Definitions and bounds for self-healing key distribution schemes

Abstract

Self-healing key distribution schemes allow group managers to broadcast session keys to large and dynamic groups of users over unreliable channels. Roughly speaking, even if during a certain session some broadcast messages are lost due to network faults, the self-healing property of the scheme enables each group member to recover the key from the broadcast messages he/she has received before and after that session. Such schemes are quite suitable in supporting secure communication in wireless networks and mobile wireless ad-hoc networks. Recent papers have focused on self-healing key distribution, and have provided definitions and constructions. The contribution of this paper is the following: - We analyse current definitions of self-healing key distribution and, for two of them, we show that no protocol can achieve the definition. - We show that a lower bound on the size of the broadcast message, previously derived, does not hold. - We propose a new definition of self-healing key distribution, and we show that it can be achieved by concrete schemes. - We give some lower bounds on the resources required for implementing such schemes i.e., user memory storage and communication complexity. We prove that some of the bounds are tight. © Springer-Verlag Berlin Heidelberg 2004.