多权限组播通信中密钥管理协议和加密方案的研究
|
摘要
在信息技术朝着高性能、多样化、普适化和智能化等主要方向持续发展的今天,因特网上的多媒体业务变得多种多样。组播通信能够很好地解决多个用户的接收问题,其实质就是针对个性化需求,高效组织计算资源,构造可以适应用户需求的安全网络应用环境。随着组播通信开始从理论研究走向实际应用,其安全问题越来越突出。特别是多权限组播通信中的安全问题,比传统(单一权限)组播通信中的安全问题更难解决。
本论文首先介绍了组播通信技术中已有的群组密钥管理协议,并针对这些协议中的密钥树都是二叉树、不利于系统扩展的局限,提出了基于单向函数和多叉树的群组密钥管理协议(One-Way Function and Multiway Tree-Based Group Key Management Protocol,简称OMGM)。该协议将多叉树作为密钥图的构造基础,有效降低了密钥树高度,进而减少了群组管理者和用户的密钥存储、密钥更新和网络开销。同时,该协议采用随机数辅助密钥更新,可以大大降低因广播更新密钥而引起的网络带宽消耗。
另外,本论文在基于属性加密的基础上提出了一种适用于多权限组播通信的安全加密方案(A Scalable Encryption Scheme for Multi-Privileged Group Communications,简称EMGC)。该方案采用属性标记数据流,同时将合法用户信息融入密文,这样通过属性和ID的双重限制来保证组播通信的前向和后向安全性。针对不同的应用环境,本论文给出了两种加密方法:方法一适用于用户在不同服务组之间转移频率较高的情况,并且公钥长度较小;方法二对公钥和密文长度进行了折中,而且保证了在组播消息过程中,群组管理者和用户具有较少的计算开销。
总之,本论文解决了多权限组播通信中的若干安全问题,包括密钥管理协议和加密方案的设计。从而保证了组播通信中的安全性,解决了密钥的分发和更新问题,减少了群组管理者和成员的计算、存储开销,降低了占用的网络带宽等。这些研究成果将应用到实际中去,改变多权限组播通信“研究多、应用少”的现状。
With the rapid development of network technologies, more and more multimedia applications and services are provided over the Internet. Group communications were proposed to adapt the demand for individuation, organizing computing resources efficiently, and constructing secure network applications which could meet users'needs. As group communications began to be used in practical application other than theory, security issues in them are increasingly prominent. Especially for multi-privileged group communications, they are more difficult to solve than those in traditional group communications.
This thesis first introduces some existing group key management schemes. As the key graphs in these schemes are binary trees, which are not good for scalability, we propose a one-way function and multiway tree-based group key management protocol (OMGM). It is based on multiway tree, which could reduce the height of key tree effectively. Thereby the scheme can reduce the key storage overhead of server and users. What's more, it uses a random number to support key updating, which can greatly reduce the overhead of network bandwidth caused by broadcasting new keys during key updating.
In addition, this thesis also proposes a scalable encryption scheme for multi-privileged group communications (EMGC) based on Attribute-Based Encryption (ABE). It uses attributes to describe data streams in group communications, and ciphertexts are labeled with an access control structure and the set of legal users'IDs. The forward and backward secrecy are ensured by the attributes and users'ID set. Moreover, based on the features of different multi-privileged group communication systems, it proposes two constructions for EMGC scheme. Construction 1 can benefit users'switching and has a small size of public key, while the other makes a tradeoff between the size of public key and ciphertext, and also reduces the computational overhead of server and users.
This thesis studies and solves some security issues in multi-privileged group communications, including the designing of group key management protocol and encryption scheme. They can be used to ensure the security in multi-privileged group communications, achieve key distribution and updating, reduce the computational and storage overhead of servers and users, reduce the overhead of network bandwidth, and so on. These achievements can be well applied to applications, and change the "research more, while applied less" status of multi-privileged group communications.
本论文首先介绍了组播通信技术中已有的群组密钥管理协议,并针对这些协议中的密钥树都是二叉树、不利于系统扩展的局限,提出了基于单向函数和多叉树的群组密钥管理协议(One-Way Function and Multiway Tree-Based Group Key Management Protocol,简称OMGM)。该协议将多叉树作为密钥图的构造基础,有效降低了密钥树高度,进而减少了群组管理者和用户的密钥存储、密钥更新和网络开销。同时,该协议采用随机数辅助密钥更新,可以大大降低因广播更新密钥而引起的网络带宽消耗。
另外,本论文在基于属性加密的基础上提出了一种适用于多权限组播通信的安全加密方案(A Scalable Encryption Scheme for Multi-Privileged Group Communications,简称EMGC)。该方案采用属性标记数据流,同时将合法用户信息融入密文,这样通过属性和ID的双重限制来保证组播通信的前向和后向安全性。针对不同的应用环境,本论文给出了两种加密方法:方法一适用于用户在不同服务组之间转移频率较高的情况,并且公钥长度较小;方法二对公钥和密文长度进行了折中,而且保证了在组播消息过程中,群组管理者和用户具有较少的计算开销。
总之,本论文解决了多权限组播通信中的若干安全问题,包括密钥管理协议和加密方案的设计。从而保证了组播通信中的安全性,解决了密钥的分发和更新问题,减少了群组管理者和成员的计算、存储开销,降低了占用的网络带宽等。这些研究成果将应用到实际中去,改变多权限组播通信“研究多、应用少”的现状。
With the rapid development of network technologies, more and more multimedia applications and services are provided over the Internet. Group communications were proposed to adapt the demand for individuation, organizing computing resources efficiently, and constructing secure network applications which could meet users'needs. As group communications began to be used in practical application other than theory, security issues in them are increasingly prominent. Especially for multi-privileged group communications, they are more difficult to solve than those in traditional group communications.
