Introduction
Hey Readers!!
Welcome back to another article on topics related to Cryptography.
What is Cryptography?
Cryptography is the technique for securing communication between the sender and the receiver.
In this article, you'll learn about Re-keying and the Logical Key Hierarchy in Cryptography.
Let’s begin!!
Re-keying
Let's understand by taking an example.
We consider the scenario of a persistently dynamic collection of network users, let's call them U, and an online TA(in a session key distribution method, is taken to have a shared secret key with every network user). The TA could wish to broadcast messages to all group members, but people may join or leave the group over time. Each user has a copy of the group key, which is used to encrypt communications to the group. Additional long-lived keys, also known as LL-keys, are available to users and are used to update the system when the group changes over time. The TA distributes LL-keys and an initial group key to network users during the key predistribution phase, which initializes the system.
It is known as a user join operation when a new user joins the group and is given a copy of the current group key along with the required long-lived keys. A user revocation procedure is required to remove a user from the group when the user U departs it. For the remaining users, all of the users are in U \{U}.
The user revocation action will create a new group key.
This is an example of re-keying. In addition, updating LL-keys can be necessary as part of the user revocation action.
The following are the criteria used to examine the multicast Re-keying scheme:
1. Communication and storage complexity
This covers the size of secret LL-keys that users must retain and the size of broadcasts necessary for key updates.
2. Security
In this case, the main concern is security against revoked users, and the groups are made up of the revoked users. Also, remember that a user whose access has been revoked has access to more data than someone who has never been a member of the group. So if we successfully achieve security against revoked users, security against outsiders will follow naturally.
3. Flexibility of user revocation
An important factor to consider is the flexibility and effectiveness of user revocation actions. For instance, it might be necessary to revoke users one at a time. Multiple user revocation, however, might be conceivable in some designs. Users wouldn't need to change their keys as regularly. Therefore it would be more convenient.
4. Flexibility of user join
Any number of new users might easily be added to some systems. In certain other systems, adding new users may necessitate a complete system re-initialization. When it is anticipated that new users would want to join the group, it is desired to have a flexible and effective user join procedure.
5. Efficiency of updating LL-keys
There are several options available here as well. It's possible that nothing has to be updated (the LL-keys are static). However, an effective update procedure may be needed to update LL-keys (e.g., via a broadcast). The worst-case scenario would be that following a user revocation. The entire system would need to be reinitialized.