WO2007123224A1 - Method of generating secure tickets for a new secure group, method of secure group communication, computing device having a recording medium, and network system - Google Patents

Method of generating secure tickets for a new secure group, method of secure group communication, computing device having a recording medium, and network system Download PDF

Info

Publication number
WO2007123224A1
WO2007123224A1 PCT/JP2007/058692 JP2007058692W WO2007123224A1 WO 2007123224 A1 WO2007123224 A1 WO 2007123224A1 JP 2007058692 W JP2007058692 W JP 2007058692W WO 2007123224 A1 WO2007123224 A1 WO 2007123224A1
Authority
WO
WIPO (PCT)
Prior art keywords
group
secure
new
key
members
Prior art date
Application number
PCT/JP2007/058692
Other languages
French (fr)
Inventor
Chuan-Feng Chiu
Original Assignee
Panasonic Corporation
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Panasonic Corporation filed Critical Panasonic Corporation
Publication of WO2007123224A1 publication Critical patent/WO2007123224A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/083Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP]
    • H04L9/0833Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP] involving conference or group key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/065Network architectures or network communication protocols for network security for supporting key management in a packet data network for group communications

Definitions

  • the invention relates to a method of group communication, and more particularly to a method and apparatus for creating secure tickets in dynamic group communication.
  • KDC key distribution center
  • Figure 1 shows a typical secure group communication system.
  • the system 1 includes a KDC 11 and a plurality of group members A, B, C and D.
  • Each of members A, B, C and D connects with others via the Internet 115.
  • members A and B belong to a secure group
  • members C and D belong to another secure group.
  • member A will first issue a request to the KDC 11 to retrieve a new secure group key (step 100).
  • secure tickets T A , T B , TC and T 0 each of which contains a secure group key k A ⁇ co are created for the members A, B, C and D of the new secure group, respectively (step 101 ).
  • the KDC 11 After encrypting the secure tickets T A , T B , T 0 and T D using existing corresponding keys W A , K B , k c and kp, the KDC 11 transmits the same to member A (step 102), who then distributes them to the other members B, C and D (steps 103, 104, 105).
  • the secure ticket T A is decrypted by member A using the key k A
  • the secure group key k AB C D is stored by member A.
  • members B, C and D can decrypt the secure tickets T B 1 T C and T D using k ⁇ , kc and ko respectively to derive the secure group key k AB C D as well.
  • a new secure group can be formed among members A, B, C and D based on the secure group key kABCD-
  • the KDC 11 when a group change occurs, such as when the original two groups are to form a new secure group, the KDC 11 must respectively create secure tickets T A , T 6 , TC and T D each of which includes the key k A BCD for members A, B, C and D of the new secure group.
  • the KDC 11 if the number of members of the new secure group is 4 (members A, B, C and D), the KDC 11 must create 4 secure tickets and transmit the same to members A, B, C and D after encryption using corresponding keys kA, k ⁇ , kc and k ⁇ .
  • the number of members of the new secure group to be formed becomes larger, the number of secure tickets created by the KDC 11 becomes correspondingly more, and the loading of the KDC 11 becomes correspondingly heavier.
  • the KDC 11 when a new member intends to join an original secure group, or when a member of an original secure group intends to leave the original secure group, the KDC 11 must create a new secure ticket for each member of the new secure group. For the KDC 11 , not only the computational amount grows larger, but the loading is also correspondingly heavier, thereby causing inefficiency.
  • U.S. Patent No. 6240188B1 discloses another group key management system and method, and provides secure many-to- many communication. Group keys are transmitted and managed through a key tree structure.
  • the problem of this patent is that: due to the hierarchy of the tree structure, when a new secure group is to be formed, a set of new group keys must be generated anew for the key tree structure. Therefore, for the central server that creates the group keys, not only its computational amount is larger, but its loading is also correspondingly larger.
  • U.S. Patent Application Publication No. 20050018853 provides a method of updating a secure group key in a group.
  • the restriction in this application is the same as that of the previous case in that there is a hierarchal tree structure. Therefore, when several groups are to form a new secure group, a set of new group keys must be generated anew for the key tree structure. For the central server that creates the group keys, not only its computational amount is still larger, but its loading is also correspondingly larger.
  • one object of the present invention is to provide a system and method for creating secure tickets using existing keys of original groups when a group change occurs, thereby reducing the number of secure tickets created, reducing the computational amount of a KDC, and reducing the loading of the KDC.
  • a method of generating secure tickets for a new secure group is provided, which is applied when a change occurs in a plurality of existing secure groups to form a new secure group.
  • Each of the existing secure groups includes at least one member and has a corresponding dedicated group key.
  • the method comprises the following steps when a group change notification is received. First, a new secure group key is generated according to the group change notification. Next, a combination that can form the new secure group in a minimum selection of the existing secure groups is found, and according to the relationship in the combination, secure tickets whose number corresponds to that of selected secure groups are generated, where each secure ticket has the new secure group key.
  • a computer-readable recording medium that can be disposed in a computing device so as to be read for executing the following steps. First, according to a received group change notification, a new secure group key is generated. Next, according to pre-formed keys, a minimum number of secure tickets that can protect all group members of a new secure group are generated, wherein each secure ticket has the new secure group key. Finally, a plurality of encrypted messages each of which contains a corresponding secure ticket and is encrypted using a corresponding key are outputted for securely conducting update of the new secure group key among all members of the new secure group.
  • a secure group network system constructed in an Internet environment is provided.
  • the secure group network system includes at least one secure group and a central key distribution center.
  • a group change notification will be issued to the central key distribution center to generate a new secure group key applicable to all group members of the new secure group.
  • a minimum number of secure tickets that can protect all group members of the new secure group are generated, wherein each secure ticket has the new secure group key.
  • a plurality of encrypted messages each of which contains a corresponding secure ticket and is encrypted using a corresponding key are respectively transmitted to all members of the new secure group for securely conducting update of the new secure group key.
  • Figure 1 is a system block diagram illustrating a conventional secure group communication system framework
  • Figure 2 is a flowchart to illustrate relevant steps executed by the conventional system when a group change occurs
  • Figure 3 is a system block diagram illustrating the preferred embodiment of a secure group communication system framework according to the present invention.
  • Figure 4 is a block diagram illustrating a central distribution server device in the preferred embodiment of this invention.
  • FIG. 5 is a block diagram illustrating a communication device in the preferred embodiment of this invention.
  • Figure 6 is a flowchart to illustrate the steps of the first preferred embodiment of this invention
  • Figure 7 is a flowchart to illustrate detailed steps of step 403 in Figure 6;
  • FIG. 8 is a flowchart to illustrate the steps of the second preferred embodiment of this invention.
  • FIG. 9 is a flowchart to illustrate the steps of the third preferred embodiment of this invention.
  • FIG. 10 is a flowchart to illustrate the steps of the fourth preferred embodiment of this invention.
  • Figure 11 is a schematic diagram to illustrate a form of data display in the first preferred embodiment of this invention.
  • Figure 12 is a schematic diagram to illustrate a form of data display in the second preferred embodiment of this invention.
  • Figure 13 is a schematic diagram to illustrate a form of data display in the third preferred embodiment of this invention.
  • Figure 14 is a schematic diagram to illustrate a form of data display in the fourth preferred embodiment of this invention.