This thesis first introduces some existing group key management schemes. As the key graphs in these schemes are binary trees, which are not good for scalability, we propose a one-way function and multiway tree-based group key management protocol (OMGM). It is based on multiway tree, which could reduce the height of key tree effectively. Thereby the scheme can reduce the key storage overhead of server and users. What's more, it uses a random number to support key updating, which can greatly reduce the overhead of network bandwidth caused by broadcasting new keys during key updating.
In addition, this thesis also proposes a scalable encryption scheme for multi-privileged group communications (EMGC) based on Attribute-Based Encryption (ABE). It uses attributes to describe data streams in group communications, and ciphertexts are labeled with an access control structure and the set of legal users'IDs. The forward and backward secrecy are ensured by the attributes and users'ID set. Moreover, based on the features of different multi-privileged group communication systems, it proposes two constructions for EMGC scheme. Construction 1 can benefit users'switching and has a small size of public key, while the other makes a tradeoff between the size of public key and ciphertext, and also reduces the computational overhead of server and users.
This thesis studies and solves some security issues in multi-privileged group communications, including the designing of group key management protocol and encryption scheme. They can be used to ensure the security in multi-privileged group communications, achieve key distribution and updating, reduce the computational and storage overhead of servers and users, reduce the overhead of network bandwidth, and so on. These achievements can be well applied to applications, and change the "research more, while applied less" status of multi-privileged group communications.
引文
[1]中华人民共和国国务院.国家中长期科学和技术发展规划纲要(2006-2020). http://www.most.gov.cn/kjfz/kjzw/index.htm
[2]徐明伟,董晓虎,徐恪.组播密钥管理的研究进展[J].软件学报,2004,3(1):141-153
[3]S. Deering. Host Extensions for IP Multicasting[C]. IETF RFC 1112,1989
[4]S. Deering. Multicast Routing in a Datagram Network:[PhD Thesis]. California: Stanford University,1991
[5]包怀忠.IP组播关键技术研究[J].计算机技术与发展,2009,19(4):138-142
[6]孙利民,阚志刚,郑健平,等.移动IP技术[M].北京:电子工业出版社,2003
[7]吴茜,吴建平,徐恪,等.移动Internet中的IP组播研究综述[J].软件学报,2003,14(7):1324-1337
[8]陆正福,于光德,李亚东,等.多播组动态管理协议IGMP的形式化分析[J].云南大学学报(自然科学版),2002,24(4):256-261
[9]林予松,王荣,王宗敏.因特网管理协议IGMP研究[J].计算机应用研究,2005,1(1):200-204
[10]叶保留,顾铁成,陆桑璐,等.组播技术综述[J].小型微型计算机系统,2004,25(8):1409-1414
[11]欧阳洁.多权限组播通信中基于单向函数的群组密钥管理协议:[硕士学位论文].长沙:中南大学,2007
[12]W. Trappe, J. Song, R. Poovendran, et al. Key Distribution for Secure Multimedia Multicasts via Data Embedding[C]. Proceedings of the Acoustics, Speech, and Signal, May 2001:1449-1452
[13]S. Rafaeli and D. Hutchison. A Survey of Key Management for Secure Group Communication[J]. ACM Computing Surveys.2003,35(3):309-329
[14]Y. Sun and K. J. R. Liu. Scalable Hierchical Access Control in Secure Group Communications[C]. Proceedings of the 23rd IEEE International Conference on Computer Communications (INFOCOM 2004), March 2004:1296-1306
[15]S. Mittra. IOLUS:A Framework for Scalable Secure Multicasting[C]. Proceedings of the ACM SIGCOMM 1997 Conference on Applications, Technologies, Architectures, and Protocols for Computer Communication (SIGCOMM 1997), September 1997:277-288
[16]C. K. Wong, M. Gouda, and S. S. Lam. Secure Group Communications Using Key Graphs[C]. Proceedings of the ACM SIGCOMM 1998 Conference on Applications, Technologies, Architectures, and Protocols for Computer Communication (SIGCOMM 1998), September 1998:68-79
[17]胡亮,初剑峰,林海群,等.IBE体系的密钥管理机制[J].计算机学报,2009,32(3):543-551
[18]X. B. Zhang, S. S. Lam, D.-Y. Lee, and Y. R. Yang. Protocol Design for Scalable and Reliable Group Rekeying[J]. IEEE/ACM Transactions on Networking.2003, 11(6):908-922
