安全的分散式多播密钥管理方案

为解决集中式多播密钥管理方案中服务器端的可靠性、安全性和可用性问题,提出了一种新的安全分散式多播的密钥管理方案.基于分散式控制和门限秘密共享的思想,将单个密钥服务器扩展为具有(t,m)门限控制结构的服务器组.多播组密钥的产生、分发和更新由多个服务器结点协作完成.提供了确保服务器成员只知道组密钥的影子密钥而不知道所产生的组密钥的安全机制,这种机制使得某些服务器成员被攻击导致信息泄漏也不会影响系统安全.此外,分散式管理结构和门限控制机制可有效避免单点失效和性能瓶颈问题,还可提高了密钥服务器的可靠性和抗毁性能.

Secure decentralized multicast key management scheme

To so lve the pro blems of reliability , security and availability in the server o f cent ralized schemes, this paper put forw ard a new secure decent ralized mult icast key management scheme. Based on the decentr alized management and threshold secret sharing contr ol, the scheme replaces the sing le key server by a g roup o f key servers w ith the structure of ( t, m) thresho ld. T he key serv ers gro up is responsible for the generat ion, distr ibution and update of the mult icast g roup keys. The scheme also prov ides a secure mechanism that ensures ever y server to know only it s shadow key s of the group keys instead of the gr oup keys, so the system is secure even if informat io n leakage occurs in some key serv ers w hen at tacked. In addit ion, the decent ralized st ructure and threshold cont ro l can solv e the sing le-point failure and bot tleneck pro blem, and lead to hig h reliability and survivability .