International Journal of Computer Information Systems,

Vol. 3, No. 3, 2011

Rekeying Issues in Secure Multicast Group
Communication
R. Varalakshmi

and Dr. V. Rhymend Uthariaraj

,
rvaralakshmi697@gmail.com rhymend@annauniv.edu
Anna University, Chennai, India

Abstract:-
Secure group communication is an increasingly popular
research area having received much attention in recent years.
Multicasting has been at the center of Internet in the area of
Internet activities and has already contributed to some major
successes. As multicast communication runs closer towards
widespread deployment, security issues have become a
central concern and are increasingly important. For secure
multicast services, various tree based group key management
schemes have been introduced until now. Traditional tree
based approaches mainly focus on reducing the rekeying cost
in terms of storage, transmission and computation. On the
other hand, it usually requires keeping the tree in a balanced
state in order to achieve logarithmic rekeying cost. In this
paper, we propose a new multicast key management scheme
that extends Chebyshev polynomials from real field to finite
field, and suggest a trap-door one-way function. According to
the proposed function, a secure and practical encryption
scheme is given. Our protocol applies a star based
architecture to reduce rekeying and provides the good
performance whenever there is a change in the multicast
group. Moreover, our cryptosystem is more secure than RSA
and ElGamal system.

Key words:
Secure group communication, Multicast, Chebyshev
polynomial

1. Introduction
Many applications like pay-perview, distribution of
digital media etc., require secure multicast services in
order to restrict group membership and enforce
accountability of group members. A major issue
associated with the deployment of secure multicast
delivery services is the scalability of the key distribution
scheme. This is particularly true with regard to the
handling of group membership changes, such as
membership departures and/or expulsions, which
necessitate the distribution of a new session key to all the
remaining group members. As the frequency of group
membership change increases, it becomes necessary to
reduce the cost of key distribution operations. A common
method for secure multicast communications is to use a
symmetric key called traffic encryption key(TEK), which
is shared by all legitimate group members and used to
encrypt the transmitted content. In order to prevent the
joined members from reading previous content and the left
member from reading the further content, TEK must be
refreshed after the membership is changed. An easy way is
to allow the key server to share a unique key encryption
key(KEK) with every member. When the membership is
changes, the key server uses the individual KEK of every
member to encrypt the new TEK. This is an inefficient
method because the cost of TEK updates grows linearly
with the group size. Therefore, the key changing process
becomes a critical problem in multicast key management.
2. Related Work
In order to reduce the rekeying overhead, the key tree
architecture has been widely used in multicast
communications. First, a logical key hierarchy (LKH) tree
approach [16,17] has been proposed to reduce the
computational and transmitted cost from O(n) to O(log n)
in the rekeying process, where n is the number of group
members. Then several improvements are proposed. Lie et
al. [18] proposed a periodic batch rekeying algorithm to
solve synchronization and inefficiency problems. Sherman
and McGrew [5] proposed a one-way function tree (OFT)
to reduce the size of the rekeying message from 2(logd n)
to only (logd n). However, the communication cost will be
greater than (logd n) as soon as the key tree is out of
balance.
Recently, the approaches for keeping the tree
architecture balance have been proposed. Goshi and ladner
[18,19] solved the unbalance problem based on 2-3 trees
and have the best performance with the degree-3 key trees.
Lu[20] proposed the non-split balancing high-order
(NSBHO) tree, which does not need to perform node
splitting after the member joining but it has better than
average rekeying performance than a B-tree.
In this paper we propose a scalable key management
scheme for secure multicast communication in a dynamic
group. The scalable key management here means that we
do not require any extra overhead to perform the rekeying
processes and maintain the tree in balance when a member
joins or leaves the group. Here we especially care about
the computational cost and transmitted size in the rekeying
process because they are the major bottlenecks in current
September Issue Page 89 of 105 ISSN 2229 5208
International Journal of Computer Information Systems,
Vol. 3, No. 3, 2011


applications. Our protocol is based on star-based
architecture, which has no unbalanced condition for
membership changes.
3. Preliminaries
It is obvious that the development of a practical public-key
scheme depends on discovery of a suitable trap-door one-
way function [1-5]. The definition of a trap-door one-way
function is easy to calculate in one direction and infeasible
to calculate in the other direction unless certain additional
information is known. We can summarize as following
[15]: A trap-door one-way function is a family of
invertible function, such that

Y=
) (X f
k
easy, if k and x are known
X=
) (
1
Y f
k

easy, if k and Y are known

X=
) (
1
Y f
k

infeasible, if Y is known but k is not known

The function is difficult to find, as evidenced by the fact
that only several such schemes have received widespread
acceptance in the several decades since the concept of
public-key cryptography was proposed.
3.1 A star-based architecture
In this paper, a star-based architecture achieves a scalable
broadcast group efficiently. The architecture is illustrated
in fig 1 in which the central node represents the TEK
which is used to encrypt data in group communications
and known only to the key server.