[19]赵欣,吴敏强,陈道蓄,等.一个自适应的安全组通信密钥更新算法[J].电子学报,2003,31(5):654-658
[20]J. Xu, F. Zhou, X. Li, and M. Yang. Hierarchical Data Processing Model and Complete Tree Key Management Mechanism[C]. Proceedings of the 2008 International Conference for Young Computer Scientists (ICYCS 2008), November 2008:1606-1612
[21]刘璟,周明天.大型动态多播群组的密钥管理和访问控制[J].软件学报,2002,13(2):291-297
[22]李先贤,怀进鹏,刘旭东.群密钥分配的动态安全性及其方案[J].计算机学报,2002,25(4):337-345
[23]屈劲,葛建华,蒋铭.安全组播的Huffman层次密钥管理[J].软件学报,2003,14(1):151-156
[24]朱文涛,熊继平,李津生,等.安全组播中密钥分配问题的研究[J].软件学报,2003,14(12):2052-2059
[25]李远征.基于分级密钥管理的安全组播方案[J].电子与信息学报,2004,26(7):1053-1056
[26]O. Rodeh, K. Birman, and D. Dolev. Optimized Rekey for Group Communication Systems[C]. Proceedings of the 7th Network and Distributed Systems Security Symposium (NDSS 2000), February 2000:37-48
[27]许静芳,崔国华,程琦,等.秘密共享新个体加入协议的安全性分析与改进[J].通信学报,2009,30(10):118-123
[28]庞辽军,裴庆祺,焦李成,等.基于ID的门限多重秘密共享方案[J].软件学报,2008,19(10):2739-2745
[29]M. Steiner, G. Tsudik, and M. Waidner. CLIQUES:A New Approach to Group Key Agreement[C]. Proceedings of the 18th International Conference on Distributed Computing Systems (ICDCS 1998), May 1998:380-387
[30]M. Steiner, G. Tsudik, and M. Waidner. Diffie-Hellman Key Distribution Extended to Group Communication[C]. Proceedings of the 3rd ACM Conference on Computer and Communications Security (CCS 1996), March 1996:31-37
[31]W. Diffie and M. Hellman. New Directions in Cryptography[J]. IEEE Transactions on Information Theory,1976,2(6):644-654
[32]徐鹏,崔国华,郑明辉.高效的抗阻断攻击的非认证组密钥协商方案[J].通信学报,2009,30(10):75-80
[33]钟欢,许春香.基于身份的多方认证组密钥协商协议[J].电子学报,2008,36(10):1869-1873
[34]J. Staddon, S. Miner, M. Franklin, et al. Self-Healing Key Distribution with Revocation[C]. Proceedings of the 23rd IEEE Symposium on Security and Privacy (S&P 2002), May 2002:224-240
[35]李徽,武传坤.一种高效的Long-Lived Self-Healing密钥分发机制[J].软件学报,2009,20(2):462-468
[36]Y. Kim, A. Perrig, and G. Tsudik. Simple and Fault-Tolerant Key Agreement for Dynamic Collaborative Groups[C]. Proceedings of the 7th ACM Conference in Computer and Communication Security (CCS 2000), November 2000:235-241
[37]C. Becker and U. Wille. Communication Complexity of Group Key Distribution[C]. Proceedings of the 5th ACM Conference on Computer and Communications Security (CCS 1998), November 1998:1-6
[38]Y. Mao, Y. Sun, M. Wu, et al. JET:Dynamic Join-Exit-Tree Amortization and Scheduling for Contributory Key Management[J]. IEEE/ACM Transactions on Networking,2006,14(5):1128-1140
[39]X. Gu, Z. Cao, J. Yang, et al. Dynamic Contributory Key Management Based on Weighted-Join-Exit-Tree[C]. Proceedings of the IEEE Military Communications Conference 2008 (MILCOM 2008), November 2008:1-7
[40]W. Trappe, Y. Wang, and K. J. Ray Liu. Resource-Aware Conference Key Establishment for Heterogeneous Networks[J]. IEEE/ACM Transactions on Networking,2005,13(1):134-146
[41]M. Srivatsa, A. Iyengar, J. Yin, et al. Scalable Key Management Algorithme for Location-Based Services[J]. IEEE/ACM Transactions on Networking,2009, 17(5):1399-1412
[42]J. Hur, Y. Shin, and H. Yoo. Decentrilized Group Key Management for Dynamic Networks Using Proxy Cryptography[C]. Proceedings of the 3rd ACM Workshop on QoS and Security for Wireless and Mobile Networks (Q2SWinet 2007), October 2007:123-129
[43]Y. Sun, W. Trappe, and K. J. R. Liu. A Scalable Multicast Key Management Scheme for Heterogeneous Wireless Networks[J]. IEEE/ACM Transactions on Networking,2004,12(4):653-666
[44]Y. Wang, P. D. Le, and B. Srinivasan. Efficient Key Management for Secure Wireless Multicast[C]. Proceedings of the International Conference on Convergence and Hybrid Information Technology 2008 (ICCIT 2008), November 2008:1131-1136
[45]王换招,罗东玮,郭宇飞,等.一个大规模无线传感器网络的密钥动态管理策略[J].电子学报,2008,36(7):1383-1388
[46]胡荣磊,刘建伟,张其善.基于簇的adhoc网络密钥管理方案[J].通信学报,2008,29(10):223-228
[47]M. Ge and K. Lam. Self-Healing Key Management Service for Mobile Ad hoc Networks[C]. Proceedings of the First International Conference on Ubiquitous and Future Networks (ICUFN 2009), June 2009:177-182