  • the framework of a secure group network system 8 includes a key distribution center (hereinafter referred to as KDC) 80 and a plurality of group members A, B, C and D. Each of members A, B, C and D connects with others via the Internet 115.
  • KDC key distribution center
  • secure group may be a single member (such as member A) who has exchanged a key with the KDC 80 or a plurality of members who have a secure group key so as to be able to conduct secure communication thereamong.
  • the KDC 80 includes a central distribution server device 110 that has a network connection to the Internet 115 (see Figure 3).
  • the central distribution server device 110 includes a security unit 200 for conducting encryption/decryption operations, a key database 203 for storing keys, a key generating unit 204 for generating new secure group keys, a secure ticket generating unit 202 for generating secure tickets, and a processing unit 201 for coordinating the operations of the aforementioned units.
  • the aforementioned units can be software or firmware program stored in a computer-readable medium. When the program is read and executed by a conventional computer, a secure group key updating method based on the creation of secure tickets according to the present invention can be executed.
  • Suitable computer- readable media include, but are not limited to, optical discs, floppy discs, hard discs, and computer memories. Functionality of these units will be further described herein with reference to the steps of execution.
  • Each of group members A, B, C and D in Figure 3 includes a communication device 30 (see Figure 5) having computing functionality.
  • the internal block framework of each communication device 30 includes a security unit 300, a key database 303 and a processing unit 301. Functionality of these units will be further described herein with reference to the steps of execution.
  • the key database 203 of the KDC 80 when member A and member B form a secure group, and member C and member D form another secure group, the key database 203 of the KDC 80 then has corresponding keys K a , K b , K c , Kd, K a b and K C d stored therein.
  • member C and member D When one secure group intends to join another secure group, i.e. , when members A, B, C and D are to form a new secure group, first, member C and member D will each issue a join request to the group initiator (member A in this embodiment, step 400) to notify the KDC 80 of their participation. Then, the KDC 80 will receive a group initiation request (step 401 ) sent by the group initiator, i.e. , member A, to notify the KDC 80 that a new secure group including members A, B, C and D is to be formed.
  • the group initiation request includes a list (not shown) of all group members of the new secure group which, in this embodiment, includes members A, B 1 C and D.
  • the processing unit 201 will instruct the key generating unit 204 to generate a new secure group key K a bcd applicable to all members in the member list (step 402).
  • step 403 a minimum number of keys that can protect all group members of the new secure group are found.
  • the processing unit 201 finds from the key database 203 the minimum number of keys: K a b and K C d that can protect all members A, B, C and D of the new secure group.
  • step 403 includes the following steps: First, in step 4030, pre-formed secure group keys are discovered in the key database 203.
  • members of the pre-formed secure groups are members A and B and members C and D, respectively. Therefore, in step 4030, the key database 203 finds the corresponding secure group keys K a b and K C d- Then, in step 4031 , an arrangement of the secure group keys thus found is performed according to the number of members protected by each secure group key so as to assist in selecting a minimum number of group keys.
  • the key database 203 is examined for data of the selected secure group keys to determine whether all members of the new secure group have been selected (steps 4032 and 4033). Execution of subsequent steps is continued if the result is yes. If the result is no, according to the arrangement, one secure group key is selected so that the accumulated number of members under protection most approximates that of the new secure group (step 4034), and execution of steps 4032 to 4034 is repeated until all members have been selected.
  • step 4032 data of available secure group keys K a b and K Cd is examined in step 4032, showing that they are not selected, and it is determined in step 4033 that none of members A, B, C and D of the new secure group has been selected. Therefore, the flow proceeds to the step 4034 which chooses Kab protecting members A and B.
  • step 4032 it is known that K C d is not selected, and it is determined in step 4033 that members C and D of the new secure group have not been selected.
  • the flow proceeds to the step 4034 which chooses K C d protecting members C and D.
  • step 4032 it is known that K a b and Kcd have been selected, and it is determined in step 4033 that all members A, B, C and D of the new secure group have been selected. Therefore, the flow proceeds to the subsequent step 404.
  • step 404 is executed to generate secure tickets each of which includes the new secure group key and whose number corresponds to that of the selected secure keys.
  • the processing unit 201 will transmit the new secure group key K a bcd generated by the key generating unit 204 to the secure ticket generating unit 202.
  • the secure ticket generating unit 202 generates two corresponding secure tickets T a b and T C d, and embeds the new secure group key Kabcd therein.
  • the processing unit 201 retrieves from the key database 203 the corresponding keys K ab and K C d, and instructs the security unit 200 to form encrypted information K a b(T a b) and K C d(T C d) by encrypting the secure tickets T a b and T Cd respectively by the keys Kab and Kcd, which are transmitted to member A via the Internet 115 (step 405), whereby the new secure group key K a bod is securely transmitted to member A.
  • the KDC 80 will display the generated tickets and all group members corresponding thereto in an electronic data form (see Figure 11 ) on any device or medium capable of presenting data, such as an electronic display device or an electronic storage medium capable of recording data.
  • step 406 the new secure group key K a bcd is extracted from the secure ticket T a b after the decryption of the encrypted information K a b(T a b) using the internally stored key K a b, and the new secure group key K a bod is subsequently stored.
  • the security unit 300 of the communication device 30 will extract the corresponding key K a b from the key database 303 and decrypt the encrypted information K a b(T a b) to extract the new secure group key K a bcd-
  • the processing unit 301 then stores the new secure group key K a bcd in the key database 303.
  • member A who acts as the group initiator distributes the encrypted information K a b(T a b) to member B, and distributes the encrypted information K cd (T C d) to member C and member D (steps 408 and 409).
  • Member B performs decryption using the key K a b to extract from the secure ticket T ab the new secure group key K a t > cd, which is subsequently stored thereby (step 410).
  • member C and member D receive the encrypted information containing the secure ticket T C d, they will perform decryption using the key K C d to extract the new secure group key K a bcd, which is subsequently stored thereby (steps 411 and 412). How these are accomplished in practice are the same as that in step 406 and will not be described further.
  • members A, B, C and D of the new secure group have completed the procedure for secure updating of the new secure group key K a bcd, and can subsequently conduct secure group communication.
  • a minimum number of tickets T a b and T C d are generated corresponding to a minimum number of existing secure group keys Kab and Kcd that can protect all members of the secure group.
  • the computational amount of the KDC 80 can be dramatically lowered. The superior computational efficiency of the present invention will be more evident in situations where the number of group members is large.
  • the framework of the secure group network system 8 is the same as that of Figure 3, and the internal block frameworks of the KDC 80 and the communication device 30 included in each member are the same as those of the first preferred embodiment and will not be described further herein.
  • the situation depicted in this embodiment differs from the first preferred embodiment primarily in that, at this time, the secure group includes members A, B, C and D, and the flow steps executed are those when a new member E intends to join the secure group.
  • members A, B, C and D already formed a secure group at this time.
  • member E will first issue a join request to the group initiator, who is exemplified herein as member A (step 501 ).
  • member A After member A receives the join request, member A will transmit a group initiation request to the KDC 80 as a notification that members A, B, C, D and E are to form a new secure group (step 502).
