Group Key Manager 

Professor:  Gene Itkis

Student:      Hani Hamandi



The goal for this project is to enable secret group communication. By "group" we mean any group of users, whether it is a multicast group, a chat group, the current pay-TV subscribers group, etc. To achieve this, messages need to be encrypted with a group key K. The question that naturally arises here is how to add and remove users from the group and still maintain secrecy all the time. In other words, we would like to maintain the invariant that the current group key is known to all current group members and only to them.

Upon addition of a new user u, K must be communicated to u. Note that when u takes hold of K, it can have access to all past group communications that were encrypted with K. So the question here is, upon addition of a new user u, do we want to hide the past from u? If yes, then K must be changed before setting up u.

Deletion is more problematic. When a user u is deleted from the group, we need to hide future communications from u. To do that, again, the group key K needs to be changed. This problem is known as "User Revocation" or "Black Listing". It is mostly important in applications where only paying customers are allowed to receive group transmissions. This project is an implementation based on [Wallner, et al], [Canetti, et al] and some ideas proposed by Professor Itkis. Since his scheme is based on Wallner's scheme, it is a good idea to start by describing Wallner's scheme. 

Wallner's Scheme ] Professor Itkis' Scheme ] Implementation ]


[1] Professor Gene Itkis
[2] R. Canetti, J. Garay, G. Itkis, D. Micciancio, M. Naor, and B. Pinkas. Multicast Security: A Taxonomy and Efficient Authentication, IEEE INFOCOM-99.
[3] D.M. Wallner, E.J. Harder and R.C. Agee, "Key Management for Multicast: Issues and Architectures". "draft-wallner-key-arch-00.txt".       

Most work on this project was performed in the year 2000.