[48]宋震,周贤伟,窦文华.一种基于身份标识的MANET组密钥协商协议[J].电子学报,2008,36(10):1682-1688
[49]杨庚,程宏兵.一种有效的无线传感器网络密钥协商方案[J].电子学报,2008,36(7):1389-1395
[50]冯涛,王毅琳,马建峰.一种新的基于椭圆曲线密码体制的Ad-hoc组密钥管理方案[J].电子学报,2009,37(5):918-925
[51]周福才,徐剑,徐海芳,等.Adhoc网络中基于双线性配对的STR组密钥管理协议研究[J].通信学报,2008,29(10):117-125
[52]G. Wang, L. Liao, J. Cao, et al. Key Management for Secure Multicast Using the RingNet Hierarchy[C]. Proceedings of the 2004 International Symposium on Computational and Information Sciences (CIS 2004), December 2004:77-84
[53]G. Wang, L. Liao, J. Cao, et al. A Novel Secure Multicast Scheme in Mobile Internet[J]. Journal of Central South University of Technology (English Edition), 2005,12(6):720-725
[54]王国军,吴敏,周薇,等.基于双向令牌的可扩展及可靠的群组成员管理[J].软件学报,2008,19(4):915-935
[55]C. Yuan, B. Zhu, M. Su, et al. Layered Access Control for MPEG-4 FGS Video[C]. Proceedings of the 2003 International Conference on Image Processing (ICIP 2003), September 2003:1-517-20
[56]H. S. Koo, O. H. Kwon, and S. W. Ra. A Tree Key Graph Design Scheme for Hierarchical Multi-Group Access Control[J]. IEEE Communications Letters 2009, 2009,13(11):874-876
[57]Q. Gu, P. Liu, W. C. Lee, et al. KTR:An Efficient Key Management Scheme for Air Access Control[C]. Proceedings of the Second Annual International Conference on Mobile and Ubiquitous Systems:Networking and Services (MobiQuitous 2005), July 2005:499-501
[58]N. H. Hoang, W. Yiling, L. P. Dung, et al. A Membership-Oriented Group Key Management for Application Services[C]. Proceedings of the 12th International Conference on Network-Based Information Systems (NBIS 2009), August 2009: 240-245
[59]Q. Zhang and Y. Wang. A Centralized Key Management Scheme for Hierarchical Access Control[C]. Proceedings of the 47th IEEE Golbal Communications Conference (GLOBECOM 2004), November 2004:2067-2071
[60]D. Ma, Y. Wu, R. Deng, et al. Dynamic Access Control for Multi-Privileged Group Communications [C]. Proceedings of the 2004 International Conference on Information and Communication Security (ICICS 2004), October 2004:508-519
[61]R. Li, J. Li, and H. Kameda. Distributed Hierarchical Access Control for Secure Group Communications[C]. Proceedings of the 2005 International Conference on Communication, Networking and Mobile Computing (ICCNMC 2005), August 2005:539-548
[62]D. Boneh and M. Franklin. Identity-Based Encryption from the Weil Pairing[C]. Proceedings of the 21st Annual International Cryptology Conference (CRYPTO 2001), August 2001:213-229
[63]A. Sahai and B. Waters. Fuzzy Identity-Based Encryption[C]. Proceedings of the 24th Annual International Conference on the Throry and Applications of Cryptographic Techniques (EUROCRYPT 2005), May 2005:457-473
[64]V. Goyal,O. Pandey, A. Sahai, et al. Attribute Based Encryption for Fine-Grained Access Control of Encrypted Data[C]. Proceedings of the 13th ACM Conference on Computer and Communications Security (CCS 2006), October 2006:89-98
[65]J. Bethencourt, A. Sahai, and B. Waters. Ciphertext-Policy Attribute-Based Encryption[C]. Proceedings of the 28th IEEE Symposium on Security and Privacy (S&P 2007), May 2007:321-334
[66]Z. Zhou and D. Huang. On Efficient Ciphertext-Policy Attribute Based Encryption and Broadcast Encryption[C]. Proceedings of the 17th ACM Conference on Computer and Communications Security (CCS 2010), October 2010:753-755
[67]M. Pirretti, P. Traynor, P. McDaniel, et al. Secure Attribute-Based System[C]. Proceedings of the 13th ACM Conference on Computer and Communications Security (CCS 2006), October 2006:99-112
[68]J. Back, W. Susilo, and J. Zhou. New Constructions of Fuzzy Identity-Based Encryption[C]. Proceedings of the 2007 ACM Symposium on Information, Computer and Communications Security (ASIACCS 2007), March 2007:368-370
[69]S. Muller, S. Ktzenbeisser, and C. Eckert. Distributed Attribute-Based Encryption[C]. Proceedings of the 11th International Conference on Information Security and Cryptoloy (ICISC 2008), December 2009:20-36
