A Scalable Extension of Group Key Management Protocol

R. Poovendran, S. Ahmed, S. Corson and J.Baras

ARL Federated Laboratory 2nd Annual Conference, University of Maryland, College Park, Maryland, February 2-6, 1998

Abstract

This paper presents a robust, scalable extension to the recently proposed multicast Group Key Management Protocol (GKMP) ([1], [2]), in terms of security administration. The GKMP has two major security related problems: (a) lack of any mechanism to remove a compromised group administrator, and (b) lack of scalability. We are able to remove a compromised single panel member from generating the group keys by setting the panel members with shared authority to generate the group keys. We then introduce the sub-controllers who have all the functionalities of the group control panel except the authority to generate the group keys. The sub-control panel helps scalability of the network in terms of the security operations. The sub-controllers are chosen using a threshold-based clustering algorithm.