METHOD OF MANAGING GROUP KEY FOR SECURE MULTICAST COMMUNICATION

US 20110249817A1
Filed: 05/13/2009
Published: 10/13/2011
Est. Priority Date: 12/10/2008
Status: Abandoned Application

First Claim

Patent Images

1. A group key management method for secure multicast communication, comprising:

creating a tree having a root node, internal nodes and leaf nodes to manage group keys of a receiver group by a group key management server;

generating user keys of all nodes excluding the root node in the tree on the basis of Chinese Remainder Theorem;

assigning the leaf nodes of the tree to users of the receiver group;

sending a set of keys of the leaf nodes to the corresponding users for group key management;

generating group keys of all non-leaf nodes;

computing a solution of congruence equations based on the user keys and group keys by using Chinese Remainder Theorem for each non-leaf node; and

multicasting a group key update message to each user of the respective leaf nodes.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A group key management method for secure multicast communication includes: creating a tree having a root node, internal nodes and leaf nodes to manage group keys of a receiver group by a group key management server; generating user keys of all nodes excluding the root node in the tree on the basis of Chinese Remainder Theorem; assigning the leaf nodes of the tree to users of the receiver group; and sending the user keys of the leaf nodes to the corresponding users for group key management. Further, the group key management method for secure multicast communication includes generating group keys of all non-leaf nodes; computing a solution of congruence equations based on the user key and group key by using Chinese Remainder Theorem for each non-leaf node; and multicasting a group key update message to each user of the respective leaf nodes.

Citations

17 Claims

1. A group key management method for secure multicast communication, comprising:
- creating a tree having a root node, internal nodes and leaf nodes to manage group keys of a receiver group by a group key management server;
  
  generating user keys of all nodes excluding the root node in the tree on the basis of Chinese Remainder Theorem;
  
  assigning the leaf nodes of the tree to users of the receiver group;
  
  sending a set of keys of the leaf nodes to the corresponding users for group key management;
  
  generating group keys of all non-leaf nodes;
  
  computing a solution of congruence equations based on the user keys and group keys by using Chinese Remainder Theorem for each non-leaf node; and
  
  multicasting a group key update message to each user of the respective leaf nodes.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The group key management method of claim 1, wherein each user of the receiver group receives a corresponding group key update message and computes a group key by using data contained in the group key update message and its own user key.
  - 3. The group key management method of claim 1, wherein said computing a solution of congruence equations comprises:
    - selecting a non-leaf node that is at one level higher than leaf nodes on the tree and does not have an already computed solution related to Chinese Remainder Theorem; and
      
      computing a solution of congruence equations based on a group key of the selected non-leaf node and user keys of child nodes of the selected non-leaf node using Chinese Remainder Theorem.
  - 4. The group key management method of claim 3, wherein computing a solution of congruence equations is repeated until all non-leaf nodes on the tree have a solution of congruence equations related to Chinese Remainder Theorem.
  - 5. The group key management method of claim 1, wherein multicasting a group key update message comprises:
    - selecting a non-leaf node of the tree for which a group key update message is not yet multicast; and
      
      multicasting the solution related to Chinese Remainder Theorem computed for the selected non-leaf node.
  - 6. The group key management method of claim 5, wherein multicasting a group key update message is repeated until all non-leaf nodes on the tree are handled in relation to solution multicasting.
  - 7. The group key management method of claim 1, wherein the tree divides many users of the receiver group into subgroups with several tens of members.
  - 8. The group key management method of claim 1, wherein the group key update message comprises a group ID to identify a receiver group, a node ID assigned to a node, and a solution of congruence equations related to Chinese Remainder Theorem for the node.

9. A group key management method for secure multicast communication having a procedure of group key update when a new user joins in a receiver group, the method comprising:
- adding a leaf node to a tree for a new user in a receiver group by a group key management server;
  
  creating a user key for the new user and a new group key;
  
  sending the created user key and new group key to the new user; and
  
  encrypting the new group key with the current group key and multicasting the encrypted new group key.
- View Dependent Claims (10)
- - 10. The group key management method of claim 9, wherein existing users of the receiver group decrypt the multicast new group key with the current group key to thereby recover the new group key.

