， 硕士

【摘要】 多播是当前Internet上许多应用的基础，因此多播成为当前研究的一个热点问题。安全是多播研究中急需解决的问题。本文对多播安全中认证和组密钥管理这两个关键问题进行了研究。 多播的安全需求主要有接入控制、认证、多播数据传输的保密性等。认证是多播应用的瓶颈问题。由于多播具有参与者多，使用UDP协议等特点，因此应用于单播通信中的许多成熟的认证方案不能直接应用于多播通信中。文章在对目前的多播认证方案分析的基础上，提出了两个多播数据包认证方案，分析表明，这两个方案在抗丢包能力，通信代价、计算代价等方面都获得较好的性能，适用于两种不同的多播环境。 多播数据传输的保密性是通过所有多播组成员共享一个组密钥，组内通信通过组密钥加密实现的。如何安全地分发、管理、更新这个组密钥是多播安全中最核心的问题。本文对目前的多播组密钥管理方案进行了介绍，分析了各个方案的优缺点。本文重点分析了OFT方案的安全性，指出了OFT方案在实现前向安全和后向安全上存在的漏洞，并提出了改进方案。更多还原

【Abstract】 As the basis of many current Internet applications, multicast has become a hottest research topic now. Because of the importance and urgency of security to multicast, this thesis investigates two key issues, i.e. authentication and group key management, of multicast security.Multicast security contains access control, authentication, confidence of multicast data transmission and etc. Among these, authentication is the bottleneck. Because of its inherent characteristics, such as multi-participant, using UDP as protocols, many efficient authentication schemes in unicast communication cannot be applied into multicast communications directly. Based on the analysis of available multicast authentication schemes, two multicast packet authentication schemes are presented. It is shown that these two schemes have advantages in resisting packet-loss, communication overhead, computation complexity etc, and thus they are suitable for multicast environment.Multicast confidential is realized by sharing a group key and encrypting communication data by the group key. How to distribute, manage and update this key is key of multicast security. This thesis introduces available multicast group key management schemes and analyzes their advantages and disadvantages. The security of OFT scheme is the emphasis. The vulnerabilities of OFT scheme in forward and backward security are unveiled and some improvements are given.更多还原