Common use of Decentralized Group Key Distribution Protocols Clause in Contracts

Decentralized Group Key Distribution Protocols. Decentralized group key distribution protocols can be preferred to contributory group key agreement protocols, since they rely on inexpensive symmetric key encryption technique. How- ever, all group key distribution schemes assume secure channel that is, in practice, implemented by public key cryptosystem (e.g. Xxxxxx-Xxxxxxx). Furthermore, they require the leader to es- tablish multiple secure two-party channels between itself and other group members in order to securely distribute the new key. Maintaining such channels in dynamic groups can be expensive since setting up each channel involves a separate two-party key agreement. When a group is dynamic, amortized number of secure channel becomes O(n2). Another disadvantage is the reliance on a single entity to generate good (i.e., cryptographically strong, random) keys. First decentralized group key distribution scheme is due to Xxxxxxxxx et al. [12]. They propose efficient protocols for small-group key agreement and large-group key distribution. Unfortunately, their scheme for autonomous small group key agreement is not collusion resistant. Xxxxxxx et al. modified OFT (One-way Function Tree) [20] to provide dynamic server elec- tion [14]. This protocol has same key tree structure and uses similar notations (e.g. keys, blinded keys). Other than expensive maintainence of secure channels described above, this protocol has expensive communication cost: Even for single join and leave, this protocol can take O(h) rounds to complete, when h is the height of the key tree. The authors do not consider merge and partition event, and also implementation. One advantage different from others is that their group key does not depend on a single entity. Xxxxx et al. [24] propose a decentralized group key distribution protocol extended from LKH protocol [30]. It tolerates network partitions and other network events. Even though this approach cannot help incurring basic disadvantages discussed above, authors reduce the communication and computational cost. In addition, authors use AVL tree to provide provable and efficient tree height.

Decentralized Group Key Distribution Protocols. Decentralized group key distribution protocols can be preferred to contributory group key agreement protocols, since they rely on inexpensive symmetric key encryption technique. How- ever, all group key distribution schemes assume secure channel that is, in practice, implemented by public key cryptosystem (e.g. Xxxxxx-Xxxxxxx). Furthermore, they require the leader to es- tablish multiple secure two-party channels between itself and other group members in order to securely distribute the new key. Maintaining such channels in dynamic groups can be expensive since setting up each channel involves a separate two-party key agreement. When a group is dynamic, amortized number of secure channel becomes O(n2). Another disadvantage is the reliance on a single entity to generate good (i.e., cryptographically strong, random) keys. First decentralized group key distribution scheme is due to Xxxxxxxxx et al. [12]. They propose efficient protocols for small-group key agreement and large-group key distribution. Unfortunately, their scheme for autonomous small group key agreement is not collusion resistant. Xxxxxxx et al. modified OFT (One-way Function Tree) [20] to provide dynamic server elec- tion [14]. This protocol has same key tree structure and uses similar notations (e.g. keys, blinded keys). Other than expensive maintainence of secure channels described above, this protocol has expensive communication cost: Even for single join and leave, this protocol can take O(h) rounds to complete, when h is the height of the key tree. The authors do not consider merge and partition event, and also implementation. One advantage different from others is that their group key does not depend on a single entity. Xxxxx et al. [24] propose a decentralized group key distribution protocol extended from LKH protocol [30]. It tolerates network partitions and other network events. Even though this approach cannot help incurring basic disadvantages discussed above, authors reduce the communication and computational cost. In addition, authors use AVL tree to provide provable and efficient tree height.

Decentralized Group Key Distribution Protocols. Decentralized group key distribution protocols can be preferred to contributory group key agreement agree- ment protocols, since they rely on inexpensive symmetric key encryption technique. How- everHowever, all group key distribution schemes assume secure channel that is, in practice, implemented by public key cryptosystem (e.g. Xxxxxx-Xxxxxxx). Furthermore, they require the leader to es- tablish establish multiple secure two-party channels between itself and other group members in order to securely distribute the new key. Maintaining such channels in dynamic groups can be expensive since setting up each channel involves a separate two-party key agreement. When a group is dynamic, amortized number num- ber of secure channel becomes O(n2). Another disadvantage is the reliance on a single entity to generate good (i.e., cryptographically strong, random) keys. First decentralized group key distribution scheme is due to Xxxxxxxxx et al. [12]. They propose efficient protocols for small-group key agreement and large-group key distribution. Unfortunately, their scheme for autonomous small group key agreement is not collusion resistant. Xxxxxxx et al. modified OFT (One-way Function Tree) [20] to provide dynamic server elec- tion election [14]. This protocol has same key tree structure and uses similar notations (e.g. keys, blinded keys). Other than expensive maintainence maintenance of secure channels described above, this protocol has expensive expen- sive communication cost: Even for single join and leave, this protocol can take O(h) rounds to complete, when h is the height of the key tree. The authors do not consider merge and partition event, and also implementation. One advantage different from others is that their group key does not depend on a single entity. Xxxxx Rodeh et al. [2423] propose a decentralized group key distribution protocol extended from LKH protocol [3029]. It tolerates network partitions and other network events. Even though this approach cannot help incurring basic disadvantages discussed above, authors reduce the communication and computational cost. In addition, authors use AVL tree to provide provable and efficient tree height.

Decentralized Group Key Distribution Protocols. Decentralized group key distribution protocols can be preferred to contributory group key agreement protocols, since they rely on inexpensive symmetric key encryption technique. How- ever, all group key distribution schemes assume secure channel that is, in practice, implemented by public key cryptosystem (e.g. Xxxxxx-Xxxxxxx). Furthermore, they require the leader to es- tablish multiple secure two-party channels between itself and other group members in order to securely distribute the new key. Maintaining such channels in dynamic groups can be expensive since setting up each channel involves a separate two-party key agreement. When a group is dynamic, amortized number of secure channel becomes O(n2). Another disadvantage is the reliance on a single entity to generate good (i.e., cryptographically strong, random) keys. First decentralized group key distribution scheme is due to Xxxxxxxxx et al. [12]. They propose efficient protocols for small-group key agreement and large-group key distribution. Unfortunately, their scheme for autonomous small group key agreement is not collusion resistant. Xxxxxxx Dondeti et al. modified OFT (One-way Function Tree) [20] to provide dynamic server elec- tion [14]. This protocol has same key tree structure and uses similar notations (e.g. keys, blinded keys). Other than expensive maintainence of secure channels described above, this protocol has expensive communication cost: Even for single join and leave, this protocol can take O(h) rounds to complete, when h is the height of the key tree. The authors do not consider merge and partition event, and also implementation. One advantage different from others is that their group key does not depend on a single entity. Xxxxx et al. [24] propose a decentralized group key distribution protocol extended from LKH protocol [30]. It tolerates network partitions and other network events. Even though this approach cannot help incurring basic disadvantages discussed above, authors reduce the communication and computational cost. In addition, authors use AVL tree to provide provable and efficient tree height.