  • the KDC 80 After the KDC 80 receives the group initiation request, the KDC 80 will first generate a new secure group key K a bcde applicable to all members in the member list (step 503), and according to current secure group data (members A, B, C and D), subsequently find a minimum number of keys, which are K a bcd and K e in this embodiment, that can protect all members A, B, C, D and E included in the new secure group (step 504).
  • the method of finding the minimum number of keys K a bcd and K e is the same as step 4030 to step 4034 of the first preferred embodiment and will not be described further herein.
  • the new secure group key Kabcde is embedded into correspondingly generated secure tickets T a bcd and T e (step 505).
  • the two secure tickets T abcd and T e are encrypted using the keys Kabcd and K e respectively to form encrypted information Kabcd(Tabcd) and K e (T e ), which are transmitted to member A (step 506).
  • the KDC 80 will display the generated tickets and all group members corresponding thereto on any device or medium capable of presenting data, such as an electronic display device or an electronic storage medium capable of recording data, as shown in Figure 12.
  • members A, B, C and D are in an existing secure group, members A, B, C and D all store the key K a t > cd-
  • the encrypted information K a bcd(T a bcd) is first decrypted using the key K a bcd to extract from the secure ticket T a bcd the new secure group key K a bcde, which is stored by member A (step 507).
  • member A distributes the encrypted information K a bcd(T a bcd) that includes the secure ticket T abC d to member B, member C and member D (steps 508, 509 and 510).
  • Member B, member C and member D likewise perform decryption of the encrypted information K a bcd(T a bod) using the key K a t >C d to extract from the secure ticket T a bcd the new secure group key K a bcde, which is subsequently stored thereby (steps 511 , 512, 513).
  • the encrypted information K e (T e ) is transmitted to member E.
  • member E After member E receives the encrypted information K e (T e ), member E performs decryption of the encrypted information K e (T e ) using the internally stored key K e to extract from the secure ticket T e the key Kabcde, which is subsequently stored thereby (step 515).
  • members A, B, C, D and E all have the key Kabcde, meaning that the flow for secure update of the new secure group key is completed, and thus all members of the new secure group can begin to conduct secure group communication.
  • the framework of the secure group network system 8 is the same as that of Figure 3, and the internal block frameworks of the KDC 80 and the communication device 30 included in each member are the same as those of the first preferred embodiment.
  • Member A and member B are originally included in a secure group.
  • Member C and member D are included in another secure group.
  • members A, B, C and D as a whole are further included in another larger secure group.
  • the flow steps executed are those when a member who is not the group initiator (exemplified as member B in this embodiment) intends to leave the original larger secure group.
  • members A, B, C and D already formed a secure group at this time.
  • member B will first issue a leave request to member A (step 601 ).
  • member A will transmit a group initiation request to the KDC 80 as a notification of forming a new secure group (step 602).
  • the KDC 80 After the KDC 80 receives the group initiation request, the KDC 80 will first generate a new secure group key K aC d (step 603), and according to the members A, C and D of the secure group to be formed, subsequently search pre-formed secure group keys through the flow of the aforesaid steps 4030 to 4034 ( Figure 7), thus finding a minimum number of keys, which are K a and K C d in this embodiment, that can protect members A, C, D of the new secure group (step 604). The new secure group key K aCd is then embedded into two correspondingly generated secure tickets T a and T C d (step 605).
  • the two secure tickets T a and T cd are encrypted using the key K 3 and key Kod respectively to form encrypted information K a (T a ) and K C d(T CC ⁇ ), which are transmitted to member A (step 606).
  • the KDC 80 will display the generated tickets and all group members corresponding thereto on any device or medium capable of presenting data, such as an electronic display device or an electronic storage medium capable of recording data, as shown in Figure 13.
  • step 607 after member A receives the encrypted information Ka(Ta) and K C d(T O d), the encrypted information K a (T a ) is decrypted using the internally stored key K a to extract from the secure ticket T 3 the new secure group key K ac d, which is subsequently stored by member A.
  • member A distributes the encrypted information K C d(T C d) to member C and member D.
  • member C and member D receive the encrypted information K C d(T C d)
  • member C and member D will decrypt the encrypted information Kcd(Tcd) using the corresponding key K C d to extract from the secure ticket Ted the new secure group key K aC d, which is subsequently stored thereby (steps 610 and 611 ).
  • members A, C and D of the new secure group have completed the flow for secure update of the new secure group key K a c d , and all members of the new secure group can begin to conduct secure communication.
  • the framework of the secure group network system 8 is the same as that of Figure 3, and the internal block frameworks of the KDC 80 and the communication device 30 included in each member are the same as those of the first preferred embodiment.
  • Member A and member B are originally included in a secure group.
  • Member C and member D are included in another secure group.
  • members A, B, C and D as a whole are further included in another larger secure group.
  • the flow steps of group change executed are those when a group initiator (exemplified as member A in this embodiment) intends to leave the original larger secure group.
  • member A when member A intends to leave the original secure group, member A will first issue a leave request in step 701 to the KDC 80 so as to notify the KDC 80 of its leaving the original secure group and so as to designate a new group initiator. Aside from a command to request the generation of a new secure group key, the leave request further includes data of the newly designated group initiator. In this embodiment, the newly designated group initiator is member B.
  • step 702 the KDC 80 generates a new secure group key Kbcd according to the command requesting the generation of the new secure group key, and according to the existing secure group keys, finds a minimum number of keys, which are Kb and K Cd in this embodiment, needed to form a minimum number of secure tickets that can protect members B, C and D in the new secure group through the flow of the aforesaid steps 4030 to 4034 (see Figure 7) (step 703), and generates corresponding secure tickets Tb and T oc j each of which includes the new secure group key K bC d (step 704).
  • the two secure tickets Tb and T ed are encrypted using the key Kb and key K O d respectively to form encrypted information Kb(Tb) and K C d(T C d), which are transmitted to member B (step 705).
  • the KDC 80 will display the generated tickets and all group members corresponding thereto on any device or medium capable of presenting data, such as an electronic display device or an electronic storage medium capable of recording data, as shown in Figure 14.
  • step 706 after member B receives the encrypted information Kb(Tb) and K C d(T C d), the encrypted information Kb(Tb) is decrypted using the internally stored key Kb to extract from the secure ticket Tb the new secure group key Kbcd, which is subsequently stored by member B.
  • the encrypted information Kcd(Tcd) is transmitted to member C and member D (step 707 and step 708).
  • member C and member D receive the encrypted information K O d(T C d)
  • member C and member D will decrypt the encrypted information K C d(T C d) using the internally stored key K C d to extract from the secure ticket T C d the new secure group key Kbcd, which is subsequently stored thereby (step 709 and step 710).
  • members B, C and D of the new secure group have completed the flow for secure update of the new secure group key Kbcd, and all members of the new secure group can begin to conduct secure communication.
  • the secure keys of all members and secure groups will be stored in the KDC 80, and each member only stores the secure keys of involved secure groups and a personal key, which will not cause a storage burden of secure keys.
  • creating a minimum number of secure tickets that can protect all secure group members from originally existing secure group keys outperforms the prior art that requires the creation of a secure ticket for each member of a new secure group, where the number of created secure tickets and the computational amount of the KDC 80 can be reduced to lower the loading of the KDC 80 correspondingly, thereby achieving enhancement in efficiency of secure update of new secure group keys.
  • the present invention can be applied to a method of generating secure tickets for a new secure group, a method of secure group communication, a computing device having a recording medium, and a network system.

