Skip to main content
SpringerLink
Log in

Multicast security and its extension to a mobile environment

  • Published:
Wireless Networks Aims and scope Submit manuscript

Abstract

Multicast is rapidly becoming an important mode of communication and a good platform for building group-oriented services. To be used for trusted communication, however, current multicast schemes must be supplemented by mechanisms for protecting traffic, controlling participation, and restricting access of unauthorized users to data exchanged by the participants. In this paper, we consider fundamental security issues in building a trusted multicast facility. We discuss techniques for group-based data encryption, authentication of participants, and preventing unauthorized transmissions and receptions. We also describe the application of these principles and techniques in designing an architecture for secure multicast in a mobile environment.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. M. Abadi and R.M. Needham, Prudent engineering practice for cryptographic protocols,Proc. IEEE Symp. on Research in Security and Privacy, Oakland, California (1994) pp. 122–136.

  2. A.J. Ballardie, P. Francis and J. Crowcroft, Core based trees—An architecture for scalable inter-domain multicast routing,Proc. ACM SIGCOMM, San Francisco, California (1993) pp. 85–95. Published as ACM Comp. Commun. Rev. 23(4) (1993) 85–95.

  3. S. Berkovits, How to broadcast a secret,Advances in Cryptology: Proc. Eurocrypt '91, Vol. 547 of Lecture Notes in Computer Science (Springer, New York, April 1991) pp. 535–541.

    Google Scholar 

  4. K.P. Birman and T.A. Joseph, Reliable communication in the presence of failures, ACM Trans. Comp. Syst. 5 (1) (1987) 47–76.

    Google Scholar 

  5. C. Blundo, A. De Santis, A. Herzberg, S. Kutten, U. Vaccaro and M. Yung, Perfectly-secure key distribution for dynamic conferences,Advances in Cryptology: Proc of Crypto '92, Vol. 740 of Lecture Notes in Computer Science (Springer, New York, 1992) pp. 471–486.

    Google Scholar 

  6. J.A. Bull, L. Gong and K.R. Sollins, Towards security in an open systems federation,Proc. European Symp. on Research in Computer Security, Vol. 648 of Lecture Notes in Computer Science (Springer, 1992) pp. 3–20.

  7. D.R. Cheriton and W. Zwaenepoel, Distributed process groups in the V kernel. ACM Trans. Comp. Syst. 3 (2) (1985) 77–107.

    Google Scholar 

  8. W.R. Cheswick and S.M. Bellovin,Firewalls and Internet Security (Addison-Wesley, 1994).

  9. G.H. Chiou and W.T. Chen, Secure broadcasting using secure lock, IEEE Trans. Software Eng. 15 (1989) 929–934.

    Google Scholar 

  10. M. de Prycker,Asynchronous Transfer Mode: Solution for Broadband ISDN (Ellis Horwood, New York, 2nd ed., 1993).

    Google Scholar 

  11. S. Deering, Host extensions for IP multicasting, Request for Comments 1112, Internet Network Working Group (1989).

  12. S.E. Deering and D.R. Cheriton, Multicast routing in datagram internetworks and extended LANs, ACM Trans. Comp. Syst. 8 (2) (1990) 85–110.

    Google Scholar 

  13. L. Delgrossi, R.G. Herrtwich, F.O. Hoffman and S. Schaller, Receiver-initiated communication with ST-II, Preliminary version (1994).

  14. W. Diffie and M.E. Hellman, Exhaustive cryptanalysis of the NBS data encryption standard. IEEE Comp. 10 (6) (1977) 74–84.

    Google Scholar 

  15. D. Estrin, J.C. Mogul and G. Tsudik, Visa protocols for controlling interorganizational datagram flow, IEEE J. Select. Areas Commun. 7 (1989) 486–498.

    Google Scholar 

  16. H.T. Kung et al., Secure short-cut routing for mobile IP,Proc. USENIX Summer Technical Conference, Boston, Massachusetts (1994).

  17. The ATM Forum,User-Network Interface Specification (Version 3.0) (Prentice-Hall, New Jersey, 1993).

    Google Scholar 

  18. L. Gong, Efficient network authentication protocols: Lower bounds and optimal implementations, Technical Report SRI-CSL-94-15, Computer Science Laboratory, SRI International, Menlo Park, California (1994).

    Google Scholar 

  19. L. Gong, New protocols for third-party-based authentication and secure broadcast,Proc. 2nd ACM Conf. on Computer and Communications Security, Fairfax, Virginia (1994) pp. 176–183.

