Computer Engineering and Intelligent Systems ISSN 2222-1719 (Paper) ISSN 2222-2863 (Online) Vol 2, No.

www.iiste.org

BKSGKMP: Blind Key Sequenced Group Key Management Protocol

S Archana Reddy Tudi Ram Reddy Institute of science & Technology, JNTU Bibinagar, Gudur, Andhra Pradesh, India E-mail: archanareddys22@gmail.com J Srikanth Auroras Engineering College, JNTU Bhongiri, Andhra Pradesh, India E-mail: jsrikanth@aurora.ac.in Abstract Group communication is erupting in Internet world through social network, online chatting, Video/audio conferencing and games. As internet is free and open environment and also the major medium of communication, information security is the most important concern. Hence, the group members must be provided with security services such as authentication, confidentiality, integrity and access control among themselves. To serve these provisions, the group members must use a Group Key (GK), used to encrypt or decrypt the message delivered/received. Many efficient and secure key generation techniques are developed for Group Keys. Of these, Tree based Group Diffie Hellman (TGDH) group key agreement protocol is one of the most efficient. As internet, having distributed computers has the characteristic of heterogeneity i.e. a person can access internet either through PC, laptop, mobile computer, etc. Thus, TGDH and other group key agreement protocols have the assumption that all the GK accessing people have the same capacity of computing. Hence, this research considers all the dimensions including various diversities and improves efficiency of GK generation process by moving off low performing candidates. Key Words: Group key management, Scalability, Secure multicast, Re-keying.

1. Introduction As we all know, today group communication act is mostly done through internet world through various social networks, applications, video/audio conferencing etc. Security plays a major role in such contexts. As earlier paper (Wong et al. 2000) argues that the process of authentication and key sharing is done before the start of group communication session. As the GK has a vital role in group communication, all the group members donate for its generation and usage. On the other hand, it has been reported that (Steiner et al. 2000) that the GK generation process has many modular exponentiations included in it, making the process take a long time for computation even if the number of members in the group are less (approx 100) . To provide tight security Wong et al. (2000) specified that the GK must be changed after every updating of group members in order to provide privacy to every set of group members .Thus, GK management is more concerned about the generation of efficient GK this point was made number of times Kim et al. (2000) that the modular exponentiation which depends on number of group members is a costly process. The usage of key trees in this context serves the purpose best by reducing the overhead of huge computations. TGDH is one such tree based group key agreement protocol. The efficiency of TGDH is O(log2n), n representing number of group members. One major drawback of TGDH is that it remains efficient until tree is kept correctly balanced. But balancing a key tree is another problem to deal with. Moreover, according to TGDH as well as other key management protocols, all the group members are in homogeneous environment. But, in reality,

160

Computer Engineering and Intelligent Systems ISSN 2222-1719 (Paper) ISSN 2222-2863 (Online) Vol 2, No.3

