Decentralized group key management for hierarchical access control using multilinear forms

Summary Key management becomes more difficult in multiprivileged group communications due to the dynamic membership and the complex relations between users and resources. Because centralized key management schemes have the drawbacks of the single point of failure, and performance bottleneck and distributed key management schemes are not scalable and lack of central control, decentralized key management schemes are proposed as a tradeoff between them. In this paper, we propose a decentralized group key management scheme using multilinear forms for dynamic multiprivileged groups. Once users join/leave the group and change their privileges, the related session keys should be updated. The rekeying in the joining operation is relatively simple because the keys are deduced from the previous keys based on a one‐way function. When rekeying for one leaving/switching operation, a uniform rekeying material is negotiated between the related service groups (SGs) by using multilinear forms. Compared with other schemes in which several rounds of negotiations are executed for rekeying in each joining/leaving/switching operation, only one round of negotiation is required in each leaving/switching operation of our decentralized group key management scheme. At last, the affected session keys can be deduced by the related SGs. Our proposed scheme also supports the dynamic formation and decomposition of SGs, which provides good scalability. Security analysis is provided to show that the proposed scheme is secure. The performance analysis and the simulation results show that the proposed scheme reduces the communication cost greatly. Copyright © 2014 John Wiley & Sons, Ltd.