Contribución a la seguridad en servicios multimedia. Aplicación a entornos multicast

Author

Pegueroles, Josep R. (Josep Rafael)

Director

Rico Novella, Francisco José

Date of defense

2003-11-21

ISBN

8468847429

Legal Deposit

B-3478-2004



Department/Institute

Universitat Politècnica de Catalunya. Departament d'Enginyeria Telemàtica

Abstract

Usually multimedia services can be divided into two different phases: access to the service and content distribution. The first phase usually takes place over reliable transport protocols and unicast connections. The second one is often performed over unreliable transport protocols and multicast communications. <br/><br/>Adding security to the first phase only needs a straight application of well known unicast security techniques. On the contrary, adding security to IP multicast requires the study of a new problem because traditional unicast solutions do not fit the new environment.<br/><br/>This Doctoral Thesis deals with the arising problems when security is added to multicast environments and proposes different practical solutions.<br/><br/>Among all the attacks to the distribution phase, eavesdropping is probably the most significant. Ciphering is the security service against eavesdropping. Multicast encryption introduces the Key Management problem in multicast.<br/><br/>If Perfect Forward and Backward secrecy is required the session key must be updated every time a member joins or leaves the multicast group. In huge and highly dynamic groups the unicast distribution of the session key is completely unfeasible <br/><br/>The contributions of this Thesis consist in different logical key tree based updating algorithms for multicast. Our proposals take advantage of pseudo-random functions and modular reduction in order to reduce required bandwidth for updating and total amount of bytes stored in the Key Server. <br/><br/>In many scenarios it is not worth to update the key every time a change in the membership occurs. Services as Web-TV permit a decrease in security in order to reduce bandwidth requirements for key management. In such case batch rekeying algorithms are used. This kind of algorithm process periodically all joining and leaving requests produced since the last rekeying process at once. Batch rekeying algorithms are efficient if and only if the logical tree is maintained balanced. This Thesis also proposes a batch-rekeying algorithm that leads to completely balanced trees for the whole group lifetime.<br/>Batch processing techniques are also combined with the former contributions in order to increase efficiency.<br/><br/>The proposals of this Thesis are not supported by the IETF standard on Key Management for multicast secure communications (GDOI). This is mainly because this standard does not allow members to change their position in the tree while they are members of the group. Finally, an adaptation of GDOI allowing the performance of our contributions is proposed.

Keywords

gestió de claus en multicast; seguretat en xarxes de computadors

Subjects

621.3 Electrical engineering

Knowledge Area

3325. Tecnologia de les comunicacions

Documents

THESI.pdf

3.002Mb

 

Rights

ADVERTIMENT. L'accés als continguts d'aquesta tesi doctoral i la seva utilització ha de respectar els drets de la persona autora. Pot ser utilitzada per a consulta o estudi personal, així com en activitats o materials d'investigació i docència en els termes establerts a l'art. 32 del Text Refós de la Llei de Propietat Intel·lectual (RDL 1/1996). Per altres utilitzacions es requereix l'autorització prèvia i expressa de la persona autora. En qualsevol cas, en la utilització dels seus continguts caldrà indicar de forma clara el nom i cognoms de la persona autora i el títol de la tesi doctoral. No s'autoritza la seva reproducció o altres formes d'explotació efectuades amb finalitats de lucre ni la seva comunicació pública des d'un lloc aliè al servei TDX. Tampoc s'autoritza la presentació del seu contingut en una finestra o marc aliè a TDX (framing). Aquesta reserva de drets afecta tant als continguts de la tesi com als seus resums i índexs.

This item appears in the following Collection(s)