www.iiste.org

internet is a distributed computer network having the characteristic of heterogeneity, having different modes of accessing media (PC, laptop, mobile). This may leads to some computation problems as person working from mobile internet takes more time compared to person working from any workstation or PC. Also, if a person in a group is far away from the other members in terms of location or in network latency area, the GK generation process may become inefficient as several message sharing practices are required while generating GK. Thus, such members leading to degradation of performance of GK generation process is deleted from the list. If instead of tree-based, we use queue-based DH group key protocol, it improves latency of network and the heterogeneity of the network world. Still it has an overhead of balancing tree every time the group members are updated. The queue based DH protocol provides a Queue based divide and conquer algorithm, which needs comparatively less maintenance to accomplish the task. This queue based mechanism is used to identify the fast and low performance members. The process of identifying fast and low performance members is different in prior and proposed agreements. While tree-based group key agreement does it by comparing elapsed times of the members to compute their public keys, the proposed protocol uses Group key Controller Server (GCS). GCS asks all the members to compute their keys and store it in its queue. It follows First-In - First- Out (FIFO) strategy to store and retrieve the data from the queue. The keys of the members are stored from right to left based on their performance i.e. fastest on right followed by lowest on the left. The proposed queue based protocol does not have additional overhead of tree balancing. As security and efficiency are major concerns for the group communication, low performance members are found and logged off from the group. Thus, this research is primarily concerned about improving GK generating process by increasing its usability to the peak level. 1.1. Related work Group communication can be at different levels it can range from the level of multi casting to the level of conferencing using groupware or social networking applications. Many security services are indulged in the communication process to provide high level of security. This can be done by following security mechanisms for key distribution and communication session. The key management wing is the base for the secure communication as it is the one concerned with safe key generation and distribution. Another main aspect to consider for safer communication is to have a secure channel to destine our messages correctly. In node to node communication, the management of GK can be done in two ways. First is the Centralized group key distribution which makes use of a key server for GK management. In this method the generation and distribution of GK can be made possible with the use of a Trusted Third Party (TTP). But, this approach may have two drawbacks Firstly: TTP should be always available and Secondly : TTP should be a member of every subset of the group to allow the continuous operation even in the cases of network distribution. The first drawback is has been effective as Kim (2004) claims with fault tolerance and replication methodologies. The second drawback is that it is impossible to attain in an efficient procedure. In one-to-many multicast cases, the centralized technique serves well, because in this case the TTP is physically near to the communication source and thus can support continuous operation even in the case of network distribution. But, mostly one-to-many multicast process is aimed at only partition having the source. In case of dynamic node to node communication, the communication must be continuous even if the number of network partitions is variable. Kim et al. (2004) argues that in such cases, centralized technique may not be suited well. For these exclusive cases, the second approach is more applicable, i.e. decentralized group key distribution also called group key agreement. It includes the generation and distribution of key dynamically. Unlike centralized key distribution which is based on single entity, contributory distribution is a contribution based key management technique. It requires contribution from every group member for the GK. This avoids the need of TTP and thus avoiding single point failure. This approach is well applicable to peer-to-peer communication, since it allows contribution for shared key from all the peers. Hence, this research is concerned with the decentralized and contributory GK management. Presently, there are five key agreement protocols available. They are: 1. CKD (Centralized Key Distribution) One possible definition (Amir et al. pp.330-343, 2000) is CKD and GDH are similar to each other except that CKD has a CKD center to generate and distribute GK to every group member. GK = gK1K2K3K4Kn-1Kn 2. BD (Burmester-Desmedt)

161

Computer Engineering and Intelligent Systems ISSN 2222-1719 (Paper) ISSN 2222-2863 (Online) Vol 2, No.3

www.iiste.org

On other hand, it has been reported (Burmester et al, pp. 275-286, 1994.) that this protocol allows dynamic group functions. It has less computational overhead due to the presence of two modular exponentiations. But, it has a drawback of needing large message exchanges for the generation of GK. GK = gK1K2+K2K3++Kn-1Kn 3. TGDH (Tree based Group Diffie Hellman) Kim (2004) argued that it is one of the most efficient group key agreement protocols having less communication and computation (O(log n) modular exponentiation) overhead. It has the advantage of provides robustness.

G K= g
g

k k k k..... g 1 2g 3 4

kng .... 1

kn g n 1k

4. GDH (Group Diffie Hellman) Steiner & Tsudik (2000) argues that this protocol though assures high level of security, has included high computational cost too (O(n) modular exponentiation) and it hardly provide robustness. GK = gK1K2K3K4Kn-1Kn 5. STR (Skinny Tree) Wong & Gouda (2000) argues that it is updated to support dynamic group operations. It has the advantages of low communication overhead, robustness and well suited to add new member in the group. The only backlog of this protocol is it is difficult to exclude a group member (O(n) modular exponentiation)

G K= g

kn g

k1 kn 1 .... k2 g g

1.2. Tree- based Group Diffie Hellman (TGDH) It is a tree based extension of DH key exchange protocol. The computation of GK plays a major role for a secure group communication. Hence, this point has been made a number of times (Tsudik 2000, 2004; Burmester, and Desmedt 1994; Fratto 2001; Kim & Perrig 2004; Steiner & Waidner 2000; Wong, Gouda & Lam2000) but the each group member has his contribution for the key computation. Thus, GK management mainly aims at decrementing GK computational overhead which occurs due to the inherent expensive cryptographic operations [19]. Hence, to reduce the overhead of GK computation, a key tree structure is adapted which reduces the number of times of computations. On other hand, Amir et al (2000 pp. 330-343) has reported that the key trees are even implemented in centralized group key generation to decrease the complexity of key management Hong & Benitez (2006) argues that the TGDH is one of such Group key Generation Protocols (GKGPs). Let us consider an example.

