Iolus: a framework for scalable secure multicasting

Author:
Suvo Mittra

Computer Science Department, Stanford University

Computer Science Department, Stanford University
View Profile

SIGCOMM '97: Proceedings of the ACM SIGCOMM '97 conference on Applications, technologies, architectures, and protocols for computer communicationOctober 1997Pages 277–288https://doi.org/10.1145/263105.263179

Published:01 October 1997Publication History

SIGCOMM '97: Proceedings of the ACM SIGCOMM '97 conference on Applications, technologies, architectures, and protocols for computer communication

Pages 277–288

ABSTRACT

As multicast applications are deployed for mainstream use, the need to secure multicast communications will become critical. Multicast, however, does not fit the point-to-point model of most network security protocols which were designed with unicast communications in mind. As we will show, securing multicast (or group) communications is fundamentally different from securing unicast (or paired) communications. In turn, these differences can result in scalability problems for many typical applications.In this paper, we examine and model the differences between unicast and multicast security and then propose Iolus: a novel framework for scalable secure multicasting. Protocols based on Iolus can be used to achieve a variety of security objectives and may be used either to directly secure multicast communications or to provide a separate group key management service to other "security-aware" applications. We describe the architecture and operation of Iolus in detail and also describe our experience with a protocol based on the Iolus framework.

References

1.T. Ballardie, P. Francis, and J. Crowcrof~. Core Based Trees: An Architecture for Scalable Inter-Domain Multicast Routing. In Proceedings of the A GM SIGGOMM '93, San FYancisco, September 1993.]] Google ScholarDigital Library
2.T. Ballardie and J. Crowcroft. Multicast-specific security threats and counter-measures. In Proceedings of the Symposium on Network and Distributed System Security, San Diego, California, February 1995.]] Google ScholarDigital Library
3.T. Ballardie. Scalable Multicast Key Distribution. HFC 1949, May 1996.]] Google ScholarDigital Library
4.S. Berkovits. How to Broadcast a Secret. In Advances in Cryptology; Proceedings of CRYPTO '91, Lecture Notes in Computer Science 576, Springer-Verlag, Berlin, 1991.]]Google Scholar
5.M. Burmester and Y. Desmedt. A Secure and Efficient Conference Key Distribution System. In Advances in Cryptology: Proceedings of Ct~YPTO '94, Lecture Notes in Computer Science 839, Springer-Verlag, Berlin, 1994.]]Google Scholar
6.G.H. Chiou and W.T. Chen. Secure Broadcasting Using the Secure Lock. IEEE Transactions on Software Engineering, 15(8)'929-934, August 1989.]] Google ScholarDigital Library
7.S.E. Deering. Multicast Routing in Internetworks and Extended LANs. In Proceedings of the A CM SIGCOMM '85, Stanford, California, August 1988.]] Google ScholarDigital Library
8.S.E. Deering. Host Extensions .for IP Multicasting. RFC 1112, August 1989.]] Google ScholarDigital Library
9.S.E. Deering. Multicast Routing in a Datagram {nternetworks, Ph.D. Thesis, Stanford University, December 1991.]] Google ScholarDigital Library
10.S.E. Deering, D. Estrin, D. Farinacci, V. Jacobsen, L. Ching- Gung, and L. Wei, An Architecture for Wide-Area Multicasting. In Proceedings o.f the A CM SIGCOMM '94, London, September 1994.]] Google ScholarDigital Library
11.W. Diffie and M.E. Hellman. New Directions in Cryptography. IEEE Transactions on Information Theory, 22(6):644- 654, November 1976.]]Google ScholarDigital Library
12.S. Floyd, V. Jacobson, C. Liu, S. McCanne, and L. Zhang. A Reliable Multicast Framework for Light-Weight Sessions and Application Level Framing. in Proceedings of the A CM $IGCOMM '95, Boston, August 1995.]] Google ScholarDigital Library
13.L. Gong and N. Shacham. Multicast Security and its extension to a mobile environment. A CM-Baltzer Journal of Wireless Networks, 1(3):281-295, October 1995.]] Google ScholarDigital Library
14.N. Hailer and R. Atkinson. On Internet Authentication. RFC 1704, October 1994.]] Google ScholarDigital Library
15.H. Harney, C. Muckenhirn, and T. Rivers. Group Key Management Protocol (GIfMP) Architecture. Internet Draft, September 1994.]] Google ScholarDigital Library
16.H. Harney, C. Muckenhirn, and T. Rivers. Group Key Management Protocol (GKMP) Specification. Internet Draft, September 1994.]] Google ScholarDigital Library
17.H.W. Holbrook, S.K. Singhal, and D.R. Cheriton. Log-Based Receiver-Reliable Multicast for Distributed Interactive Simulation. In Proceedings of the A CM SIGGOMAf '95, Cambridge, Massachusetts, August 1995.]] Google ScholarDigital Library
18.i. Ingemarsson, D. Tang, and C. Wong. A Conference Key Distribution System. IEEE Transactions on Information Theory, 28(5):714-720, September 1982.]]Google ScholarCross Ref
19.J.B. Lacy, D.P. Mitchell, and W.M. Schell. CryptoLib: Cryptography in Software. In Proceedings of the USENIX UNIX Security Symposium IV, Santa Clara, California, October 1993.]]Google Scholar
20.S. McCanne and V. Jacobsen. vic: A Flexible Framework for Packet Video. In Proceedings of the A CM Multimedia '95, San Francisco, November 1995.]] Google ScholarDigital Library
21.National Bureau of Standards, U.S. Department of Commerce. Data Encryption Standard. FIPS Pub 46, Washington, D.C., January 1977.]]Google Scholar
22.C. Partridge, T. Mendez, and W. Milliken. Host Anycasting Service. RFC 1546, November 1993.]] Google ScholarDigital Library
23.R.L. Rivest. The MD5 Message-Digest Algorithm. RFC 1321, April 1992.]] Google ScholarDigital Library
24.M. Steiner, G. Tsudik, and M. Waidner. Diffie-Hellman Key Distribution Extended to Group Communication. In Proceedings of the 3rd A CM Conference on Computer and Communications Security, New Delhi, March 1996.]] Google ScholarDigital Library
25.L.C.N. Tseung. Guaranteed, Reliable, Secure Broadcast Networks. IEEE Network Magazine, 6(3), November 1989.]]Google Scholar

