Distributed Collaborative Key Agreement Protocols for Dynamic Peer Groups

We consider several distributed collaborative key agreement protocols for dynamic peer groups. This problem has several important characteristics which make it different from traditional secure group communication. They are (1) distributed nature in which there is no centralized key server, (2) collaborative nature in which the group key is contributory; i.e., each group member will collaboratively contribute its part to the global group key, and (3) dynamic nature in which existing members can leave the group while new members may join. Instead of performing individual rekey operations, i.e., recomputing the group key after every join or leave request, we consider an interval-based approach of rekeying. In particular, we consider three distributed algorithms for updating the group key: (1) the Rebuild algorithm, (2) the Batch algorithm, and (3) the Queue-batch algorithm. Performance of these distributed algorithms under different settings, such as different join and leave probabilities, is analyzed. We show that these three distributed algorithms significantly outperform the individual rekey algorithm, and that the Queue-batch algorithm performs the best among the three distributed algorithms. Moreover, the Queue-batch algorithm has the intrinsic property of balancing the computation/communication workload such that the dynamic peer group can quickly begin secure group communication. This provides a fundamental understanding about establishing a collaborative group key for a distributed dynamic peer group.