162

Computer Engineering and Intelligent Systems ISSN 2222-1719 (Paper) ISSN 2222-2863 (Online) Vol 2, No.3

www.iiste.org

Figure 1: A binary tree for generating group key In the binary key tree for generating a GK in Figure 1, each node < l, v > represents a vth node at level l in the tree and node < l, v >s secret (private) key K<l, v> and a blind (public) key BK<l, v> = f (K<l, v>) = gK<l, v>mod p, where g and p are 1,024 bit long integers. Every member holds the secret key along the key path. For simplicity, assume each member knows the blind keys in the key tree. The key paths are the shadowed nodes (node < 0, 0 >, < 1, 0 > and < 2, 0 >) in Figure 1. The final group key K < 0, 0 > in Figure 1 is computed with the key paths using blind keys BK<3, 0>, BK<3, 1>, BK<2, 1>, BK<2, 2>, BK<3,2>, and BK<3, 3> . Therefore, the final group key can be computed as Equation (1):

K< 0 , 0 = >

gg

k< 3 ,0

k> 3 ,1<

k2 g > ,1

< g k 2 >,2

k < g 3 ,2

k 3 ,3 >

<

>

<

>

(1) Even TGDH has two drawbacks First balancing GK generation tree which is an overhead. The balance process should maintain the efficiency of the GK computation to O (log2n). Else, the performance goes worse. The second drawback is the members diversity when a new member joins the group. The updating of a new member from a diverse environment may disturb the time for key generation. Hence, to deal with these problems, we introduce a new protocol. 1.3. Problem definition The members in the group apart from being in distributed environment can be physically varied over internet. Moreover, the members can be in the environment with the characteristic of heterogeneity. Standard GK agreement protocols make all the group members to donate for the generation of GK. Furthermore, any member leading to degrade of performance is logged off and the members having fast performance must be authorized to contribute in the generation and distribution of GK. The GKGP depends upon the computing capacity of group members and network latency. Hence, in order to avoid the time delay and performance degradation, we better delete less performance candidates from the management process. 2. Blind Key sequenced group key management protocol [BKSGKMP] The below figure shows the Blind Key Sequenced Group key entity model. The BKSGKMP has a database having the list of currently login members, user IDs, their passwords, MAC (Media Access Control) addresses and Blind key queues. Hong, & Benitez (2005) argues that the whenever a member logins to the server, it compares his ID, password and MAC address from the database in the server. After authenticating group members, they participate in the GK generation by storing their respective blind keys into the server. The server, now, saves all such keys into a queue called Blind Key Queue (BKQ) in FIFO order. Later, the server announces the members who will involve in the GK generation at the next stage.

163

Computer Engineering and Intelligent Systems ISSN 2222-1719 (Paper) ISSN 2222-2863 (Online) Vol 2, No.3

www.iiste.org

Figure 2: Blind Key Sequenced Group key entity model On other hand, Moser et al.(1994) reported that the BKSGKMP is very much equivalent to Virtual Synchrony (VS) which makes use of a client daemon program for managing the members. VS runs on every machine of member and synchronizes with every member to manage the members with every update of the group members set. VS is used to know the status of all other members of the group. But, the usage of VS may be complicated as it needs to synchronize every member of the group because members keep on changing their status and thus need a lot of exchanges. Thus, BKSGKMP uses GCS server which reduces the effort of maintaining daemons. Hence, GCS is taken care by only one machine in our protocol. Present process of authentication is to use a self signed certificate. But, it lacks to make sure that the sign is from the actual member or not. Hence, to overcome this drawback we use GCS as a fully trusted party. The threat model considers both passive and active outsiders (people who are not authenticated members). Eavesdropping is a passive outsider attack for finding out the keys where as inserting, removing, changing and delaying protocol messages can be considered as active outsider attacks. BKSGKMP invites only fast performing members having less network latency to participate in the GK generation and thus improving efficiency of the management system. The GK must be updated with every change in the set of group members. The details of the proposed procedure are explained as following:

