Sempre: Secure Multicast Architecture Using Proxy Re-Encryption

The goal of a secure multicast communication environment is to ensure that only valid members belonging to the multicast group can decrypt data. A simple solution adopted by many previous studies is to use a "group key" that is shared by all group members. The sender uses the group key to encrypt the multicast data, and the receivers decrypt the data with the same key. However, the procedure may incur the so-called "1 affects n problem", whereby the action of one member affects the whole group. This is the source of scalability problems. Moreover, from an administrative perspective, it is desirable to confine the impact of membership changes to a local area. In this paper, we propose a novel secure multicast architecture that reduces the impact of the 1 affects n problem significantly by exploiting a cryptographic primitive, "proxy re-encryption". Therefore, we call the proposed secure multicast architecture Sempre (SEcure Multicast architecture using Proxy Re-Encryption). Proxy re-encryption allows intermediate routers to convert the ciphertext encrypted with one key to ciphertext encrypted with another key, without revealing the private key or the plaintext. If the intermediate routers are given proper keys, they can provide separation between subgroups and thereby achieve the goals of scalability and containment. Successful containment reduces the 1 affects n problem significantly. We also compare several related schemes, and discuss some security problems that we identified in them. Existing schemes that use similar techniques only use asymmetric-key algorithms, but the computational costs of the algorithms mean that the schemes are infeasible in practice. Our scheme combines asymmetric-key and symmetric-key algorithms, so it is practical for real-world applications.