 Accurate position measuring system |
| It is an object of the present invention to provide an accurate position measuring system capable ... |
|
| Method and system to optimize capacity of a CDMA cellular communication system |
| Accordingly, an object of the present invention is to provide a method and system which optimizes ... |
|
| Method and apparatus for providing a synchronous communication environment |
| We claim: 1. A method for providing synchronous communication in a communication system having a ... |
|
| Method and apparatus for performing cut-through virtual circuit merging |
| OF THE INVENTION An improved method and apparatus for performing virtual circuit merging in a ... |
|
| Process for thin film formation |
| An object of the present invention is to solve the problems described above and to provide a ... |
|
| Diffuse reflectance probe |
| The present invention is based upon the discovery that a diffuse reflectance probe may provide ... |
|
| Antenna for a portable radio communication device |
| The present invention is, in a first embodiment, a radiation reducing or re-directing device ... |
|
| Antenna system for dual mode satellite/cellular portable phone |
| OF THE INVENTION Referring now to the drawing in detail, wherein identical numerals indicate the ... |
|
| Mobile communicator |
| The purpose of the present invention is to create a new mobile communicator by which the above ... |
|
|
Dual encryption protocol for scalable secure group communication
| Details |
Inventors: Dondeti, Lakshminath R.; Mukherjee, Sarit; Samal, Ashok;
Assignee: Matsushita Electric Industrial Co., Ltd. (Osaka, JP)
Primary Examiner: Swann; Tod
Assistant Examiner: Callahan; Paul E.
Attorney, Agent or Firm: Harness, Dickey & Pierce, P.L.C.
A logical tree structure and method for managing membership in a multicast group provides scalability and security from internal attacks. The structure defines key groups and subgroups, with each subgroup having a subgroup manager. Dual encryption allows the sender of the multicast data to manage distribution of a first set of encryption keys whereas the individual subgroup managers manage the distribution of a second set of encryption keys. The two key sets allow the sender to delegate much of the group management responsibilities without compromising security because a key from each set is required to access the multicast data. Security is further maintained via a method in which subgroup managers can be either member subgroup managers or participant subgroup managers. Access to both keys is provided to member subgroup managers whereas access to only one key is provided to participant subgroup managers. Nodes can be added without the need to generate a new encryption key at the top level which provides improved scalability. |
|
DETAILED DESCRIPTION The present invention relates generally to multicasting.
More particularly, the invention relates to a dual encryption protocol for scalable secure group communication.
With the widespread use of the Internet, securing data transmissions is an important requirement for many applications.
Several protocols exist to address security in data networks with respect to unicasting.
Unfortunately, these protocols cannot be easily extended to protect multicast data.
Multicasting poses several problems that do not come up in securing unicast data transfers.
First, multicast addresses are not private, which enables any interested host to join the multicast session without any hindrance.
Next, multicast data is transmitted over many channels of the network, which presents multiple opportunities for attacks such as eavesdropping.
Furthermore, any host in the Internet can send irrelevant data to the multicast group, which may cause congestion.
The universal knowledge of multicast addresses also allows any host to pose as a member of the group, thereby allowing it to gain access to the multicast data.
Finally, adversaries can possibly disrupt the multicast protocol itself by posing as legitimate members of the group.
Multicasting is a scalable way of transmitting data to a group hosts and any secure multicasting protocol must be scalable as well.
A secure group communication protocol should provide group membership control, secure key distribution, and secure data transfer.
If the multicast group membership is dynamic, i.
e.
, if the group members join and leave during the course of a multicast session, the secret keys need to be updated accordingly.
In other words, members of a multicast session must not be able to access the multicast data transmitted before their membership has begun or after their membership has expired.
Scalability in this context implies that the overhead involved in key updates, data transmission and encryption must be independent of the size of the multicast group
|
|
CPUs 