164

Computer Engineering and Intelligent Systems ISSN 2222-1719 (Paper) ISSN 2222-2863 (Online) Vol 2, No.3

www.iiste.org

Fig 3: Set of BK queues in server Let us assume that number of group members is n and members are M1, M2, M3, M n-1, Mn for n<100. GCS asks all group members to compute blind key g Ki mod p, where 1<=i<=n, g is exponential base, p is a prime number and Ki is the ith private key. GCS collects all keys and save them in its queue according to FIFO order. This is used to identify fast performance candidates to invite them for GKGP at the next stage. The keys are stored from left to right i.e. placing keys of fast performance candidates at front and that of less performance candidates at the rear of the queue. Two factors are taken into consideration for computing performance of candidates. They are their computing capacity and network latency. Even if the performance of a candidate is high, if his message exchange time is more, then he is also considered to be a low performance candidate and thus be filtered. Thus, BKQ is used to determine performance considering both parameters at a time. The number of levels in the GK generation process is calculated by the number of group members. If group size is n, then number of levels will be log2(n+1). At level 1, blind key is generated followed by assigning two opposite blind keys together to next level. Then the members in the colored region are asked to calculate Diffie Hellman key exchange using those two blind keys and to save them in the queue in (First Come First Serve) FCFS order at each and every level. As in the figure 3, the fastest performing candidates key is stored at A1, second fastest at A2 and so on. The queue always allocate the key in the first cell, the key in the last one i.e. member of A1 has to compute with the member of An. Thus, the blind keys of those two spots will be computed. The process continues and the final GK is computed as

(2)

165

Computer Engineering and Intelligent Systems ISSN 2222-1719 (Paper) ISSN 2222-2863 (Online) Vol 2, No.3

www.iiste.org

Here, only members in the colored region are invited in GKGP of next stage. Thus BKSGKMP avoids delays and performance degradation. 3. Performance Analysis Here, we analyze the cost of computation and network latency for enter, exit, combine and divide of the BKSGKMP. To depict the performance of BKSGKMP, total elapsed time was found for various key generation protocols and they are compared to show that BKSGKMP is a better choice. Total elapsed time is the time from the joining into the group to the time when GKGP completes. The above mentioned information can be seen in the following figures from 4 to 7. 3.1. Membership Operations BKSGKMP must be capable of providing different functions to the members with every update of the group set. BKSGKMP provides some protocols to allow such functions. They are: 1. 3. Partition: a set of members divided from the group. Join: a person is added to the group.

2. Merge: a set of previously divided group is allowed to join with the present group. 4. Leave: a person is deleted from the group.
The analysis is mainly aimed at the complete number of control messages, the number of exchanges, drawbacks included and the cost of GKGP. The whole cost is the summation of all members costs included in the generation process at each stage. The proposed BKSGKMP is compared with all above mentioned various available GK agreement protocols. Let us see the comparison in the form of a table having the present group size, no. of members joined/ exited/merged which are denoted by n, m, k (m>=k) and p respectively.

Table 1: Communication and computation costs summary The above table compares the communication and computation costs of these five protocols is taken from Fratto (2001 pp. 69-77) Here, no. of rounds implies no. of exchanges happened between group members. Whenever a person enters into the group, GCS asks the existing members to compute a new blind key which is the foremost stage. In the next stage, all the blind keys are collected from all existing members. Where in join, two stages are required; we need only one stage in case of leaving, as exiting person just informs all other group members through a single broadcast. Moreover, the no. of messages exchanged is also reduced to half of the prior stage. The infinite series + r+ r2+..+ rn (n is infinite) is convergent and its sum is / (1-r) iff -1<r<1 [1]. Here, = n-1 and r=1/2.

166

Computer Engineering and Intelligent Systems ISSN 2222-1719 (Paper) ISSN 2222-2863 (Online) Vol 2, No.3

www.iiste.org

Hence, at last, no. of messages is calculated based on this series leading to sum as (n-1)/(1-1/2) = 2n-2. In case of division has the value (n-1)/m and r=1/2. Here, the value of varies from other ones. Finally, the no. of messages ((n-1)/m)/(1-1/2) must be multiplied with m. Hence, the whole no. of messages (2n-2) is same in all cases.

