Key management protocol
First Claim
1. A method of managing keys in a key distribution system for a communications group, the key distribution system maintaining a tree of nodes including at least one leaf node that has a parent node, each node of the group being associated with a first key, the method comprising:
- updating the first keys of a first branch of nodes in the tree by allocating new first keys to each of the nodes in the branch;
determining an offset representing a distance between two chains of one-way functions, for generating the updated first key of each node in the branch from a key of a previous node in the branch; and
broadcasting each of said offsets in an unencrypted form so that, given the updated first key associated with the first node of said branch, each updated first key of said branch of nodes can be calculated.
1 Assignment
0 Petitions
Accused Products
Abstract
A key distribution server maintains a tree of nodes. Members of a group who are allowed access to information are associated with respective leaf nodes of the tree. The information is encrypted with a key comprising a join key field and a leave field, and these are associated with the root node of the tree. The join key is updated each time a member joins the group and the leave field is updated each time a member leaves. Further respective leave keys are associated with the other nodes of the tree. The leave keys of the tree are related so that a member knowing the leave key of its node can work out the leave key of the root node and hence decrypt the information. The key distribution server transmits offset messages to the members to allow them so to calculate the root node leave key. The system of offset messages reduces the amount of communication required between the key distribution server and the group members.
-
Citations
44 Claims
-
1. A method of managing keys in a key distribution system for a communications group, the key distribution system maintaining a tree of nodes including at least one leaf node that has a parent node, each node of the group being associated with a first key, the method comprising:
-
updating the first keys of a first branch of nodes in the tree by allocating new first keys to each of the nodes in the branch; determining an offset representing a distance between two chains of one-way functions, for generating the updated first key of each node in the branch from a key of a previous node in the branch; and broadcasting each of said offsets in an unencrypted form so that, given the updated first key associated with the first node of said branch, each updated first key of said branch of nodes can be calculated. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21)
-
-
22. A key distribution system for a communications group, the key distribution system comprising:
a distribution server including means for maintaining a tree of nodes including at least one leaf node that has a parent node, each node being associated with a first key; wherein the first key of each parent node in the tree is derived from the first key of each of its child nodes by two one-way functions and a mixing function, the mixing function including an offset value representing a distance between two chains of one-way functions, as a parameter which is broadcast in an unencrypted form. - View Dependent Claims (23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37)
-
38. A key distribution system for a communications group, the key distribution system comprising:
-
an encryption key distribution server including means for maintaining a tree of nodes including a root node that has at least one child node, and at least one leaf node that has a parent node, the distribution server including means for servicing a communication group comprising at least one member client device, wherein a served encryption key defined in a server memory device comprises a join field and a leave field, and wherein; each member client device of the group knows the join field of the encryption key; each node of the key distribution system is associated with a leave key; the leave field of the encryption key is derived from the leave key of the root node; and the first key of parent nodes in the tree is generated from the first key of each of its child nodes by two one-way functions and a mixing function, the mixing function including an offset representing a distance between two chains of one-way functions, as a parameter. - View Dependent Claims (39, 40, 41, 42, 43, 44)
-
Specification