在MBone網路上具擴充性的安全群組通訊協定

Abstract

目前許多學者、研究人員都致力於設計適用於群組通訊環境的安全通訊協定或群組金鑰的管理架構，以期能建立安全、隱密、有效率的群組通訊環境。但是，目前所設計的群組通訊協定或金鑰管理架構並沒有考慮到實際的網路架構，且其擴充性與運作效率均不高，因此，這些安全機制並不適用於多址傳輸骨幹網路 (MBone) 上。在這篇論文中，我們提出一套分散式的金鑰管理、發送機制，並設計一套安全多址傳輸協定，使其不但符合多址傳輸網路骨幹的底層架構，且更具高擴充性及高效率。在本論文所提出的安全多址協定中，我們利用多址傳輸網路骨幹上具有多個區域網路組合元件的特性，將整個通訊群組區分成數個較小的區域群組，並將每個區域網路當成一個通訊的基本單位。利用這種網路的組成特性，將群組金鑰的發送、更新等程序限制在區域群組內。當某區域網路的使用者加入或離開通訊群組時，只有該區域群組的使用者須更新區域群組的金鑰，其他區域群組的使用者完全不須做任何的動作。這種特性將使我們設計的安全群組通訊協定變得更有效率，且具有良好的擴充性。我們同時考量不同型態的群組通訊環境有其不同的運作方式，將這個安全通訊協定區分成兩種運作模式，使其在各種環境下都具有最佳的運作效率。

Despite many protocols designed for secure group communication have been proposed, they are impractical to use on Muticast Backbone (MBone). This is mainly for two reasons. First, the physical network architecture is not considered in their protocols. Second, these protocols are not scalable and efficient enough to use in MBone. In this thesis, we propose a secure and efficient multicast protocol where the key management and distribution mechanism is distributed. The proposed protocol takes advantage of the physical architecture of MBone while keeping the protocol scalable and efficient at the same time. By retaining the feature that multiple sub-networks construct MBone, hosts of a sub-network form a subgroup. All key distribution and key renewal procedures are restricted within a subgroup. When users of a subgroup join or leave a group, only members of that subgroup need to renew their subgroup key. Keys of other subgroups remain unchanged. To reach better performance, our protocol is divided into two modes which can easily adapt to different group communication environments.