Abstract

A method of generating secure tickets for a new secure group is characterized by that, when a group change occurs in an original secure group, such as joining or leaving of a secure group, a central server center will be notified to find a minimum number of keys that can protect all group members of the new secure group and to subsequently generate a corresponding number of secure tickets each of which contains a new secure group key. Finally, after encryption using corresponding keys, encrypted messages with each containing a corresponding secure ticket are sent to all members of the new secure group for secure update of the new secure group key. Therefore, the number of secure tickets created by the central server center can be lowered to reduce computational amount and to reduce loading.

Description

DESCRIPTION
METHOD OF GENERATING SECURE TICKETS
FOR A NEW SECURE GROUP, METHOD OF SECURE GROUP COMMUNICATION,
COMPUTING DEVICE HAVING A RECORDING MEDIUM,
AND NETWORK SYSTEM
Technical Field The invention relates to a method of group communication, and more particularly to a method and apparatus for creating secure tickets in dynamic group communication.
Background Art With the progress and convenience of communication services, services constructed on group communication, such as video conferences, internet telephones, chat rooms, etc., are increasing day by day. In group communication, ensuring privacy of communication is an important consideration, and therefore in order to establish the security of group communication, a secure group key is usually utilized to protect information transmitted in a group. This secure group key is generated by a key distribution center (hereinafter referred to as KDC) and is sent to group members.
Figure 1 shows a typical secure group communication system. The system 1 includes a KDC 11 and a plurality of group members A, B, C and D. Each of members A, B, C and D connects with others via the Internet 115. With further reference to Figure 2, in the following example, it is assumed that members A and B belong to a secure group, and members C and D belong to another secure group. When members A, B, C and D intend to form a new secure group, with member A as a group initiator (or group leader), member A will first issue a request to the KDC 11 to retrieve a new secure group key (step 100). When the KDC 11 receives this request, secure tickets TA, TB, TC and T0 each of which contains a secure group key kAβco are created for the members A, B, C and D of the new secure group, respectively (step 101 ). After encrypting the secure tickets TA, TB, T0 and TD using existing corresponding keys WA, KB, kc and kp, the KDC 11 transmits the same to member A (step 102), who then distributes them to the other members B, C and D (steps 103, 104, 105). After the secure ticket TA is decrypted by member A using the key kA, the secure group key kABCD is stored by member A. Likewise, members B, C and D can decrypt the secure tickets TB 1TC and TD using kβ, kc and ko respectively to derive the secure group key kABCD as well.
After the aforementioned steps, a new secure group can be formed among members A, B, C and D based on the secure group key kABCD-
It is apparent from the foregoing that, when a group change occurs, such as when the original two groups are to form a new secure group, the KDC 11 must respectively create secure tickets TA, T6, TC and TD each of which includes the key kABCD for members A, B, C and D of the new secure group. In the above example, if the number of members of the new secure group is 4 (members A, B, C and D), the KDC 11 must create 4 secure tickets and transmit the same to members A, B, C and D after encryption using corresponding keys kA, kβ, kc and kσ. In other words, when the number of members of the new secure group to be formed becomes larger, the number of secure tickets created by the KDC 11 becomes correspondingly more, and the loading of the KDC 11 becomes correspondingly heavier.
The above problem will also occur in the following situations of group change, including but not limited to the following situations: when a new member intends to join an original secure group, or when a member of an original secure group intends to leave the original secure group, the KDC 11 must create a new secure ticket for each member of the new secure group. For the KDC 11 , not only the computational amount grows larger, but the loading is also correspondingly heavier, thereby causing inefficiency.
Currently, there are a number of applications related to generation and distribution of group keys in group communication. For example, in U.S. Patent Application Publication No. 20050050004, receiving a group key from a neighboring wireless device, one can join a specific secure group. However, the problem with this application is that, when the number of members in the secure group is large, since members must have shared keys thereamong, each wireless device must store a large amount of secure keys. In other words, each member has to store the secure key of every other member and keys of all secure groups, thereby resulting in a storage burden of secure keys for wireless devices.
U.S. Patent No. 6240188B1 discloses another group key management system and method, and provides secure many-to- many communication. Group keys are transmitted and managed through a key tree structure. The problem of this patent is that: due to the hierarchy of the tree structure, when a new secure group is to be formed, a set of new group keys must be generated anew for the key tree structure. Therefore, for the central server that creates the group keys, not only its computational amount is larger, but its loading is also correspondingly larger.
U.S. Patent Application Publication No. 20050018853 provides a method of updating a secure group key in a group. The restriction in this application is the same as that of the previous case in that there is a hierarchal tree structure. Therefore, when several groups are to form a new secure group, a set of new group keys must be generated anew for the key tree structure. For the central server that creates the group keys, not only its computational amount is still larger, but its loading is also correspondingly larger.
D i s c l o s u re of I n v e n t i o n
Therefore, one object of the present invention is to provide a system and method for creating secure tickets using existing keys of original groups when a group change occurs, thereby reducing the number of secure tickets created, reducing the computational amount of a KDC, and reducing the loading of the KDC.
According to one aspect of the present invention, a method of generating secure tickets for a new secure group is provided, which is applied when a change occurs in a plurality of existing secure groups to form a new secure group. Each of the existing secure groups includes at least one member and has a corresponding dedicated group key. The method comprises the following steps when a group change notification is received. First, a new secure group key is generated according to the group change notification. Next, a combination that can form the new secure group in a minimum selection of the existing secure groups is found, and according to the relationship in the combination, secure tickets whose number corresponds to that of selected secure groups are generated, where each secure ticket has the new secure group key.
According to another aspect of the present invention, a computer-readable recording medium that can be disposed in a computing device so as to be read for executing the following steps is provided. First, according to a received group change notification, a new secure group key is generated. Next, according to pre-formed keys, a minimum number of secure tickets that can protect all group members of a new secure group are generated, wherein each secure ticket has the new secure group key. Finally, a plurality of encrypted messages each of which contains a corresponding secure ticket and is encrypted using a corresponding key are outputted for securely conducting update of the new secure group key among all members of the new secure group. According to yet another aspect of the present invention, a secure group network system constructed in an Internet environment is provided. The secure group network system includes at least one secure group and a central key distribution center. When a group change occurs to form a new secure group, a group change notification will be issued to the central key distribution center to generate a new secure group key applicable to all group members of the new secure group. Then, a minimum number of secure tickets that can protect all group members of the new secure group are generated, wherein each secure ticket has the new secure group key. Finally, a plurality of encrypted messages each of which contains a corresponding secure ticket and is encrypted using a corresponding key are respectively transmitted to all members of the new secure group for securely conducting update of the new secure group key. B r i ef D e s c r i p t i o n of D r aw i n g s
Other features and advantages of the present invention will become apparent in the following detailed description of the preferred embodiments with reference to the accompanying drawings, of which:
Figure 1 is a system block diagram illustrating a conventional secure group communication system framework;
Figure 2 is a flowchart to illustrate relevant steps executed by the conventional system when a group change occurs;
Figure 3 is a system block diagram illustrating the preferred embodiment of a secure group communication system framework according to the present invention;
Figure 4 is a block diagram illustrating a central distribution server device in the preferred embodiment of this invention;
Figure 5 is a block diagram illustrating a communication device in the preferred embodiment of this invention;
Figure 6 is a flowchart to illustrate the steps of the first preferred embodiment of this invention; Figure 7 is a flowchart to illustrate detailed steps of step 403 in Figure 6;
Figure 8 is a flowchart to illustrate the steps of the second preferred embodiment of this invention;
Figure 9 is a flowchart to illustrate the steps of the third preferred embodiment of this invention;
Figure 10 is a flowchart to illustrate the steps of the fourth preferred embodiment of this invention;
Figure 11 is a schematic diagram to illustrate a form of data display in the first preferred embodiment of this invention;
Figure 12 is a schematic diagram to illustrate a form of data display in the second preferred embodiment of this invention;
