|
Abstract : |
Abstract--With the rapidly growing importance of multicast in the Internet there have been recent proposal, such as RFC 2627, for scalable key distribution such that when the r, th user joins or leaves a group, broadcasting O(log r) encrypted messages is sufficient to redistribute keys. In this paper, we show that this bound is also necessary for a general class of key distribution schemes and under different assumptions on user capabilities. While key distribution schemes can trade addition cost for deletion cost, for any scheme there is a sequence of 2. insertion and deletions whose total cost is 2(.n. lognJ). Thus, any key distribution scheme has a worst-case cost of2(log.n.) either for adding or for deleting a user. Key'words--Multicast, security, protocol analysis., |
