Secure Multicast Using Proxy Encryption


In a secure multicast communication environment, only valid members belong to the multicast group could decrypt the data. In many previous researches, there is one “group key” shared by all group members. However, this incurs the so-called “1 affects n problem,” that is, an action of one member affects the whole group. We believe this is the source of scalability problems. Moreover, from the administrative perspective, it is desired to confine the impacts of changing membership events in a local area. In this paper, we propose a new secure multicast architecture without using a group key. We exploit a cryptographic primitive “proxy encryption.” It allows routers to convert a ciphertext encrypted under a key to a ciphertext encrypted under another key, without revealing the secret key and the plaintext. By giving proper keys to intermediate routers, routers could provide separation between subgroups. Therefore the goals of scalability and containment are achieved.


Yun-Peng Chiu, Chin-Laung Lei, and Chun-Ying Huang, "Secure Multicast Using Proxy Encryption," ICICS, December 2005.