Figure 13 is a schematic diagram to illustrate a form of data display in the third preferred embodiment of this invention; and
Figure 14 is a schematic diagram to illustrate a form of data display in the fourth preferred embodiment of this invention.
B e s t M o d e f o r C a r ry i n g O u t t h e I n v e n t i o n Before the present invention is described in greater detail, it should be noted that, in the following description, like elements are denoted by the same reference numbers. First Preferred Embodiment Referring to Figure 3, in the first preferred embodiment of the present invention, the framework of a secure group network system 8 includes a key distribution center (hereinafter referred to as KDC) 80 and a plurality of group members A, B, C and D. Each of members A, B, C and D connects with others via the Internet 115.
The term "secure group" as used herein may be a single member (such as member A) who has exchanged a key with the KDC 80 or a plurality of members who have a secure group key so as to be able to conduct secure communication thereamong.
Referring to Figure 4, the KDC 80 includes a central distribution server device 110 that has a network connection to the Internet 115 (see Figure 3). The central distribution server device 110 includes a security unit 200 for conducting encryption/decryption operations, a key database 203 for storing keys, a key generating unit 204 for generating new secure group keys, a secure ticket generating unit 202 for generating secure tickets, and a processing unit 201 for coordinating the operations of the aforementioned units. The aforementioned units can be software or firmware program stored in a computer-readable medium. When the program is read and executed by a conventional computer, a secure group key updating method based on the creation of secure tickets according to the present invention can be executed. Suitable computer- readable media include, but are not limited to, optical discs, floppy discs, hard discs, and computer memories. Functionality of these units will be further described herein with reference to the steps of execution.
Each of group members A, B, C and D in Figure 3 includes a communication device 30 (see Figure 5) having computing functionality. The internal block framework of each communication device 30 includes a security unit 300, a key database 303 and a processing unit 301. Functionality of these units will be further described herein with reference to the steps of execution.
Referring to Figure 4, Figure 5 and Figure 6, when member A and member B form a secure group, and member C and member D form another secure group, the key database 203 of the KDC 80 then has corresponding keys Ka, Kb, Kc, Kd, Kab and KCd stored therein. When one secure group intends to join another secure group, i.e. , when members A, B, C and D are to form a new secure group, first, member C and member D will each issue a join request to the group initiator (member A in this embodiment, step 400) to notify the KDC 80 of their participation. Then, the KDC 80 will receive a group initiation request (step 401 ) sent by the group initiator, i.e. , member A, to notify the KDC 80 that a new secure group including members A, B, C and D is to be formed.
The group initiation request includes a list (not shown) of all group members of the new secure group which, in this embodiment, includes members A, B1 C and D. After the KDC 80 receives the group initiation request, the processing unit 201 will instruct the key generating unit 204 to generate a new secure group key Kabcd applicable to all members in the member list (step 402).
Thereafter, in step 403, a minimum number of keys that can protect all group members of the new secure group are found. In particular, according to the member information of pre-formed secure groups (in this embodiment, there are two secure groups, one including members A and B, the other including members C and D), the processing unit 201 finds from the key database 203 the minimum number of keys: Kab and KCd that can protect all members A, B, C and D of the new secure group.
With further reference to Figure 7, the detailed flow of step 403 includes the following steps: First, in step 4030, pre-formed secure group keys are discovered in the key database 203. In this embodiment, members of the pre-formed secure groups are members A and B and members C and D, respectively. Therefore, in step 4030, the key database 203 finds the corresponding secure group keys Kab and KCd- Then, in step 4031 , an arrangement of the secure group keys thus found is performed according to the number of members protected by each secure group key so as to assist in selecting a minimum number of group keys. For example, in this embodiment, because the numbers of members included in the two keys are the same, the order of the keys after arrangement is still Kab followed by Kcd- Subsequently, the key database 203 is examined for data of the selected secure group keys to determine whether all members of the new secure group have been selected (steps 4032 and 4033). Execution of subsequent steps is continued if the result is yes. If the result is no, according to the arrangement, one secure group key is selected so that the accumulated number of members under protection most approximates that of the new secure group (step 4034), and execution of steps 4032 to 4034 is repeated until all members have been selected. In this embodiment, data of available secure group keys Kab and KCd is examined in step 4032, showing that they are not selected, and it is determined in step 4033 that none of members A, B, C and D of the new secure group has been selected. Therefore, the flow proceeds to the step 4034 which chooses Kab protecting members A and B. Back to step 4032, it is known that KCd is not selected, and it is determined in step 4033 that members C and D of the new secure group have not been selected. Hence, the flow proceeds to the step 4034 which chooses KCd protecting members C and D. Last, in step 4032, it is known that Kab and Kcd have been selected, and it is determined in step 4033 that all members A, B, C and D of the new secure group have been selected. Therefore, the flow proceeds to the subsequent step 404.
Referring again to Figure 6, after all secure keys are found, step 404 is executed to generate secure tickets each of which includes the new secure group key and whose number corresponds to that of the selected secure keys. In particular, after finding the minimum number of keys: Kab and KCd, that can protect members A, B, C and D of the new secure group in step 403, the processing unit 201 will transmit the new secure group key Kabcd generated by the key generating unit 204 to the secure ticket generating unit 202. The secure ticket generating unit 202 generates two corresponding secure tickets Tab and TCd, and embeds the new secure group key Kabcd therein. Finally, the processing unit 201 retrieves from the key database 203 the corresponding keys Kab and KCd, and instructs the security unit 200 to form encrypted information Kab(Tab) and KCd(TCd) by encrypting the secure tickets Tab and TCd respectively by the keys Kab and Kcd, which are transmitted to member A via the Internet 115 (step 405), whereby the new secure group key Kabod is securely transmitted to member A. At the same time, the KDC 80 will display the generated tickets and all group members corresponding thereto in an electronic data form (see Figure 11 ) on any device or medium capable of presenting data, such as an electronic display device or an electronic storage medium capable of recording data. After member A receives the encrypted information Kab(Tab) and Kcd(Tcd), the flow proceeds to step 406 where the new secure group key Kabcd is extracted from the secure ticket Tab after the decryption of the encrypted information Kab(Tab) using the internally stored key Kab, and the new secure group key Kabod is subsequently stored. In particular, after member A receives the encrypted information Kab(Tab), the security unit 300 of the communication device 30 will extract the corresponding key Kab from the key database 303 and decrypt the encrypted information Kab(Tab) to extract the new secure group key Kabcd- The processing unit 301 then stores the new secure group key Kabcd in the key database 303. In step 407, member A who acts as the group initiator distributes the encrypted information Kab(Tab) to member B, and distributes the encrypted information Kcd(TCd) to member C and member D (steps 408 and 409).
Member B performs decryption using the key Kab to extract from the secure ticket Tab the new secure group key Kat>cd, which is subsequently stored thereby (step 410). Likewise, after member C and member D receive the encrypted information containing the secure ticket TCd, they will perform decryption using the key KCd to extract the new secure group key Kabcd, which is subsequently stored thereby (steps 411 and 412). How these are accomplished in practice are the same as that in step 406 and will not be described further.
Accordingly, members A, B, C and D of the new secure group have completed the procedure for secure updating of the new secure group key Kabcd, and can subsequently conduct secure group communication. It is apparent from the foregoing that, in the present invention, a minimum number of tickets Tab and TCd are generated corresponding to a minimum number of existing secure group keys Kab and Kcd that can protect all members of the secure group. Compared to the conventional technique, in which a corresponding secure ticket (TA, TB, TC, TD) is generated for the key (kA, kB, kc, kD) of each member, the computational amount of the KDC 80 can be dramatically lowered. The superior computational efficiency of the present invention will be more evident in situations where the number of group members is large. Second Preferred Embodiment
In the second preferred embodiment of this invention, the framework of the secure group network system 8 is the same as that of Figure 3, and the internal block frameworks of the KDC 80 and the communication device 30 included in each member are the same as those of the first preferred embodiment and will not be described further herein. The situation depicted in this embodiment differs from the first preferred embodiment primarily in that, at this time, the secure group includes members A, B, C and D, and the flow steps executed are those when a new member E intends to join the secure group.