11. A group key management method for secure multicast communication having a procedure of group key update when a user leaves from a receiver group, the method comprising:
- finding a leaf node assigned to the user left from the receiver group in a tree by a group key management server;
  
  selecting the parent node of the found leaf node, and generating a new group key for the parent node;
  
  computing a solution of congruence equations for the parent node on the basis of Chinese Remainder Theorem; and
  
  multicasting a group key update message related to the new group key.
- View Dependent Claims (12)
- - 12. The group key management method of claim 11, wherein the group key management server repeats generation and multicasting of a new group key for an ancestor node of the parent node in a bottom-up fashion until the ancestor node is the root node of the tree.

13. A group key management method for practical secure multicast communication, comprising:
- determining the number of child nodes that a particular node is allowed to have in a receiver group by a group key management server;
  
  creating a tree according to the determined number of child nodes;
  
  generating user keys of all nodes other than the root node in the tree on the basis of Chinese Remainder Theorem;
  
  assigning leaf nodes to users of the receiver group in a one-to-one manner;
  
  generating group keys for non-leaf nodes in the tree;
  
  computing fixed and changeable data values for each node in the tree;
  
  computing, using fixed and changeable data values of each node in the tree, a solution of congruence equations related to Chinese Remainder Theorem; and
  
  storing the fixed and changeable data values.

14. A group key management method for practical secure multicast communication having a procedure of group key update when a user joins a receiver group, the method comprising:
- creating a new group key for the new user in a receiver group by a group key management server;
  
  finding a leaf node of a tree not assigned to a user and assigning the found leaf node to the new user;
  
  computing and storing a changeable data value for the leaf node;
  
  sending user key information and the new group key to the new user; and
  
  encrypting the new group key with the current group key and multicasting the encrypted new group key.
- View Dependent Claims (15)
- - 15. The group key management method of claim 14, wherein existing users of the receiver group decrypt the multicast new group key with the current group key to thereby recover the new group key.

16. A group key management method for practical secure multicast communication having a procedure of group key update when a user leaves from a receiver group, the method comprising:
- finding a leaf node assigned to the left user in a tree of the receiver group by a group key management server;
  
  setting a changeable data value of the leaf node to any other value and storing the changeable data value;
  
  selecting a parent node of the leaf node and generating a new group key for the parent node;
  
  computing and storing a changeable data value for the parent node;
  
  computing a solution of congruence equations related to Chinese Remainder Theorem on the basis of the stored fixed data value and changeable data value of the parent node; and
  
  multicasting a group key update message containing the new group key.
- View Dependent Claims (17)
- - 17. The group key management method of claim 16, wherein the group key management server repeats generation and multicasting of a new group key for an ancestor node of the parent node in a bottom-up fashion until the ancestor node is the root node of the tree.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Electronics and Telecommunications Research Institute
Original Assignee
Electronics and Telecommunications Research Institute
Inventors
Kim, Jung Hyun, Park, Jee Hyun, Jeong, Yeon Jeong, Lee, Jung Soo, Yoon, Kisong, Nam, Do-Won

Application Number

US13/133,920
Publication Number

US 20110249817A1
Time in Patent Office

Days
Field of Search
US Class Current

380/281
CPC Class Codes

H04L 12/185   with management of multicas...

H04L 63/065   for group communications cr...

H04L 9/0822   using key encryption key

H04L 9/0825   using asymmetric-key encryp...

H04L 9/0836   using tree structure or hie...

H04L 9/0891   Revocation or update of sec...

METHOD OF MANAGING GROUP KEY FOR SECURE MULTICAST COMMUNICATION

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

METHOD OF MANAGING GROUP KEY FOR SECURE MULTICAST COMMUNICATION

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links