Index Terms

Iolus: a framework for scalable secure multicasting

Recommendations

Iolus: a framework for scalable secure multicasting

As multicast applications are deployed for mainstream use, the need to secure multicast communications will become critical. Multicast, however, does not fit the point-to-point model of most network security protocols which were designed with unicast ...
Read More
Evaluating TCP-friendliness in light of Concurrent Multipath Transfer

In prior work, a CMT protocol using SCTP multihoming (termed SCTP-based CMT) was proposed and investigated for improving application throughput. SCTP-based CMT was studied in (bottleneck-independent) wired networking scenarios with ns-2 simulations. ...
Read More
TCP CERL: congestion control enhancement over wireless networks

In this paper, we propose and verify a modified version of TCP Reno that we call TCP Congestion Control Enhancement for Random Loss (CERL). We compare the performance of TCP CERL, using simulations conducted in ns-2, to the following other TCP variants: ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Published in
SIGCOMM '97: Proceedings of the ACM SIGCOMM '97 conference on Applications, technologies, architectures, and protocols for computer communication
October 1997
311 pages
ISBN:089791905X
DOI:10.1145/263105
Chairmen:
Christophe Diot
INRIA Sophia Antipolis, France
,
Christian Huitema
Bellcore
,
Scott Shenker
Xerox Corp.
,
Editor:
Martha Steenstrup
BBN Corp., Cambridge, MA
ACM SIGCOMM Computer Communication Review Volume 27, Issue 4
Oct. 1997
291 pages
ISSN:0146-4833
DOI:10.1145/263109
Chairmen:
Christophe Diot
INRIA Sophia Antipolis, France
,
Christian Huitema
Bellcore
,
Scott Shenker
Xerox Corp.,
,
Editor:
Martha Steenstrup
BBN Corp., Cambridge, MA
Issue’s Table of Contents
Copyright © 1997 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 1 October 1997
Permissions
Request permissions about this article.
Request Permissions

Check for updates
Qualifiers
- Article
Conference

Acceptance Rates
SIGCOMM '97 Paper Acceptance Rate24of213submissions,11%Overall Acceptance Rate554of3,547submissions,16%
More
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 441
  Total Citations
  View Citations
- 1,482
  Total Downloads
- Downloads (Last 12 months)120
- Downloads (Last 6 weeks)20
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Iolus: a framework for scalable secure multicasting

SIGCOMM '97: Proceedings of the ACM SIGCOMM '97 conference on Applications, technologies, architectures, and protocols for computer communication

ABSTRACT

References

Cited By

Index Terms

Recommendations

Iolus: a framework for scalable secure multicasting

Evaluating TCP-friendliness in light of Concurrent Multipath Transfer

TCP CERL: congestion control enhancement over wireless networks