Referring to Figure 8, in this embodiment, members A, B, C and D already formed a secure group at this time. When a new member E intends to join the group, member E will first issue a join request to the group initiator, who is exemplified herein as member A (step 501 ). After member A receives the join request, member A will transmit a group initiation request to the KDC 80 as a notification that members A, B, C, D and E are to form a new secure group (step 502). After the KDC 80 receives the group initiation request, the KDC 80 will first generate a new secure group key Kabcde applicable to all members in the member list (step 503), and according to current secure group data (members A, B, C and D), subsequently find a minimum number of keys, which are Kabcd and Ke in this embodiment, that can protect all members A, B, C, D and E included in the new secure group (step 504). The method of finding the minimum number of keys Kabcd and Ke is the same as step 4030 to step 4034 of the first preferred embodiment and will not be described further herein. Subsequently, the new secure group key Kabcde is embedded into correspondingly generated secure tickets Tabcd and Te (step 505). Finally, the two secure tickets Tabcd and Te are encrypted using the keys Kabcd and Ke respectively to form encrypted information Kabcd(Tabcd) and Ke(Te), which are transmitted to member A (step 506). At the same time, the KDC 80 will display the generated tickets and all group members corresponding thereto on any device or medium capable of presenting data, such as an electronic display device or an electronic storage medium capable of recording data, as shown in Figure 12.
Since members A, B, C and D are in an existing secure group, members A, B, C and D all store the key Kat>cd- After member A receives the encrypted information Kabcd(Tabcd), the encrypted information Kabcd(Tabcd) is first decrypted using the key Kabcd to extract from the secure ticket Tabcd the new secure group key Kabcde, which is stored by member A (step 507). Thereafter, member A distributes the encrypted information Kabcd(Tabcd) that includes the secure ticket TabCd to member B, member C and member D (steps 508, 509 and 510). Member B, member C and member D likewise perform decryption of the encrypted information Kabcd(Tabod) using the key Kat>Cd to extract from the secure ticket Tabcd the new secure group key Kabcde, which is subsequently stored thereby (steps 511 , 512, 513). In step 514, the encrypted information Ke(Te) is transmitted to member E. After member E receives the encrypted information Ke(Te), member E performs decryption of the encrypted information Ke(Te) using the internally stored key Ke to extract from the secure ticket Te the key Kabcde, which is subsequently stored thereby (step 515). At this time, members A, B, C, D and E all have the key Kabcde, meaning that the flow for secure update of the new secure group key is completed, and thus all members of the new secure group can begin to conduct secure group communication. Third Preferred Embodiment
In the third preferred embodiment of this invention, the framework of the secure group network system 8 is the same as that of Figure 3, and the internal block frameworks of the KDC 80 and the communication device 30 included in each member are the same as those of the first preferred embodiment. Member A and member B are originally included in a secure group. Member C and member D are included in another secure group. Moreover, members A, B, C and D as a whole are further included in another larger secure group. In the situation depicted in this embodiment, the flow steps executed are those when a member who is not the group initiator (exemplified as member B in this embodiment) intends to leave the original larger secure group.
Referring to Figure 9, in this embodiment, members A, B, C and D already formed a secure group at this time. When member B intends to leave the group, member B will first issue a leave request to member A (step 601 ). After member A receives the leave request, member A will transmit a group initiation request to the KDC 80 as a notification of forming a new secure group (step 602). After the KDC 80 receives the group initiation request, the KDC 80 will first generate a new secure group key KaCd (step 603), and according to the members A, C and D of the secure group to be formed, subsequently search pre-formed secure group keys through the flow of the aforesaid steps 4030 to 4034 (Figure 7), thus finding a minimum number of keys, which are Ka and KCd in this embodiment, that can protect members A, C, D of the new secure group (step 604). The new secure group key KaCd is then embedded into two correspondingly generated secure tickets Ta and TCd (step 605). The two secure tickets Ta and Tcd are encrypted using the key K3 and key Kod respectively to form encrypted information Ka(Ta) and KCd(TCCι), which are transmitted to member A (step 606). At the same time, the KDC 80 will display the generated tickets and all group members corresponding thereto on any device or medium capable of presenting data, such as an electronic display device or an electronic storage medium capable of recording data, as shown in Figure 13.
In step 607, after member A receives the encrypted information Ka(Ta) and KCd(TOd), the encrypted information Ka(Ta) is decrypted using the internally stored key Ka to extract from the secure ticket T3 the new secure group key Kacd, which is subsequently stored by member A.
Thereafter, in steps 608 and 609, member A distributes the encrypted information KCd(TCd) to member C and member D. When member C and member D receive the encrypted information KCd(TCd), member C and member D will decrypt the encrypted information Kcd(Tcd) using the corresponding key KCd to extract from the secure ticket Ted the new secure group key KaCd, which is subsequently stored thereby (steps 610 and 611 ).
Accordingly, members A, C and D of the new secure group have completed the flow for secure update of the new secure group key Kacd, and all members of the new secure group can begin to conduct secure communication. Fourth Preferred Embodiment
In the fourth preferred embodiment of this invention, the framework of the secure group network system 8 is the same as that of Figure 3, and the internal block frameworks of the KDC 80 and the communication device 30 included in each member are the same as those of the first preferred embodiment. Member A and member B are originally included in a secure group. Member C and member D are included in another secure group. Moreover, members A, B, C and D as a whole are further included in another larger secure group. In the situation depicted in this embodiment, the flow steps of group change executed are those when a group initiator (exemplified as member A in this embodiment) intends to leave the original larger secure group. Referring to Figure 10, when member A intends to leave the original secure group, member A will first issue a leave request in step 701 to the KDC 80 so as to notify the KDC 80 of its leaving the original secure group and so as to designate a new group initiator. Aside from a command to request the generation of a new secure group key, the leave request further includes data of the newly designated group initiator. In this embodiment, the newly designated group initiator is member B. Then, in step 702, the KDC 80 generates a new secure group key Kbcd according to the command requesting the generation of the new secure group key, and according to the existing secure group keys, finds a minimum number of keys, which are Kb and KCd in this embodiment, needed to form a minimum number of secure tickets that can protect members B, C and D in the new secure group through the flow of the aforesaid steps 4030 to 4034 (see Figure 7) (step 703), and generates corresponding secure tickets Tb and Tocj each of which includes the new secure group key KbCd (step 704). The two secure tickets Tb and Ted are encrypted using the key Kb and key KOd respectively to form encrypted information Kb(Tb) and KCd(TCd), which are transmitted to member B (step 705). At the same time, the KDC 80 will display the generated tickets and all group members corresponding thereto on any device or medium capable of presenting data, such as an electronic display device or an electronic storage medium capable of recording data, as shown in Figure 14.
In step 706, after member B receives the encrypted information Kb(Tb) and KCd(TCd), the encrypted information Kb(Tb) is decrypted using the internally stored key Kb to extract from the secure ticket Tb the new secure group key Kbcd, which is subsequently stored by member B. The encrypted information Kcd(Tcd) is transmitted to member C and member D (step 707 and step 708). When member C and member D receive the encrypted information KOd(TCd), member C and member D will decrypt the encrypted information KCd(TCd) using the internally stored key KCd to extract from the secure ticket TCd the new secure group key Kbcd, which is subsequently stored thereby (step 709 and step 710).
Accordingly, members B, C and D of the new secure group have completed the flow for secure update of the new secure group key Kbcd, and all members of the new secure group can begin to conduct secure communication.
In sum, in the method of the present invention, the secure keys of all members and secure groups will be stored in the KDC 80, and each member only stores the secure keys of involved secure groups and a personal key, which will not cause a storage burden of secure keys. Moreover, creating a minimum number of secure tickets that can protect all secure group members from originally existing secure group keys outperforms the prior art that requires the creation of a secure ticket for each member of a new secure group, where the number of created secure tickets and the computational amount of the KDC 80 can be reduced to lower the loading of the KDC 80 correspondingly, thereby achieving enhancement in efficiency of secure update of new secure group keys. While the present invention has been described in connection with what are considered the most practical and preferred embodiments, it is understood that this invention is not limited to the disclosed embodiments but is intended to cover various arrangements included within the spirit and scope of the broadest interpretation so as to encompass all such modifications and equivalent arrangements.
Industrial Applicability
The present invention can be applied to a method of generating secure tickets for a new secure group, a method of secure group communication, a computing device having a recording medium, and a network system.

