SEMSOMM--A Scalable Multiple Encryption Scheme for One-To-Many Multicast

Many traditional and new Internet multi-party applications require a scalable, secure group communication infrastructure. Some of these applications such as video conferencing involve many-to-many communication while others such as stock exchange systems engage in one-to-many data distribution. In this paper, we present a novel solution for the latter area. Our approach, which we call Semsomm, relies on two main ideas: First, we use intermediate nodes of the multicast distribution tree as untrusted relaying nodes in order to overcome the need to re-key the entire group upon each membership change. Second, the session key is periodically renewed and redistributed to legitimate group members, thus inhibiting any collusion attack. Semsomm scales to very large groups while preserving perfect forward secrecy of the multicasted data information because of its multiple encryption method. Furthermore, we show how our approach can be extended first to few-to-many and then to many-to-many scenarios with the appropriate network based infrastructural enhancements such as active networks.