Abstract

Scalable group rekeying schemes proposed in the literature can be classified into two categories, based on the keys used to encrypt the key encryption keys (KEK) and the group key. Logical key hierarchy (LKH) based approaches use KEKs sent in a rekeying message to encrypt the KEKs to be sent in the next rekeying message. Thus LKH is a stateful rekeying algorithm, with the disadvantage that a member that goes offline during a rekeying instance cannot recover any future keys. Stateless rekeying algorithms, such as subset difference based member revocation (SDR) mechanism, on the other hand use keys sent during member registration to send KEKs and the group key. Thus members going offline can decrypt future KEKs without having to consult the group manager. SDR rekeying is dependent on the membership during an entire session whereas LKH rekeying is dependent on membership of the group during a rekeying instance.