Table 2: Total messages in join and leave for BKSGKMP As it is known that modular exponentiation, which depends on number of group members, Fratto (2001) argues that this is more expensive operation in case of TGDH and STR [8]. Thus, there is a direct relationship between no. of group members and computational overhead. 3.2. Test Method In order to do concise comparisons, the values of g, k, p are taken 1,024 bits long in all calculations. Lenstra (1999) argued that these values are considered to be safe in present tech world. Apart from it, a technique is followed to calculate the delay. Here, n represents no. of existing group members for all the protocols, where n = 10, 20, 30, 40, 50 and 60. The test bed chosen for this trial is a 64 Intel Pentium machine running Windows XP. As it was assumed that all participators of GKGP are physically located uniformly across LAN (Local Area Network), one member from each area must act as GCS to control GKGP with out participating in the generation process. With every entry of a member, all the existing members calculate Blind keys and save it in the queue of BKQ; this is used to find out low performance members and to oust them. To perform analysis test, the elapsed times are calculated for every update of the group set. Tests are performed at GCS where the parameters of performance i.e. network latency and computational delay is calculated for each member by exchanging messages between group members. It was tested above 30 times by incrementing and decrementing a machine at a case. In case of LAN, the cost of computation is comparatively less, between 17sec and 25 sec to send messages of length 1,024 bits. It may not be considered if the no. of group members is 60 to the max. Most part of the calculated cost is due to computation. But, in case of WAN (Wide Area Network), the overhead is completely regarding other thing. The elapsed time from USA to Mozambique is 670 sec; where the same in case from USA to Thailand is 420 sec. Kim (2002) argued that the LAN is million times faster than WAN . Let us leave the WAN based concept for later research. Thus, to show the performance effectiveness of BKSGKMP, it was compared with other available protocols and thus proved. 3.3. Join Operation Results The main drawbacks we face are computation and communication costs. Figure 4 depicts that BD and GDH are not advisable in case of join cost (in terms of no. of group members). In the graphs, we denote x-axis with group size and y-axis with cost of computation. But, in the same event, BKSGKMP, STR and TGDH are considered effective as they make use of divide and conquer strategy to calculate GK. BKSGKMP is more efficient and is scaling logarithmic in case of exponentiation size. TGDH as well as STR make use of binary tree to calculate GK. BKSGKMP makes 2n-2 message exchanges which is large comparative to other protocols. The noticeable part here is that, the more no. of message exchanges does not adversely affect the efficiency as the time to exchange messages is 20 sec to the most. Hence, BKSGKMP is considered more efficient comparatively to tree based protocols.

167

Computer Engineering and Intelligent Systems ISSN 2222-1719 (Paper) ISSN 2222-2863 (Online) Vol 2, No.3

www.iiste.org

figure 4--- join cost comparison 3.4. Leave Operation Results The cost of exiting depends on the no. of members will be left in the group. Hence, the no. of members exiting from the group doesnt really affect. Hence, cost of leaving is similar to that of joining. But, in case of STR, the cost of exiting depends on the physical existence of the member exiting the group in the key generation tree. Hence, in STR exit cost is not same as entry cost. 3.5. Partition Operation Results For experimental results, the group is divided into smaller groups and is requested to calculate the GK of their individual groups. In case of BKSGKMP, STR and TGDH, the physical existence of the member do matter; where as it doesnt in case of BD and GDH. In TGDH each time a partition occurs, the members of the group have to update their binary trees which may not be feasible leading to TGDH as an inefficient protocol. But, in other protocols the result is similar to reverse of leave event. 3.6. Merge Operation Results The merge event happens after correcting the network error. The performances of all the protocols but GDH are better. The reason is that GDH depends on the no. of existing group members. Apart from it, it has n+2m+1 exponentiations and n+2m+1 communications. The same doesnt matter in other protocols where merge event is similar to that of leave one. Thus, it can be concluded that protocols with divide and conquer strategy perform consistent. Based on these results, BKSGKMP is better performing protocol apart from its large message exchanges. BKSGKMP makes use of a queue to calculate GK. Along with it, BKSGKMP considers heterogeneity and thus allow only certain members to join the group. Thus, heterogeneity is considered in case of distributed group members to improve the effectiveness of GKGP. 4. Conclusions Tight security mechanisms are needed to allow secure communication among the group members. Thus, a communication session must have security services to provide authentication, integrity, and confidentiality. Group Key (GK) is the primary and key part of the safe group communication. The performance of GK generation process, which is required for secure communication, may degrade due to less performing members. Thus, the generation process must be done is a more precise way but filtering less performing members. Many changes are occurring in the recent years as increase in usage of mobile computers, network clusters communication with standard servers. Apart from this, heterogeneity and distributed computer environment became common in the current internet world. Thus, GK management system must consider various parameters, differences and environments involved in the communication. These considerations as the basis, the effectiveness of BKSGKMP protocol in comparison to other protocols is proved. This protocol improves the efficiency by considering the parameters effecting the performance i.e. computational delay and network latency. Thus, this research is aimed at and thus proved that GKGP is more efficient and maximizes the applicability of communication.

