An improved key management scheme for large dynamic groups using one-way function trees

To achieve secure multicast communications, key management is one of the most critical problems that should be solved. So far, many multicast key management schemes have been proposed. In 1999, Balenson, McGrew, and Sherman proposed an efficient multicast key management scheme, the BMS scheme, based on one-way function trees. The number of broadcasts for a key updating operation is roughly proportional to the logarithm of group size. Recently, Horng showed that the BMS scheme is vulnerable to the collusion attack under a certain situation. In this paper, we further analyze the necessary conditions for mounting a collusion attack on the BMS scheme. Additionally, we describe an improved version of the BMS scheme. The improved scheme ensures none of the evictee and the new member can collude to get the group key that they should not know without incurring much additional computational overhead to the system.