Fig. 1 Star Architecture.

Each peripheral node represents a secret key which is used
to decrypt data and held only by an individual member.

We propose one trap-door one-way function based on
extended Chebyshev polynomials and theirs performances
are analyzed. Theirs application in encryption are given in
the end. Section 4 shows the basic properties of the
extended Chebyshev polynomials over finite fields, which
can be used as a trap-door one-way function. In section 5,
we give an encryption scheme based on Section 4. Section
4.5 provides a entity authentication scheme based on the
function in Section 4.1.

4. A trap-door one-way function based on extended
Chebyshev map over finite fields
4.1 Extended Chebyshev map over finite fields

Since Chebyshev polynomials have semi-group property
[6] [7] [8] on real field R, they also have semi-group
property over integer Z. Then we can further extend the
definition field and value field of Chebyshev polynomials
to finite fields ZP, where P is a prime number. Over finite
field ZP we can definite the Chebyshev polynomials as the
following.

Let n

Z and variable
P
Z xe
.
The polynomial
P P n
Z Z x T : ) (
is recursively
defined as
2 ) (mod )) ( ) ( 2 ( ) (
2 1
>

n P x T x xT x T
n n n
(1)

Where
) P (mod 1 ) x ( T
0

and
) P (mod x ) x ( T
1

.

Thus, we can get Chebyshev polynomials on finite field
ZP as the following:

) P (mod 1 ) x ( T
0


) P (mod x ) x ( T
1


) P (mod ) 1 x 2 ( ) x ( T
2
2


) P (mod ) x 3 x 4 ( ) x ( T
3
3


) P (mod ) 1 x 8 x 8 ( ) x ( T
2 4
4
+
(2)

) x ( T
n
is algebraic polynomial, so we have the following
equation:

) P (mod )) P (mod x ( T ) P (mod ) x ( T
n n
=
(3)

According to[7] the semi-group property of extended
Chebyshev polynomials over finite fields is that:
T
EK

U
5
U
n

U
1
U
4

U
3 U
2
September Issue Page 90 of 105 ISSN 2229 5208


International Journal of Computer Information Systems,
Vol. 3, No. 3, 2011



Z s r P x T T
P x T P x T T
P P x T T
P x T P P x T T
r s
rs s r
r s
rs s r
e =
=
=
=
, ) (mod )) ( (
) (mod ) ( ) (mod )) ( (
) (mod ))) (mod ( (
) (mod ) ( ) (mod ))) (mod ( (
(4)

4.2 A new trap-door one-way function based on
extended Chebyshev polynomials over finite fields
We know any Chebyshev polynomial
) x ( T
n
can be
written as that:
) (mod ) ( ) (
0
1
1
1
1
P a x a x a x a x T
n
n
n
n n
+ + + +

(5)
In equation (5), gaining
) x ( T
n
given n and x is very easy,
but gaining n given
) x ( T
n
and x is very difficult, and
almost unfeasible in computation. The difficulty can be
compared with the intractability of discrete logarithm
problem. When the value of n in equation (5) is equal to
the value of discrete logarithm, solving the n of equation
(5) is more difficult and complex than solving discrete
logarithm for the existence of other low power elements in
equation (5), such as xn-1, xn-2, and so on. So equation
(5) has a good one-way property in computation. Equally,
Chebyshev polynomials on finite fields have good one-
way property.

In equation (5), n is equal to a trapdoor. If we know n and
x, it is easy and fast to compute
) x ( T
n
by using following
fast algorithm. According to the semi-group property of
equation (4), and
m
k
m
k k
s s s n =
2 1
2 1
,
) x ( T
n
can be
computed by that:

) (mod )) ) ( ( (
) (mod ) (
2
2
1
1
P x T T T
P x T
m
m
k
s
k
s
k
s
n
=
.

The number of iteration is k
1
+k
2
++k
m
.

If n isnt known, the only possible way is to compute
) (x T
k
for all k=2,,n, and find whether
) (x T
k
=
) (x T
n

one by one. However, if n is a large enough number, it is
impossible to do so.

