Related Research Efforts

• The Rampart system (Cornell University) was the first to demonstrate the feasibility of reliable and atomic group multicast in asynchronous distributed systems in the presence of Byzantine failures.
• The Immune (UCSB) system secure the low-level ring protocol of the Totem system against Byzantine failures.
• Ensemble security (Cornell University)  allows application-dependent trust models, optimizes certain aspects of group key generation and distribution protocols. The group key exchange protocols used in Ensemble are extensions of symmetric cryptographic tools such as PGP or Kerberos. Moreover, Ensemble relies on a trusted group leader to perform and initiate key generation.
• Secure Spread (Johns Hopkins University) approach is differente from the Ensemble approach since Secure Spread uses a fully distributed group key generation protocol; namely Cliques.

IRTF/IETF Research Groups

• IETF Multicast SECurity Working Group (MSEC)
• IRTF Secure Multicast Research Group (SMuG)
  Drafts
  • Group Secure Association Key Management Protocol, Hugh Harney, Eric Harder
    The Group Secure Association Key Management Protocol (GSAKMP) provides a security framework for creating cryptographic groups on a network. It provides mechanisms to disseminate group security policy, perform access control based upon PKI certificates, generate group keys, and recover from compromise. This framework addresses group scalability issues by facillitating delegation of process-intensive actions in a secure and controlled manner.
  • A Framework for Group Key Management for Multicast Security, T. Hardjono, B. Cain and N. Doraswamy
    This document provides a framework for group key management for multicast security, motivated by three main considerations, namely the multicast application, scalability and trust-relationships among entities. It introduces two planes corresponding to the network entities and functions important to multicasting and to security. The key management plane consists of two hierarchy-levels in the form of a single 'trunk region' (inter-region) and one or more 'leaf regions' (intra-region). The advantages of the framework among others are that it is scalable, it has reduced complexity and allows the independence in regions of group key management.