学术文献库

Secure group communications are a mechanism facilitating protected transmission of messages from a sender to multiple receivers, and many emerging applications in both wired and wireless networks need the support of such a mechanism. There have been many secure group communication schemes in wired networks, which can be directly adopted in, or appropriately adapted to, wireless networks such as mobile ad hoc networks (MANETs) and sensor networks. In this paper we show that the popular group communication schemes that we have examined are vulnerable to the following attack: An outside adversary who compromises a certain legitimate group member could obtain {\em all} past and present group keys (and thus all the messages protected by them); this is in sharp contrast to the widely-accepted belief that a such adversary can only obtain the present group key (and thus the messages protected by it). In order to understand and deal with the attack, we formalize two security models for stateful and stateless group communication schemes. We show that some practical methods can make a {\em subclass} of existing group communication schemes immune to the attack.