[70]R. Ostrovsky, A. Sahai, and B. Waters. Attribute Based Encryption with Non-Monotonic Access Structure[C]. Proceedings of the 14th ACM Conference on Computer and Communications Security (CCS 2007), October 2007:195-203
[71]M. Chase. Multi-Authority Attribute Based Encryption[C]. Proceedings of Theory of Cryptography Conference 2007 (TCC 2007), February 2007:515-534
[72]M. Chase, S. S. M. Chow. Improving Privacy and Security in Multi-Authority Attribute-Based Encryption[C]. Proceedings of the 16th ACM Conference on Computer and Communications Security (CCS 2009), November 2009:121-130
[73]H. Lin, Z. Cao, X. Liang, et al. Secure Threshold Multi Authority Attribute Based Encryption without a Central Authority[C]. Proceedings of the 9th International Conference on Cryptology in India (INDOCRYPT 2008), December 2008:426-436
[74]L. Cheung, J. A. Cooley, R. Khazan, et al. Collusion-Resistant Group Key Management Using Attribute-Based Encryption[R]. Cryptology ePrint Archive, Report 2007/161,2007, http://eprint.iacr.org/
[75]D. Lubicz and T. Sirvent. Attribute-Based Broadcast Encryption Scheme Made Efficient[C]. Proceedings of the First International Conference on Cryptology in Africa (AfricaCrypt 2008), June 2008:325-342
[76]Z. Zhou and D. Huang. Constructing Efficient Attribute-Based Broadcast Encryption[C]. Proceedings of the 29rd IEEE International Conference on Computer Communications (INFOCOMM 2010), March 2010:1-2
[77]N. Attrapadung and H. Imai. Conjunctive Broadcast and Attribute-Based Encryption[C]. Proceedings of Pairing 2009, August 2009:248-265
[78]A. Lewko, A. Sahai, and B. Waters. Revocation Systems with Very Small Private Keys[C]. Proceedings of the 31th IEEE Symposium on Security and Privacy (S&P 2010), May 2010:273-285
[79]G. Wang, J. Ouyang, H. H. Chen, et al. Efficient Group Key Management for Multi-Privileged Groups[J]. Computer Communications (Elsevier Science),2007, 30(11-12):2497-2509
[80]G. Wang, J. Ouyang, H. H. Chen, et al. Group Rekeying in Multi-Privileged Group Communications for Distributed Networking Services[M]. A book chapter in "Security in Distributed and Networking Systems. World Scientific Publishing, Co., ISBN 978-981-270-807-6,99-126
[81]Y. Wang, J. Li, T. Ling, et al. An Efficient Key Management for Large Dynamic Groups[C]. Proceedings of the 2nd Annual Conference on Communication Networks and Services Research, May 2004:131-136
[82]A. M. Eskicioglu, S. Dexter, and E. J. Delp. Protection of Multicast Scalable Video by Secret Sharing:Simulation Results[C]. Proceedings of the SPIE International Conference on Security and Watermarking of Multimedia Contents, June 2003:505-515
[83]D. Boneh, C. Gentry, and B. Waters. Collusion Resistant Broadcast Encryption with Short Ciphertexts and Private Keys[C]. Proceedings of the 25th Annual International Cryptology Conference (CRYPTO 2005), August 2005:258-275
[2]徐明伟,董晓虎,徐恪.组播密钥管理的研究进展[J].软件学报,2004,3(1):141-153
[3]S. Deering. Host Extensions for IP Multicasting[C]. IETF RFC 1112,1989
[4]S. Deering. Multicast Routing in a Datagram Network:[PhD Thesis]. California: Stanford University,1991
[5]包怀忠.IP组播关键技术研究[J].计算机技术与发展,2009,19(4):138-142
[6]孙利民,阚志刚,郑健平,等.移动IP技术[M].北京:电子工业出版社,2003
[7]吴茜,吴建平,徐恪,等.移动Internet中的IP组播研究综述[J].软件学报,2003,14(7):1324-1337
[8]陆正福,于光德,李亚东,等.多播组动态管理协议IGMP的形式化分析[J].云南大学学报(自然科学版),2002,24(4):256-261
[9]林予松,王荣,王宗敏.因特网管理协议IGMP研究[J].计算机应用研究,2005,1(1):200-204
[10]叶保留,顾铁成,陆桑璐,等.组播技术综述[J].小型微型计算机系统,2004,25(8):1409-1414
[11]欧阳洁.多权限组播通信中基于单向函数的群组密钥管理协议:[硕士学位论文].长沙:中南大学,2007
[12]W. Trappe, J. Song, R. Poovendran, et al. Key Distribution for Secure Multimedia Multicasts via Data Embedding[C]. Proceedings of the Acoustics, Speech, and Signal, May 2001:1449-1452
[13]S. Rafaeli and D. Hutchison. A Survey of Key Management for Secure Group Communication[J]. ACM Computing Surveys.2003,35(3):309-329