Claims

C LA I M S
1. A method of generating secure tickets for a new secure group, which is applied when a change occurs in a plurality of existing secure groups to form a new secure group, each of the existing secure groups including at least one member and having a corresponding dedicated group key; the method comprising the following steps when a group change notification is received:
(A) generating a new secure group key according to the received group change notification; and
(B) according to the existing secure groups, finding a combination that can form the new secure group in a minimum selection of the existing secure groups, and according to the relationship in the combination, generating secure tickets whose number corresponds to that of selected secure groups, wherein each of the secure tickets has the new secure group key.
2. The method of generating secure tickets for a new secure group as claimed in claim 1 , wherein, in step (A), the group change notification was issued by a member of an existing secure group who acts as a group initiator, the notification including a group initiation request with a new secure group member list upon which the new secure group key applicable to all members in the member list is generated.
3. The method of generating secure tickets for a new secure group as claimed in claim 2, wherein, prior to the transmission of the group initiation request in step (A), the method further comprises a step of receiving a group join request sent by a member intending to join the group to the group initiator.
4. The method of generating secure tickets for a new secure group as claimed in claim 2, wherein, prior to the transmission of the group initiation request in step (A), the method further comprises a step of receiving a group leave request sent by a member intending to leave an original secure group to the group initiator.
5. The method of generating secure tickets for a new secure group as claimed in claim 2, wherein, in step (A), the group change notification further includes a new group initiator designation message for designating a new group initiator.
6. The method of generating secure tickets for a new secure group as claimed in claim 5, wherein, in step (B), a plurality of messages each of which contains a corresponding secure ticket and is encrypted using a corresponding group key in the selected secure groups are generated, the encrypted messages being first delivered to the new group initiator and subsequently being distributed to other corresponding members of the new secure group, where the new secure group key can be obtained after decryption using the corresponding group key.
7. The method of generating secure tickets for a new secure group as claimed in claim 2, wherein, in step (B), a plurality of messages each of which contains a corresponding secure ticket and is encrypted using a corresponding group key in the selected secure groups are generated, the encrypted messages being first delivered to the group initiator and subsequently being distributed to other corresponding members of the new secure group, where the new secure group key can be obtained after decryption using the corresponding group key.
8. The method of generating secure tickets for a new secure group as claimed in claim 1 , wherein, in step (B), the generation of the secure tickets whose number corresponds to that of the selected secure groups includes the following sub-steps:
(B1 ) discovering existing group keys; (B2) performing an arrangement of the group keys according to the number of members protected by each group key;
(B3) determining if all members of the new secure group have already been included; generating secure tickets whose number corresponds to that of the selected secure groups, if the result is yes; executing step (B4) if the result is no; and
(B4) selecting a group key from existing group keys according to the arrangement so that the accumulated number of members under protection most approximates that of the new secure group, and returning to step (B3).
9. A method of secure group communication using pre-formed keys to create secure tickets, which is adapted for use in a network, the network having at least one secure group, the secure group including at least one member and having a corresponding dedicated key, the method including the following steps: (A) issuing a group change notification when a group change occurs in the secure groups, the group change notification being used to generate a new secure group key applicable to all group members of a new secure group;
(B) according to the pre-formed keys, generating a minimum number of secure tickets that can protect all group members of the new secure group, wherein each of the secure tickets has the new secure group key; and
(C) respectively transmitting to all members of the new secure group a plurality of messages each of which contains a corresponding secure ticket and is encrypted using a corresponding key, the encrypted messages being used to securely conduct update procedure of the new secure group key among all members of the new secure group.
10. The method of secure group communication using pre-formed keys to create secure tickets as claimed in claim 9, wherein one member is a group initiator, and the group change notification issued by the group initiator in step (A) includes a group initiation request that has a new secure group member list upon which the new secure group key applicable to all members in the member list is generated.
11 . The method of secure group communication using pre-formed keys to create secure tickets as claimed in claim 10, wherein, prior to the transmission of the group initiation request in step (A), the method further comprises a step of receiving a group join request sent by a member intending to join the group to the group initiator.
12. The method of secure group communication using pre-formed keys to create secure tickets as claimed in claim 10, wherein, prior to the transmission of the group initiation request in step (A), the method further comprises a step of receiving a group leave request sent by a member intending to leave an original secure group to the group initiator.
13. The method of secure group communication using pre-formed keys to create secure tickets as claimed in claim 10, wherein, in step (A), the group change notification further includes a new group initiator designation message for designating a new group initiator.
14. The method of secure group communication using pre-formed keys to create secure tickets as claimed in claim 9, wherein, in step (B), the generation of the minimum number of secure tickets that can protect all group members of the new secure group includes the following sub-steps:
(B1 ) discovering the pre-formed keys; (B2) performing an arrangement of the pre-formed keys according to the number of members protected by each key;
(B3) determining if all members of the new secure group have already been included; generating secure tickets whose number corresponds to that of the selected keys, if the result is yes; executing step (B4) if the result is no; and
(B4) selecting a key from the pre-formed keys according to the arrangement so that the accumulated number of members under protection most approximates that of the new secure group, and returning to step (B3).
15. The method of secure group communication using pre-formed keys to create secure tickets as claimed in claim 9, the secure group including a group initiator, wherein, in step (C), securely conducting the update procedure of the new secure group key among all members of the new secure group includes: transmitting the plurality of encrypted messages to the group initiator for subsequent distribution to other corresponding members of the new secure group, where the new secure group key can be obtained after decryption using the corresponding key.
16. A computing device having a recording medium for creating secure tickets using pre-formed keys to ensure security of group communication, said device executing the following steps:
(A) according to the receipt of a group change notification, generating a new secure group key applicable to all group members of a new secure group;
(B) according to the pre-formed keys, generating a minimum number of secure tickets that can protect all group members of the new secure group, wherein each of the secure tickets has the new secure group key; and
(C) respectively outputting to all members of the new secure group a plurality of messages each of which contains a corresponding secure ticket and is encrypted using a corresponding key, the encrypted messages being used to securely conduct update procedure of the new secure group key among all members of the new secure group.
17. The computing device having a recording medium as claimed in claim 16, wherein, in step (A), the group change notification includes a group initiation request having a new secure group member list upon which the new secure group key applicable to all members in the member list is generated.
18. The computing device having a recording medium as claimed in claim 16, wherein, in step (B), the generation of the minimum number of secure tickets that can protect all group members of the new secure group includes the following sub-steps: (B1 ) discovering the pre-formed keys;
(B2) performing an arrangement of the pre-formed keys according to the number of members protected by each key;
(B3) determining if all members of the new secure group have already been included; generating secure tickets whose number corresponds to that of the selected keys, if the result is yes; executing step (B4) if the result is no; and
(B4) selecting a key from the pre-formed keys according to the arrangement so that the accumulated number of members under protection most approximates that of the new secure group, and returning to step (B3).
19. The computing device having a recording medium as claimed in claim 16, wherein, in step (B) for the generated minimum number of secure tickets that can protect all group members of the new secure group, information of all included group members and the secure tickets thus generated are displayed in an electronic data form on any electronic display device that can display data.
20. The computing device having a recording medium as claimed in claim 16, wherein, in step (B) for the generated minimum number of secure tickets that can protect all group members of the new secure group, information of all included group members and the secure tickets thus generated are stored in an electronic data form in an electronic storage medium.
21. A server device to be included in a secure group network system for establishing network connections among secure groups, said server device comprising: a key database for storing keys; a key generating unit for generating a new secure group key; a secure ticket generating unit for generating secure tickets; and a processing unit for coordinating the operations of the above units; said processing unit being used to receive a group change notification for instructing said key generating unit to generate a new secure group key; said processing unit subsequently finding from said key database a minimum number of keys that can protect all group members of a new secure group, and sending the new secure group key to said secure ticket generating unit for generating secure tickets whose number corresponds to the minimum number of keys and embedding the new secure group key in each secure ticket.
22. The server device as claimed in claim 21 , further comprising a security unit for sending out the secure tickets after encryption using a corresponding key.
23. The server device as claimed in claim 21 , wherein the group change notification includes a group initiation request containing a new secure group member list upon which said key generating unit depends to generate the new secure group key applicable to all members in the member list.
24. A secure group network system constructed in an Internet environment, and comprising: at least one secure group having a network connection to the
Internet; and a central key distribution center having a network connection to the Internet and having a key of the secure group; wherein, when a group change occurs in the secure group to form a new secure group, the secure group issues a group change notification to the central key distribution center for instructing the central key distribution center to generate a new secure group key applicable to all new group members of the new secure group, to generate a minimum number of secure tickets that can protect all group members of the new secure group, where each of the secure tickets contains the new secure group key and to respectively transmit to all members of the new secure group a plurality of messages each of which contains a corresponding secure ticket and that is encrypted using a corresponding key so that update of the new secure group key among all members of the secure group can be securely conducted.
25. The secure group network system as claimed in claim 24, wherein the secure group has a group initiator for issuing the group change notification, and the group change notification includes a group initiation request that has a new secure group member list.
26. The secure group network system as claimed in claim 25, wherein, prior to the transmission of the group initiation request, the group change notification further includes a group join request sent by a member intending to join the group to the group initiator.
27. The secure group network system as claimed in claim 25, wherein the group change further includes, prior to the transmission of the group initiation request, the group change notification further includes a leave request sent by a member intending to leave to the group initiator.
28. The secure group network system as claimed in claim 27, wherein the member intending to leave is the group initiator.
29. The secure group network system as claimed in claim 28, wherein the group change notification further includes a new group initiator designation message for designating a new group initiator.
PCT/JP2007/058692 2006-04-20 2007-04-17 Method of generating secure tickets for a new secure group, method of secure group communication, computing device having a recording medium, and network system WO2007123224A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CNA200610075537XA CN101060398A (en) 2006-04-20 2006-04-20 A new safety group safety certificate generating method, communication method, and network system
CN200610075537.X 2006-04-20

