Securing dynamic membership information in multicast communications

In secure multicast communications, key management schemes are employed to prevent unauthorized access to multicast content. Key management, however, can disclose the information about the dynamics of the group membership, such as the group size and the number of join and departure users, to both inside and outside attackers. This is a threat to applications with confidential group membership information. This paper investigates attack/anti-attack strategies for stealing/protecting group dynamic information in the existing key management schemes. We show that attackers can successfully acquire the membership information by exploiting the key updating procedure in popular centralized key management schemes. Particularly, we develop two attack strategies and demonstrate their effectiveness through simulations. Further, we propose an anti-attack technique utilizing hatch rekeying and phantom users, and derive performance criteria that describe the security level of the proposed scheme using mutual information. The proposed anti-attack scheme is evaluated based on the data obtained from real MBone sessions.