[14]Y. Sun and K. J. R. Liu. Scalable Hierchical Access Control in Secure Group Communications[C]. Proceedings of the 23rd IEEE International Conference on Computer Communications (INFOCOM 2004), March 2004:1296-1306
[15]S. Mittra. IOLUS:A Framework for Scalable Secure Multicasting[C]. Proceedings of the ACM SIGCOMM 1997 Conference on Applications, Technologies, Architectures, and Protocols for Computer Communication (SIGCOMM 1997), September 1997:277-288
[16]C. K. Wong, M. Gouda, and S. S. Lam. Secure Group Communications Using Key Graphs[C]. Proceedings of the ACM SIGCOMM 1998 Conference on Applications, Technologies, Architectures, and Protocols for Computer Communication (SIGCOMM 1998), September 1998:68-79
[17]胡亮,初剑峰,林海群,等.IBE体系的密钥管理机制[J].计算机学报,2009,32(3):543-551
[18]X. B. Zhang, S. S. Lam, D.-Y. Lee, and Y. R. Yang. Protocol Design for Scalable and Reliable Group Rekeying[J]. IEEE/ACM Transactions on Networking.2003, 11(6):908-922
[19]赵欣,吴敏强,陈道蓄,等.一个自适应的安全组通信密钥更新算法[J].电子学报,2003,31(5):654-658
[20]J. Xu, F. Zhou, X. Li, and M. Yang. Hierarchical Data Processing Model and Complete Tree Key Management Mechanism[C]. Proceedings of the 2008 International Conference for Young Computer Scientists (ICYCS 2008), November 2008:1606-1612
[21]刘璟,周明天.大型动态多播群组的密钥管理和访问控制[J].软件学报,2002,13(2):291-297
[22]李先贤,怀进鹏,刘旭东.群密钥分配的动态安全性及其方案[J].计算机学报,2002,25(4):337-345
[23]屈劲,葛建华,蒋铭.安全组播的Huffman层次密钥管理[J].软件学报,2003,14(1):151-156
[24]朱文涛,熊继平,李津生,等.安全组播中密钥分配问题的研究[J].软件学报,2003,14(12):2052-2059
[25]李远征.基于分级密钥管理的安全组播方案[J].电子与信息学报,2004,26(7):1053-1056
[26]O. Rodeh, K. Birman, and D. Dolev. Optimized Rekey for Group Communication Systems[C]. Proceedings of the 7th Network and Distributed Systems Security Symposium (NDSS 2000), February 2000:37-48
[27]许静芳,崔国华,程琦,等.秘密共享新个体加入协议的安全性分析与改进[J].通信学报,2009,30(10):118-123
[28]庞辽军,裴庆祺,焦李成,等.基于ID的门限多重秘密共享方案[J].软件学报,2008,19(10):2739-2745
[29]M. Steiner, G. Tsudik, and M. Waidner. CLIQUES:A New Approach to Group Key Agreement[C]. Proceedings of the 18th International Conference on Distributed Computing Systems (ICDCS 1998), May 1998:380-387
[30]M. Steiner, G. Tsudik, and M. Waidner. Diffie-Hellman Key Distribution Extended to Group Communication[C]. Proceedings of the 3rd ACM Conference on Computer and Communications Security (CCS 1996), March 1996:31-37
[31]W. Diffie and M. Hellman. New Directions in Cryptography[J]. IEEE Transactions on Information Theory,1976,2(6):644-654
[32]徐鹏,崔国华,郑明辉.高效的抗阻断攻击的非认证组密钥协商方案[J].通信学报,2009,30(10):75-80
[33]钟欢,许春香.基于身份的多方认证组密钥协商协议[J].电子学报,2008,36(10):1869-1873
[34]J. Staddon, S. Miner, M. Franklin, et al. Self-Healing Key Distribution with Revocation[C]. Proceedings of the 23rd IEEE Symposium on Security and Privacy (S&P 2002), May 2002:224-240
[35]李徽,武传坤.一种高效的Long-Lived Self-Healing密钥分发机制[J].软件学报,2009,20(2):462-468
[36]Y. Kim, A. Perrig, and G. Tsudik. Simple and Fault-Tolerant Key Agreement for Dynamic Collaborative Groups[C]. Proceedings of the 7th ACM Conference in Computer and Communication Security (CCS 2000), November 2000:235-241
[37]C. Becker and U. Wille. Communication Complexity of Group Key Distribution[C]. Proceedings of the 5th ACM Conference on Computer and Communications Security (CCS 1998), November 1998:1-6
[38]Y. Mao, Y. Sun, M. Wu, et al. JET:Dynamic Join-Exit-Tree Amortization and Scheduling for Contributory Key Management[J]. IEEE/ACM Transactions on Networking,2006,14(5):1128-1140
[39]X. Gu, Z. Cao, J. Yang, et al. Dynamic Contributory Key Management Based on Weighted-Join-Exit-Tree[C]. Proceedings of the IEEE Military Communications Conference 2008 (MILCOM 2008), November 2008:1-7
[40]W. Trappe, Y. Wang, and K. J. Ray Liu. Resource-Aware Conference Key Establishment for Heterogeneous Networks[J]. IEEE/ACM Transactions on Networking,2005,13(1):134-146
[41]M. Srivatsa, A. Iyengar, J. Yin, et al. Scalable Key Management Algorithme for Location-Based Services[J]. IEEE/ACM Transactions on Networking,2009, 17(5):1399-1412
[42]J. Hur, Y. Shin, and H. Yoo. Decentrilized Group Key Management for Dynamic Networks Using Proxy Cryptography[C]. Proceedings of the 3rd ACM Workshop on QoS and Security for Wireless and Mobile Networks (Q2SWinet 2007), October 2007:123-129
[43]Y. Sun, W. Trappe, and K. J. R. Liu. A Scalable Multicast Key Management Scheme for Heterogeneous Wireless Networks[J]. IEEE/ACM Transactions on Networking,2004,12(4):653-666
[44]Y. Wang, P. D. Le, and B. Srinivasan. Efficient Key Management for Secure Wireless Multicast[C]. Proceedings of the International Conference on Convergence and Hybrid Information Technology 2008 (ICCIT 2008), November 2008:1131-1136
[45]王换招,罗东玮,郭宇飞,等.一个大规模无线传感器网络的密钥动态管理策略[J].电子学报,2008,36(7):1383-1388
[46]胡荣磊,刘建伟,张其善.基于簇的adhoc网络密钥管理方案[J].通信学报,2008,29(10):223-228
[47]M. Ge and K. Lam. Self-Healing Key Management Service for Mobile Ad hoc Networks[C]. Proceedings of the First International Conference on Ubiquitous and Future Networks (ICUFN 2009), June 2009:177-182
[48]宋震,周贤伟,窦文华.一种基于身份标识的MANET组密钥协商协议[J].电子学报,2008,36(10):1682-1688
[49]杨庚,程宏兵.一种有效的无线传感器网络密钥协商方案[J].电子学报,2008,36(7):1389-1395
[50]冯涛,王毅琳,马建峰.一种新的基于椭圆曲线密码体制的Ad-hoc组密钥管理方案[J].电子学报,2009,37(5):918-925
[51]周福才,徐剑,徐海芳,等.Adhoc网络中基于双线性配对的STR组密钥管理协议研究[J].通信学报,2008,29(10):117-125
[52]G. Wang, L. Liao, J. Cao, et al. Key Management for Secure Multicast Using the RingNet Hierarchy[C]. Proceedings of the 2004 International Symposium on Computational and Information Sciences (CIS 2004), December 2004:77-84
[53]G. Wang, L. Liao, J. Cao, et al. A Novel Secure Multicast Scheme in Mobile Internet[J]. Journal of Central South University of Technology (English Edition), 2005,12(6):720-725
[54]王国军,吴敏,周薇,等.基于双向令牌的可扩展及可靠的群组成员管理[J].软件学报,2008,19(4):915-935
[55]C. Yuan, B. Zhu, M. Su, et al. Layered Access Control for MPEG-4 FGS Video[C]. Proceedings of the 2003 International Conference on Image Processing (ICIP 2003), September 2003:1-517-20
[56]H. S. Koo, O. H. Kwon, and S. W. Ra. A Tree Key Graph Design Scheme for Hierarchical Multi-Group Access Control[J]. IEEE Communications Letters 2009, 2009,13(11):874-876
[57]Q. Gu, P. Liu, W. C. Lee, et al. KTR:An Efficient Key Management Scheme for Air Access Control[C]. Proceedings of the Second Annual International Conference on Mobile and Ubiquitous Systems:Networking and Services (MobiQuitous 2005), July 2005:499-501
[58]N. H. Hoang, W. Yiling, L. P. Dung, et al. A Membership-Oriented Group Key Management for Application Services[C]. Proceedings of the 12th International Conference on Network-Based Information Systems (NBIS 2009), August 2009: 240-245
[59]Q. Zhang and Y. Wang. A Centralized Key Management Scheme for Hierarchical Access Control[C]. Proceedings of the 47th IEEE Golbal Communications Conference (GLOBECOM 2004), November 2004:2067-2071
[60]D. Ma, Y. Wu, R. Deng, et al. Dynamic Access Control for Multi-Privileged Group Communications [C]. Proceedings of the 2004 International Conference on Information and Communication Security (ICICS 2004), October 2004:508-519
[61]R. Li, J. Li, and H. Kameda. Distributed Hierarchical Access Control for Secure Group Communications[C]. Proceedings of the 2005 International Conference on Communication, Networking and Mobile Computing (ICCNMC 2005), August 2005:539-548
[62]D. Boneh and M. Franklin. Identity-Based Encryption from the Weil Pairing[C]. Proceedings of the 21st Annual International Cryptology Conference (CRYPTO 2001), August 2001:213-229
[63]A. Sahai and B. Waters. Fuzzy Identity-Based Encryption[C]. Proceedings of the 24th Annual International Conference on the Throry and Applications of Cryptographic Techniques (EUROCRYPT 2005), May 2005:457-473
[64]V. Goyal,O. Pandey, A. Sahai, et al. Attribute Based Encryption for Fine-Grained Access Control of Encrypted Data[C]. Proceedings of the 13th ACM Conference on Computer and Communications Security (CCS 2006), October 2006:89-98
[65]J. Bethencourt, A. Sahai, and B. Waters. Ciphertext-Policy Attribute-Based Encryption[C]. Proceedings of the 28th IEEE Symposium on Security and Privacy (S&P 2007), May 2007:321-334
[66]Z. Zhou and D. Huang. On Efficient Ciphertext-Policy Attribute Based Encryption and Broadcast Encryption[C]. Proceedings of the 17th ACM Conference on Computer and Communications Security (CCS 2010), October 2010:753-755
[67]M. Pirretti, P. Traynor, P. McDaniel, et al. Secure Attribute-Based System[C]. Proceedings of the 13th ACM Conference on Computer and Communications Security (CCS 2006), October 2006:99-112
[68]J. Back, W. Susilo, and J. Zhou. New Constructions of Fuzzy Identity-Based Encryption[C]. Proceedings of the 2007 ACM Symposium on Information, Computer and Communications Security (ASIACCS 2007), March 2007:368-370
[69]S. Muller, S. Ktzenbeisser, and C. Eckert. Distributed Attribute-Based Encryption[C]. Proceedings of the 11th International Conference on Information Security and Cryptoloy (ICISC 2008), December 2009:20-36
[70]R. Ostrovsky, A. Sahai, and B. Waters. Attribute Based Encryption with Non-Monotonic Access Structure[C]. Proceedings of the 14th ACM Conference on Computer and Communications Security (CCS 2007), October 2007:195-203
[71]M. Chase. Multi-Authority Attribute Based Encryption[C]. Proceedings of Theory of Cryptography Conference 2007 (TCC 2007), February 2007:515-534
[72]M. Chase, S. S. M. Chow. Improving Privacy and Security in Multi-Authority Attribute-Based Encryption[C]. Proceedings of the 16th ACM Conference on Computer and Communications Security (CCS 2009), November 2009:121-130
[73]H. Lin, Z. Cao, X. Liang, et al. Secure Threshold Multi Authority Attribute Based Encryption without a Central Authority[C]. Proceedings of the 9th International Conference on Cryptology in India (INDOCRYPT 2008), December 2008:426-436
[74]L. Cheung, J. A. Cooley, R. Khazan, et al. Collusion-Resistant Group Key Management Using Attribute-Based Encryption[R]. Cryptology ePrint Archive, Report 2007/161,2007, http://eprint.iacr.org/
[75]D. Lubicz and T. Sirvent. Attribute-Based Broadcast Encryption Scheme Made Efficient[C]. Proceedings of the First International Conference on Cryptology in Africa (AfricaCrypt 2008), June 2008:325-342
[76]Z. Zhou and D. Huang. Constructing Efficient Attribute-Based Broadcast Encryption[C]. Proceedings of the 29rd IEEE International Conference on Computer Communications (INFOCOMM 2010), March 2010:1-2
[77]N. Attrapadung and H. Imai. Conjunctive Broadcast and Attribute-Based Encryption[C]. Proceedings of Pairing 2009, August 2009:248-265
[78]A. Lewko, A. Sahai, and B. Waters. Revocation Systems with Very Small Private Keys[C]. Proceedings of the 31th IEEE Symposium on Security and Privacy (S&P 2010), May 2010:273-285
[79]G. Wang, J. Ouyang, H. H. Chen, et al. Efficient Group Key Management for Multi-Privileged Groups[J]. Computer Communications (Elsevier Science),2007, 30(11-12):2497-2509
[80]G. Wang, J. Ouyang, H. H. Chen, et al. Group Rekeying in Multi-Privileged Group Communications for Distributed Networking Services[M]. A book chapter in "Security in Distributed and Networking Systems. World Scientific Publishing, Co., ISBN 978-981-270-807-6,99-126
[81]Y. Wang, J. Li, T. Ling, et al. An Efficient Key Management for Large Dynamic Groups[C]. Proceedings of the 2nd Annual Conference on Communication Networks and Services Research, May 2004:131-136
[82]A. M. Eskicioglu, S. Dexter, and E. J. Delp. Protection of Multicast Scalable Video by Secret Sharing:Simulation Results[C]. Proceedings of the SPIE International Conference on Security and Watermarking of Multimedia Contents, June 2003:505-515
[83]D. Boneh, C. Gentry, and B. Waters. Collusion Resistant Broadcast Encryption with Short Ciphertexts and Private Keys[C]. Proceedings of the 25th Annual International Cryptology Conference (CRYPTO 2005), August 2005:258-275