  20. L. Gong and N. Shacham, Elements of trusted multicasting,Proc. IEEE Int. Conf. on Network Protocols, Boston, Massachusetts (1994), pp. 23–30. A preliminary version appeared as Technical Report SRI-CSL-94-03, Computer Science Laboratory, SRI International, Menlo Park, California (1994).

    Google Scholar 

  21. L. Gong and D. J. Wheeler, A matrix key distribution scheme, J. Cryptology 2 (2) (1990) 51–59.

    Google Scholar 

  22. G.H. Hardy and E.M. Wright,An Introduction to the Theory of Numbers (Oxford University Press, Oxford, England, 1979; first ed. 1938, fifth ed. 1979, reprinted (with corrections) 1983).

    Google Scholar 

  23. C. Huitema and B. Braden, Report of IAB workshop on security in the internet architecture, Internet draft, IAB (1994).

  24. R.H. Katz, Adaptation and mobility in wireless information systems, IEEE Personal Commun. (First Quarter 1994) 6–17.

  25. S.T. Kent, Internet privacy enhanced mail, Commun. ACM 36 (8) (1993) 48–59.

    Google Scholar 

  26. C.S. Laih, J.Y. Lee and L. Harn, A new threshold scheme and its application in designing the conference key distribution cryptosystem. Inf. Proc. Lett. 32 (1989) 95–99.

    Google Scholar 

  27. J. McLean, The specification and modeling of computer security, IEEE Comp. 23 (1) (1990), 9–16.

    Google Scholar 

  28. M. Minsky, A conversation with Marvin Minsky about agents, Commun. ACM 37 (7) (1994) 23–29. Interviewed by Doug Riecken.

    Google Scholar 

  29. B.C. Neuman and T. Ts'o, Kerberos: An authentication service for computer networks, IEEE Commun. 32 (9) (1994) 33–38.

    Google Scholar 

  30. C. Partridge, T. Mendez and W. Milliken, Host anycasting service, Request for Comments 1546, Internet Network Working Group (1993).

  31. C.E. Perkins and P. Bhagwat, A mobile networking system based on internet protocol, IEEE Personal Commun. (First Quarter 1994) 32–41.

  32. B. Preneel, Cryptographic hash functions, European Trans. Telecom. 5 (1994) 431–448.

    Google Scholar 

  33. M. Reiter, A secure group membership protocol,Proc. IEEE Symp. on Research in Security and Privacy, Oakland, California (1994) pp. 176–189.

  34. M. Reiter, Secure agreement protocols: Reliable and atomic group multicast in rampart,Proc. 2nd ACM Conf. on Computer and Communications Security, Fairfax, Virginia (1994) pp. 68–80.

  35. M. Reiter, K. Birman and L. Gong, Integrating security in a group-oriented distributed system,Proc. IEEE Symp. on Research in Security and Privacy, Oakland, California (1992) pp. 18–32. Also available as TR92-1269, Department of Computer Science, Cornell University.

  36. M. Reiter and L. Gong, Preventing denial and forgery of causal relationships in distributed systems,Proc. IEEE Symp. on Research in Security and Privacy, Oakland, California (1993) pp. 30–40.

  37. R.L. Rivest, A. Shamir and L. Adleman, A method for obtaining digital signatures and public-key cryptosystems, Commun. ACM 21 (2) (1978) 120–126.

    Google Scholar 

  38. N. Shacham, Multicast routing of hierarchical data,Proc. Int. Conf. on Communications, Chicago, Illinois (1992).

  39. A. Shamir, How to share a secret, Commun. ACM 22 (1979) 612–613.

    Google Scholar 

  40. W.A. Simpson, IP mobility support, Draft 4, IETF Network Working Group (1994).

  41. C. Topolocic, Experimental internet stream protocol, Version 2 (ST-II), Request for Comments 1190, Internet Activities Board (1990).

  42. Data Encryption Standard, (U.S.) National Bureau of Standards, (U.S.) Federal Information Processing Standards Publication, FIPSPUB46 (1977).

  43. V.L. Voydock and S.T. Kent, Security mechanisms in high-level network protocols. ACM Comp. Surveys 15 (1983) 135–171.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Computer Science Laboratory, SRI International, 333 Ravenswood Avenue, 94025, Menlo Park, California, USA

    Li Gong & Nachum Shacham

Authors
  1. Li Gong
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Nachum Shacham
    View author publications

    You can also search for this author in PubMed Google Scholar

Rights and permissions

Reprints and permissions

About this article

Cite this article

Gong, L., Shacham, N. Multicast security and its extension to a mobile environment. Wireless Netw 1, 281–295 (1995). https://doi.org/10.1007/BF01200847

Download citation

  • Issue Date:

  • DOI: https://doi.org/10.1007/BF01200847

Keywords

Search

Navigation