|
SIGMETRICS 2001 / Performance 2001Towards Scalable and Reliable Group Key Management |
| Authors |
|
Yang Richard Yang <yangyang@cs.utexas.edu> Xiaozhou Li <xli@cs.utexas.edu> Xincheng Zhang <zxc@cs.utexas.edu> Simon S. Lam <lam@cs.utexas.edu>
Department of Computer Sciences, The University of Texas at Austin
|
| Abstract |
| In secure group communications, members of a group share a group key. A key server provides access control to the group key as well as reliable rekeying for group members whenever the key changes. In this paper, we investigate scalability issues of reliable group rekeying, and provide a performance analysis of our group key management system (called keygem) based upon the use of key trees. Instead of rekeying at every join or leave, we propose periodic batch rekeying to improve scalability and alleviate an out-of-sync problem between keys and data. Our analyses show that batch rekeying can achieve large performance gains. We then investigate reliable multicast of rekey messages using proactive FEC. We observe that reliable group rekeying has a soft real-time requirement and the rekey workload has a sparseness property, that is, each group member only needs to receive a small fraction of the packets that carry a rekey message sent by the key server. We then investigate tradeoffs between server and receiver bandwidth requirements versus group rekey interval. We also show how to determine the maximum number of group members a key server can support. |