Sandro Rafaeli

A survey of key management for secure group communication

Group communication can benefit from IP multicast to achieve scalable exchange of messages. However, there is a challenge of effectively controlling access to the transmitted data. IP multicast by itself does not provide any mechanisms for preventing nongroup members to have access to the group communication. Although encryption can be used to protect messages exchanged among group members, distributing the cryptographic keys becomes an issue. Researchers have proposed several different approaches to group key management. These approaches can be divided into three main classes: centralized group key management protocols, decentralized architectures and distributed key management protocols. The three classes are described here and an insight given to their features and goals. The area of group key management is then surveyed and proposed solutions are classified according to those characteristics.

Hydra: a decentralised group key management

Hydra is a scaleable decentralised architecture to create and distribute symmetric cryptographic keys to large multicast-based groups. The group is divided into a number of TTL-scoped regions in order to achieve flexible and efficient key management, particularly in face of group membership changes. Hydra does not employ a manager for subgroup managers, and hence, it is not vulnerable to failures of single entities.

EHBT: An Efficient Protocol for Group Key Management

Several protocols have been proposed to deal with the group key management problem. The most promising are those based on hierarchical binary trees. A hierarchical binary tree of keys reduces the size of the rekey messages, reducing also the storage and processing requirements. In this paper, we describe a new efficient hierarchical binary tree (EHBT) protocol. Using EHBT, a group manager can use keys already in the tree to derive newk eys. Using previously known keys saves information to be transmitted to members when a membership change occurs and newk eys have to be created or updated. EHBT can achieve (I ? log2 n) message size (I is the size of a key index) for join operations and (K?log2 n) message size (K is the size of a key) for leave operations. We also showt hat the EHBT protocol does not increase the storage and processing requirements when compared to other HBT schemes.

Analysis of an anonymity network for web browsing

Various systems offering anonymity for near real-time Internet traffic have been operational. However, they did not deliver many quantitative results about performance, bandwidth overhead, or other issues that arise when implementing or operating such a system. Consequently, the problem of designing and operating these systems in a way that they provide a good balance between usability, protection from attacks, and overhead is not well understood. In this paper, we present the analysis of an anonymity network for web browsing that offers a high level of anonymity against a sophisticated attacker and good end-to-end performance at a reasonable bandwidth overhead. We describe a novel way of operating the system that maximizes the protection from traffic analysis attacks while minimizing the bandwidth overhead. We deliver quantitative results about the performance of our system, which should help to give a better understanding of anonymity networks.

An architecture for an anonymity network

It is difficult to design a system that provides anonymity for delay-sensitive services such as Web browsing. Existing systems are either not resistant against sophisticated attacks or they achieve their level of anonymity at the cost of a high bandwidth overhead. In addition, these systems do not meet all of our requirements. In this paper, we present the architecture of our prototype implementation of an anonymity network. Our system is trustworthy, fair, stable, modular, and bases on the well studied and accepted secure sockets layer protocol. With this system, we want to derive quantitative results about the tradeoff between anonymity and performance penalty. We will then extend our anonymity network such that it provides high resistance against various attacks while minimizing its bandwidth overhead.

A Multimedia Session Manager Service for the Collaborative Browsing System

Browsing the Web is usually a lonely task. People visit sites, collect information and are not aware of other people looking at the same material, people with whom they could exchange experiences and ideas about the subject they are looking at. A Collaborative Browsing System (CoBrow) has been developed to bring awareness to the World Wide Web. CoBrow users can see other people looking at the same Web pages they are browsing. The Multimedia Session Manager (MSM) is one of the components that currently form CoBrow. It is responsible for initiating and managing multimedia sessions required by CoBrow users. This paper aims to describe the work performed by MSM in managing those users and their sessions.