Due to the one-way trapdoor property of Chebyshev
polynomials over finite fields, they can be used to
construct key public key encryption algorithm and entity
authentication scheme. Because we extend the Chebyshev
polynomials from x
e
[-1, 1] to
P
Z x e
, the attack by the
way of [7] is invalid to our cryptosystem. Moreover, it is
clear that our cryptosystem is more secure than RSA and
ElGamal system. Here we assume that ZP is a finite field
and Zn is an integer ring. All computation of the following
is over ZP and Zn.

4.3. Public key encryption algorithm based on the
new trap-door one-way function
For the one-way trapdoor and semi-group properties of
Chebyshev polynomials on finite fields, we can use it to
construct public key encryption algorithm, which includes
three processes: key generation, encryption and decryption.
4.3.1 The process of key pair generation
According to the Chebyshev polynomials on finite
fields, the process of key pair generation is that:
(1) Randomly selects a large integer
*
n
Z SKe
and an
integer
*
P
Z xe
, and computes
) P (mod ) x ( T PK
SK
=
.

(2) Let SK as private key and {xPK} as public key.

4.3.2 The process of message encryption
We assume Key server wants to send message
*
P
Z M e

to User, and uses Users public key to encrypt the message.
The process is that:
(1) Key server randomly selects a larger integer
*
n
Z Re
,
and uses Users public key {xPK} to compute as the
following:
) P (mod ) x ( T 1 K
R
=
and
) P (mod ) PK ( T 2 K
R
=
.
(2) Key server Computes Cipher text
) (mod 2 P K M C =
.
(3) Key server sends encrypted message {C, K1} to User.

4.3.3 The process of message decryption
After receiving the encrypted message, User decrypts
the message by his private key. The process is that:
(1) User computes
) P (mod ) 1 K ( T 2 K
SK
=
.
(2) User decrypts the message as that:
) P (mod ) 2 K ( C M
1
- =
.

September Issue Page 91 of 105 ISSN 2229 5208
International Journal of Computer Information Systems,
Vol. 3, No. 3, 2011


From the equation (4), we know that:

2 ) (mod ) (
) (mod )) ( (
) (mod )) ( ( ) (mod ) 1 (
K P PK T
P x T T
P x T T P K T
R
SK R
R SK SK
= =
=
=


So the message M can be decrypted correctly.

4.4 Entity authentication scheme based on the new
trap-door one-door function
Entity authentication is defined as follows:

Definition 4.4.1[14]: Entity authentication is the process
whereby one party is assured (through acquisition of
corroborative evidence) of the identity of a second party
involved in a protocol, and that the second has actually
participated (i. e., is active at, or immediately prior to, the
time evidence is acquired).

We propose a scheme based on extended Chebyshev
polynomials, by means of which a user can efficiently
authenticate himself to a server in order to log in. Apart
minor implementation details, the scheme works as
follows:

Within
*
p
Z
, let m
e
*
n
Z
, and denote by
) (
i
s
T
(mod p)
the map
) (
s
T
(mod p) iterated i times, i.e.,

p) (mod ) (
p) (mod ) )) ( ( ( ) )(mod (
=
=
i
s
s s s s
i
s
T
T T T T p T
.

Setup Phase Server Side

1. The server generates a random integer r.
2. Computes and sends
) (m T
r
(mod p) to the user.



Setup Phase User Side

1. The user chooses a random integer s.

i-th Authentication Phase
1. The user computes
) (m T
i
s
(mod p), and
auth=
)) ( ( m T T
r
i
s
(mod p), and sends both values to the
server.
2. The server computes auth
'
=
)) ( ( m T T
r
i
s
(mod p) and
checks whether auth=auth
'
. Then, if the check is satisfied,
the access is granted.

It is easy to see that, due to the same theory background,
the performances of the scheme are similar to that of
encryption scheme above.
Figure 2 and 3 illustrate the processing time and
transmission size for a secure multicast among the
different group sizes. The size of the transmitted message
is 1 MB, and the selected crypto scheme Chebyshev
polynomial. The simulated environment is 800 MHz
Pentium III PCs with 256 MB memory.




Figure 2 Processing time for secure multicast among
different group sizes.




Figure 3 Transmission size for secure multicast amoung
different group sizes.

September Issue Page 92 of 105 ISSN 2229 5208


International Journal of Computer Information Systems,
Vol. 3, No. 3, 2011


The simulated results show that the star architecture using
Chebyshev polynomial scheme has the best performance
among the other tree based schemes in terms of processing
time and transmission size. Therefore, we can conclude
that our scheme is more efficient than the other tree based
schemes.
5 Conclusion
In conclusion, in this paper we have proposed a trap-door
one-way function based on extended Chebyshev
polynomials. And we have given encryption scheme and
entity authentication algorithm based on extended
Chebyshev polynomials over finite fields, which is secure
and practical.

