Journal of Computer Applications ›› 2018, Vol. 38 ›› Issue (5): 1372-1376.DOI: 10.11772/j.issn.1001-9081.2017102413

Previous Articles     Next Articles

Stateful group rekeying scheme with tunable collusion resistance

AO Li1, LIU Jing1, YAO Shaowen1, WU Nan2   

  1. 1. School of Software, Yunnan University, Kunming Yunnan 650500, China;
    2. School of Information Science and Engineering, Yunnan University, Kunming Yunnan 650500, China
  • Received:2017-10-12 Revised:2017-12-04 Online:2018-05-10 Published:2018-05-24
  • Contact: 刘璟
  • Supported by:
    This work is partially supported by the National Natural Science Foundation of China (61363084), the Foundation for the 4th Batch of the Middle-aged and Youth Key Teachers of Yunnan University (XT412003), the Faculty Team Construction Foundation of Yunnan University (XT412001).

抗合谋攻击能力可调的有状态组密钥更新协议

敖丽1, 刘璟1, 姚绍文1, 武楠2   

  1. 1. 云南大学 软件学院, 昆明 650500;
    2. 云南大学 信息学院, 昆明 650500
  • 通讯作者: 刘璟
  • 作者简介:敖丽(1993-),女,云南曲靖人,硕士研究生,主要研究方向:信息安全、密码学;刘璟(1972-),男,四川绵阳人,副教授,博士,主要研究方向:信息安全、计算机网络安全、密码学;姚绍文(1966-),男,湖南永顺人,教授,博士生导师,博士,主要研究方向:信息安全、分布式计算;武楠(1989-),女,河南南阳人,硕士研究生,主要研究方向:信息安全、密码学。
  • 基金资助:
    国家自然科学基金资助项目(61363084);云南大学第四批中青年骨干教师基金资助项目(XT412003);云南大学师资队伍建设基金资助项目(XT412001)。

Abstract: Logical Key Hierarchy (LKH) protocol has been proved that O(log n) is the lower bound of the communication complexity when resisting complete collusion attacks. However, in some resource-constrained or commercial application environments, user still require the communication overhead below O(log n). Although Stateful Exclusive Complete Subtree (SECS) protocol has the characteristic of constant communication overhead, but it can only resist single-user attacks. Considering the willingness of users to sacrifice some security to reduce communication overhead, based on LKH which has the characteristic of strict confidentiality, and combined with SECS which has constant communication overhead, a Hybrid Stateful Exclusive Complete Subtree (H-SECS) was designed and implemented. The number of subgroups was configured by H-SECS according to the security level of application scenario to make an optimal tradeoff between communication overhead and collusion resistance ability. Theoretical analysis and simulation results show that, compared with LKH protocol and SECS protocol, the communication overhead of H-SECS can be regulated in the ranges between O(1) and O(log n).

Key words: stateful, group rekeying, Logical Key Hierarchy (LKH) protocol, collusion resistance

摘要: 逻辑密钥分层(LKH)协议已经被证明在抗完全合谋攻击时,它通信开销的下界是O(log n),但是在一些资源受限或者商业应用场景中,用户仍然要求通信开销低于O(log n)。虽然,有状态的完全排外子树(SECS)协议具有常量通信开销的特性,却只能抵抗单用户攻击。考虑用户愿意牺牲一定安全性来降低通信开销的情况,利用LKH协议的完全抗合谋攻击特性和SECS协议具有常量通信开销的优势,设计并实现了一种混合的组密钥更新协议(H-SECS)。H-SECS协议根据应用场景的安全级别来配置子组数目,在通信开销和抗合谋攻击能力之间作一个最优的权衡。理论分析及仿真实验表明,与LKH协议和SECS协议相比,H-SECS协议的通信开销可以在O(1)和O(log n)区间进行调控。

关键词: 有状态, 组密钥更新, 逻辑密钥分层协议, 抗合谋攻击

CLC Number: