Multicasting is increasingly used as an efficient communication mechanism for group-oriented applications in the Internet. In order to offer secrecy for multicast applications, the traffic encryption key has to be changed whenever a user joins or leaves the system. Such a change has to be communicated to all the current users. The bandwidth used for such rekeying operation could be high when the group size is large. The proposed solutions to cope with this limitation, commonly called 1 affects n phenomenon, consist of organizing group members into subgroups that use independent traffic encryption keys. This kind of solutions introduce a new challenge which is the requirement of decrypting and reencrypting multicast messages whenever they pass from one subgroup to another. This is a serious drawback for applications that require real-time communication such as video-conferencing. In order to avoid the systematic decryption / reencryption of messages, we propose in this paper an adaptive solution which structures group members into clusters according to the application requirements in term of synchronization and the membership change behavior in the secure session. Simulation results show that our solution is efficient and typically adaptive compared to other schemes.

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	Kevin C. Almeroth , Mostafa H. Ammar, Collecting and Modeling the Join/Leave Behavior of Multicast Group Members in the MBone, Proceedings of the High Performance Distributed Computing (HPDC '96), p.209, August 06-09, 1996
	2	K. Almeroth and M. Ammar. Multicast group behaviour in the internet's multicast backbone (Mbone). IEEE communications Magazine, 1997.
	3	D. Balenson, D. McGrew, and A. Sherman. Key Management for Large Dynamic Groups : One-Way Function Trees and Amortized Initialization. draft-balenson-groupkeymgmt-oft-00.txt, February 1999. Internet-Draft.
	4	T. Ballardie , J. Crowcroft, Multicast-specific security threats and counter-measures, Proceedings of the 1995 Symposium on Network and Distributed System Security (SNDSS'95), p.2, February 16-17, 1995
	5	R. Canetti and B. Pinkas. A Taxonomy of Multicast Security Issues, April 1999. Internet draft.
	6	André Schaff, Dynamic Group Communication Security, Proceedings of the Sixth IEEE Symposium on Computers and Communications, p.49, July 03-05, 2001
	7	Kin-Ching Chan and S.-H. Gary Chan. Distributed Servers Approach for Large-Scale Secure Multicast. The IEEE Journal On Selected Areas in Communications, 20(8):1500:1510, October 2002.
	8	Hao-hua Chu , Lintian Qiao , Klara Nahrstedt , Hua Wang , Ritesh Jain, A secure multicast protocol with copyright protection, ACM SIGCOMM Computer Communication Review, v.32 n.2, p.42-60, April 2002  [doi>10.1145/568567.568570]
	9	Wei Dai. Comparison of popular cryptographic algorithms. http://www.eskimo.com/~weidai/benchmarks.html, 2000.
	10	S. E. Deering, Multicast routing in internetworks and extended LANs, Symposium proceedings on Communications architectures and protocols, p.55-64, August 16-18, 1988, Stanford, California, United States
	11	Lakshminath R. Dondeti, Sarit Mukherjee, and Ashok Samal. Comparison of Hierarchical Key Distribution Schemes. IEEE Globcom Global Internet Symposium, 1999.
	12	Lakshminath R. Dondeti, Sarit Mukherjee, and Ashok Samal. Survey and Comparison of Secure Group Communication Protocols, 1999. Technical Report.
	13	Lakshminath R. Dondeti, Sarit Mukherjee, and Ashok Samal. Scalable secure one-to-many group communication using dual encryption. Computer Communications, 2000.
	14	W. Fenner. Internet Group Management Protocol, version 2, November 1997. RFC 2236.
	15	Thomas Hardjono and Gene Tsudik. IP Multicast Security : Issues and Directions. Annales de telecom, 2000.
	16	H. Harney and C. Muckenhirn. Group Key Management Protocol (GKMP) Architecture, July 1997. RFC 2093.
	17	H. Harney and C. Muckenhirn. Group Key Management Protocol (GKMP) Specification, July 1997. RFC 2094.
	18	Paul Judge and Mostafa Ammar. Security Issues and Solutions in Multicast Content Distribution: A Survey. IEEE Network, pages 30--36, January/February 2003.
	19	Leonard Kleinrock. Queueing Systems. John Wiley & Sons, January 1975.
	20	Suvo Mittra, Iolus: a framework for scalable secure multicasting, Proceedings of the ACM SIGCOMM '97 conference on Applications, technologies, architectures, and protocols for computer communication, p.277-288, September 14-18, 1997, Cannes, France
	21	Rolf Oppliger , Martin Bracher , Andres Albanese, Distributed registration and key distribution for online universities, Proceedings of the IFIP TC6/TC11 international conference on Communications and multimedia security II, p.166-175, September 1997, Essen, Germany
	22	Federal Information Processing Standards Publication. Data Encryption Standard (DES), December 1993. FIPS PUB 46.
	23	Federal Information Processing Standards Publication. Digital Signature Standard (DSS), May 1994. FIPS PUB 186.
	24	Federal Information Processing Standards Publication. Advanced Encryption Standard (AES), November 2001. FIPS PUB 197.
	25	Sandro Rafaeli , David Hutchison, A survey of key management for secure group communication, ACM Computing Surveys (CSUR), v.35 n.3, p.309-329, September 2003  [doi>10.1145/937503.937506]
	26	R. L. Rivest , A. Shamir , L. Adleman, A method for obtaining digital signatures and public-key cryptosystems, Communications of the ACM, v.21 n.2, p.120-126, Feb. 1978  [doi>10.1145/359340.359342]
	27	Sanjeev Setia , Samir Koussih , Sushil Jajodia , Eric Harder, Kronos: A Scalable Group Re-Keying Approach for Secure Multicast, Proceedings of the 2000 IEEE Symposium on Security and Privacy, p.215, May 14-17, 2000
	28	Clay Shields , J. J. Garcia-Luna-Aceves, KHIP—a scalable protocol for secure multicast routing, Proceedings of the conference on Applications, technologies, architectures, and protocols for computer communication, p.53-64, August 30-September 03, 1999, Cambridge, Massachusetts, United States
	29	Jack Snoeyink, Subhash Suri, and George Vorghese. A Lower Bound for Multicast Key Distribution. IEEE INFOCOM'01, 2001.
	30	M. Waldvogel, G. Caronni, D. Sun, N. Weiler, and B. Plattner. The VersaKey Framework : Versatile Group Key Management. IEEE Journal on Selected Areas in Communications (Special Issues on Middleware), 17(8):1614--1631, August 1999.
	31	D. Wallner, E. Harder, and R. Agee. Key Management for Multicast : Issues and Architecture. National Security Agency, June 1999. RFC 2627.
	32	Chung Kei Wong , Mohamed Gouda , Simon S. Lam, Secure group communications using key graphs, Proceedings of the ACM SIGCOMM '98 conference on Applications, technologies, architectures, and protocols for computer communication, p.68-79, August 31-September 04, 1998, Vancouver, British Columbia, Canada
	33	Yang R Yang , Steve Li , X. B Zhang , Simon S. Lam, Reliable Group Rekeying: A Performance Analysis, University of Texas at Austin, Austin, TX, 2001