From the analyses of this paper, we can conclude that (i)
any algebraic polynomials, which have semi-group
property of equation (2) and recursion property like
equation (1) over real field, can be used to construct a
trap-door one-way function. (ii) the proposed function can
be used to construct public key encryption algorithm ,
entity authentication, key agreement algorithm and digital
signature algorithm. Moreover, it is clear that our
cryptosystem is more secure than RSA and ElGamal
system. The detailed study of the proposed function as
well as the further application in cryptography is topics of
our future research.

References
[1] Diffie W., Hellman M.E., New directions in cryptography,
Information Theory, IEEE, 1976, 22(6): 644-654.
[2] Rivest R.L., Shamir A., Adleman L., Method for obtaining
digital signatures and public-key cryptosystems,
Communications of the ACM, 1978, 21(2): 120-126.
[3] Rivest R.L., Shamir A., Adleman L., On digital signatures
and public key cryptosystems, MIT Laboratory for
Computer Science, Technical Report, 1979.
[4] Elgamal T., A public key cryptosystem and a signature
scheme based on discrete logarithms, Information Theory,
IEEE, 1985, 31(4): 469-472.
[5] Elgamal T., A public key cryptosystem and a signature
scheme based on discrete logarithms, CRYPTO 84 on
Advances in Cryptology Proceedings, 1984, 10-18.
[6] Kocarev L., Tasev Z., Public-key encryption based on
Chebyshev maps, The 2003 IEEE International Symposium
on Circuits and Systems Proceedings, 2003. 28-31.
[7] Pina Bergamo, Paolo D'Arco, Alfredo De Santis, et al.,
Security of public key cryptosystems based on Chebyshev
polynomials, http://citebase.eprints.org, 2004.
[8] D Xiao, X Liao, G Tang, Chuandong Li. Using Chebyshev
chaotic map to construct infinite length hash chains, Circuits
and Systems, 2004. ISCAS '04. Proceedings of the 2004
International Symposium , 25-28 May 2004, Volume:
1 ,Pages:11-12.
[9] Xiao Di Liao Xiaofeng Wong K.W. An efficient entire
chaos-based scheme for deniable authentication. Chaos,
Solitons and Fractals , Issue: 4, February, 2005, Volume: 23,
pp. 1327-1331
[10] Kocarev L. Chaos-based cryptography: a brief
overview.Circuits and Systems Magazine, IEEE , Issue: 3 ,
2001 Volume: 1 ,Pages:6 21
[11] Kocarev L Sterjev M Amato P. RSA encryption
algorithm based on torus automorphisms. Circuits and
Systems, 2004. ISCAS '04. Proceedings of the 2004
International Symposium on , 23-26 May 2004 Volume:
4 ,Pages:IV - 577-80 Vol.4
[12] Kohda Tohru Fujisaki Hirohi. Jacobian elliptic
Chebyshev rational maps.Physica D Issue: 3-4, January 15,
2001, Volume: 148,pp. 242-254
[13] William Stallings. Cryptography and Network Security
Principles and Practices .Third Edition.Prentice Hall.2003
[14] A.Menezes, P. van Oorschot, S.Vanstone, Handbook of
Applied Cryptography, CRC Press, 1997.
[15] Douglas R. Stinson. Cryptography Theory and Practice,
second edition, CRC Press, 2002.
[16] Debby M. Wallner, Eric J. Harder, Ryan C. Agee, Key
Management for Multicast: Issues and Architectures,
Informational RFC, draft-Wallnerkey-arch-ootxt, July 1997.
[17] Chung Kei Wong, Mohamed Gouda, and Simon S Lam,
Secure Group Communication Using Key Graphs,
Proceedings of ACMSIGCOMM, Vancouver, British
Columbia, September 1998.
[18] Goshi, J. and Ladner, R.E (2003) Algorithms for Dynamic
Multicast Key Distribution Trees. Procs. Twenty-second
Annual Symp. Principles of Distributed Computing
(PODC2003), New York, NY, USA, July, pp 243-251.
[19] R. Varalakshmi, V. Rhymend Uthariaraj, IEEE-
International Conference on Recent Trends in Information
Technology, ICRTIT 2011, pp 85-90.
[20] R. Varalakshmi, V. Rhymend Uthariaraj, International
Journal of Computer Technology and Applications,
Vol 2 (5), 1568-1572.

September Issue Page 93 of 105 ISSN 2229 5208