168

Computer Engineering and Intelligent Systems ISSN 2222-1719 (Paper) ISSN 2222-2863 (Online) Vol 2, No.3
References

www.iiste.org

M. Abramowitz, and I. A. Stegun, Handbook of Mathematical Functions with Formulas, Graphs, and Mathematical Tables, 9th printing, New York: Dover, p. 10, 1972. Y. Amir, G. Ateniese, D. Hasse, Y. Kim, C. N. Rotaru, T. Schlossnagle, J. Schultz, J. tanton, and G. Tsudik, \Secure group communication in asynchronous networks with failures, Integration and experiments," IEEE International Conference on Distributed Computing Systems, pp. 330-343, 2000. Y. Amir, Y. Kim, C. N. Rotaru, J. Schultz, and J. Stanton, \Secure group communication using robust contributory key agreement," IEEE Transactions on Parallel and Distributed Systems, vol. 15, no. 4, pp. 468-480, Apr. 2004. Y. Amir, Y. Kim, and C. N. Rotaru, \On the performance of group key agreement protocols," ACM Transactions on Information and System Security, vol. 7, no. 3, pp. 457-488, 2004. E. Bresson, O. Chevassut, D. Pointcheval, amd J. Quisquater, \Provably authenticated group Diffie Hellman key exchange," Proceedings of the 8th ACM Conference on Computer and Communications Security, pp. 255-264, Philadelphia, PA, 2001. M. Burmester, and Y. Desmedt, \A secure and efficient conference key distribution system," Advancesin Cryptology - Eurocrypt'94, pp. 275-286, 1994. W. Diffie, and M. E. Hellman, \New directions in cryptography," IEEE Transactions on Information Theory, ITvol. 22, no. 6, pp. 644-654. Nov. 1976. M. Fratto, \In PKI Ww Trust?," Network Computing, vol.12, no. 18, pp. 69-77, Sep., 2001. S. Hong, and N. L. Benitez, \Media access control (MAC) address-based group key authentication scheme," The 9th World Multi conference on Systemics, Cybernetics and Informatics, pp. 160-164, Orlando, Florida, USA, July 2005. S. Hong, and N. L. Benitez, \Enhanced Group Key Computation Protocol," The 2006 International Conference on Security and Management (SAM'06), Las Vegas, USA, June 26-29, 2006. Y. Kim, A. Perrig, and G. Tsudik, \Simple and fault-tolerant key agr S. Hong, and N. L. Benitez eement for dynamic collaborative groups," The 7th ACM Conference on Computer and Communications Security, pp. 235-244, ACM Press, Athens, Greece, Nov. 2000. Y. Kim, A. Perrig, and G. Tsudik, \Communication efficient group key agreement," 17th International Information Security Conference (IFIP SEC'01), pp. 229-244, June 2001. Y. Kim, Group Key Agreement: Theory and Practice, Ph.D. thesis, May 2002. Y. Kim, A. Perrig, and G. Tsudik, \Tree-based group key agreement," ACM Transactions on Information and System Security, pp. 60-96, 2004. A. K. Lenstra, and E. R. Verheul. \Selecting cryptographic key sizes," 99 PricewaterhouseCoopers CCE newsletter, Nov. 1999. http://www.cryptosavvy.com/ L. E. Moser, Y. Amir, P. M. M. Smith, and D. A. Agarwal, \Extended virtual synchrony," Proceedings of the IEEE 14th International Conference on Distributed Computing Systems, pp. 56-65, IEEE Computer Society Press, Los Alamitos, CA, 1994. M. Steiner, G. Tsudik and M. Waidner, \Key agreement in dynamic peer groups," IEEE Transactions on Parallel and Distributed Systems, vol. 11, no. 8, pp. 769-780, Aug. 2000. D. Wallner, E. Harder, and R. Agee, Key Management for Multicast: Issues and Architecture, Internet-Draft draftwallner-keyarch-00.txt, June 1997. C. Wong, M. Gouda, and S. Lam, \Secure group communications using key graphs," IEEE/ACM Transactions on Networking, vol. 8, no. 1, pp. 16-30, Feb. 2000.

169

Computer Engineering and Intelligent Systems ISSN 2222-1719 (Paper) ISSN 2222-2863 (Online) Vol 2, No.3

www.iiste.org

170