HySOR: group key management with collusion-scalability tradeoffs using a hybrid structuring of receivers

One problem in securing group communication is the scalability of group key management in dynamic multicast sessions. The main challenge arises when a member leaves the multicast session and a rekeying of the group is required to prevent the departing member from accessing the information being multicast after they leave. Recent research developed the logical key hierarchy (LKH) protocol which uses a tree structuring of receivers and requires O(log(n)) rekeying messages when a member leaves. It has also been demonstrated that /spl Omega/(log(n)) is the best one can achieve if strict confidentiality and non-collusion are required. While strict non-collusion is required for some highly sensitive data, we argue that some commercial content delivery applications will be extremely cost sensitive and willing to tolerate some small level of collusion. In this paper we consider the question of how one might trade off the message cost of rekeying with some increased vulnerability to collusion. We consider a range of protocols. In one extreme is LKH which is completely immune from collusion. On the other extreme is a protocol based on the linear ordering of receivers (LORE), which requires O(1) messages for rekeying but in which any two receivers can collude. We describe a scheme using a hybrid structuring of receivers (HySOR) which is tunable between the LKH and LORE extremes and by which one can trade off some vulnerability to collusion for a decrease in rekeying message cost. We provide analytical as wen as simulation results to investigate the performance of HySOR and its tunability along the collusion/scalability spectrum.