Publications (1)

Publication Number Publication Date
WO2007123224A1 true WO2007123224A1 (en) 2007-11-01

Family

ID=38222484

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2007/058692 WO2007123224A1 (en) 2006-04-20 2007-04-17 Method of generating secure tickets for a new secure group, method of secure group communication, computing device having a recording medium, and network system

Country Status (2)

Country Link
CN (1) CN101060398A (en)
WO (1) WO2007123224A1 (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9807067B1 (en) * 2015-12-18 2017-10-31 Wickr Inc. Decentralized authoritative messaging
DE102016222523A1 (en) * 2016-11-16 2018-05-17 Siemens Aktiengesellschaft Method and device for transmitting data in a topic-based publish-subscribe system
EP3358802A1 (en) * 2017-02-03 2018-08-08 Insta GmbH Method for securely providing a cryptographic key

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103582157B (en) * 2012-07-18 2016-09-14 电信科学技术研究院 Parameter Notification Method, equipment and system
CN112422282B (en) * 2020-11-18 2022-03-18 中国电子科技集团公司第三十研究所 Centralized efficient group session key management method
CN113411540B (en) * 2021-06-21 2023-01-31 随锐科技集团股份有限公司 Control method and system for participants of video conference

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020147906A1 (en) * 2001-01-26 2002-10-10 International Business Machines Corporation Method for broadcast encryption and key revocation of stateless receivers
WO2006054927A1 (en) * 2004-11-16 2006-05-26 Telefonaktiebolaget Lm Ericsson (Publ) Improved key distribution in systems for selective access to information
US7065643B1 (en) * 2000-03-28 2006-06-20 Motorola, Inc. Network compromise recovery methods and apparatus

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7065643B1 (en) * 2000-03-28 2006-06-20 Motorola, Inc. Network compromise recovery methods and apparatus
US20020147906A1 (en) * 2001-01-26 2002-10-10 International Business Machines Corporation Method for broadcast encryption and key revocation of stateless receivers
WO2006054927A1 (en) * 2004-11-16 2006-05-26 Telefonaktiebolaget Lm Ericsson (Publ) Improved key distribution in systems for selective access to information

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
CHUNG KEI WONG ET AL: "Secure Group Communications Using Key Graphs", IEEE / ACM TRANSACTIONS ON NETWORKING, IEEE / ACM, NEW YORK, NY, US, vol. 8, no. 1, February 2000 (2000-02-01), XP011038845, ISSN: 1063-6692 *

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9807067B1 (en) * 2015-12-18 2017-10-31 Wickr Inc. Decentralized authoritative messaging
US10044688B2 (en) 2015-12-18 2018-08-07 Wickr Inc. Decentralized authoritative messaging
US10142300B1 (en) 2015-12-18 2018-11-27 Wickr Inc. Decentralized authoritative messaging
DE102016222523A1 (en) * 2016-11-16 2018-05-17 Siemens Aktiengesellschaft Method and device for transmitting data in a topic-based publish-subscribe system
US11201733B2 (en) 2016-11-16 2021-12-14 Siemens Aktiengesellschaft Method and device for transferring data in a topic-based publish-subscribe system
EP3358802A1 (en) * 2017-02-03 2018-08-08 Insta GmbH Method for securely providing a cryptographic key
DE102017102142A1 (en) 2017-02-03 2018-08-09 Insta Gmbh Method for the secure provision of a cryptographic key

Also Published As

Publication number Publication date
CN101060398A (en) 2007-10-24

Similar Documents

Publication Publication Date Title
CN111222165B (en) Multi-party computing method, device, equipment and medium based on block chain
US9467282B2 (en) Encryption scheme in a shared data store
US9158925B2 (en) Server-aided private set intersection (PSI) with data transfer
CA3166915A1 (en) Deanonymization method and system using blockchain-based and secret sha ring technologies
CN109784931B (en) Query method of data query platform based on blockchain
KR101982237B1 (en) Method and system for data sharing using attribute-based encryption in cloud computing
US20020064283A1 (en) Method and system for object encryption using transparent key management
CN109543434B (en) Block chain information encryption method, decryption method, storage method and device
CN111611623B (en) Private data processing method and device
US11075753B2 (en) System and method for cryptographic key fragments management
KR101615137B1 (en) Data access method based on attributed
US20040037424A1 (en) Information distribution and processing
US10762235B2 (en) Methods, systems, and media for storing and retrieving data from distributed vaults
CN108199838B (en) Data protection method and device
WO2007123224A1 (en) Method of generating secure tickets for a new secure group, method of secure group communication, computing device having a recording medium, and network system
Lee et al. A secure index management scheme for providing data sharing in cloud storage
EP2713545A1 (en) Data sharing system, data distribution system and data protection method
JP2004234344A (en) Database access system
KR20210020699A (en) Method for performing backup and recovery private key in consortium blockchain network, and device using them
Kaushik et al. Secure cloud data using hybrid cryptographic scheme
KR102293610B1 (en) Secure instant messaging method and attaratus thereof
CN114629620A (en) Homomorphic encryption calculation method and system, homomorphic request, calculation and key system
WO2016136201A1 (en) Confidential search system, server device, confidential search method, search method, and recording medium
CN112187456A (en) Key hierarchical management and collaborative recovery system and method
CN103597864B (en) Access control

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 07742127

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 07742127

Country of ref document: EP

Kind code of ref document: A1