Paper
review: Reliable Group Rekeying: A
Performance Analysis
Reviewer:
Kevin Hofstra
- What is the best way to
manage the distribution of group keys in secure group communication such
as teleconferencing or multiplayer games?
How must you deal with the constant entry and departure of key
holders? What are the performance
requirements of the key server, and what is the limit on the number of
group members?
- An evaluation of several
methods of key distribution, recoding efficiency, and transport. Analysis of the performance gains in the
combination of each self-optimal process.
3.
A. Reliable
rekey transport has 2 requirements:
i.
Eventual reliability.
The receiver must be able to eventually receive all of the keys. This is fundamental because this is the only
way that they can continue to be a part of the group.
ii.
Soft real-time requirement. The rekey transport must be finished by the
start of the next rekey interval (with at least a high probability). This is to ensure that the individual users
do not get out of synchronization with the rest of the group. Rekeying is dependant on having each key in
succession to find the next.
B.
The keygem group management
system is based upon the use of key trees.
This changes the rekeying problem to the log of the previous problem.
C.
Instead of rekeying on the occurrence of a entry or exit, they use periodic batch rekeying to improve
scalability and alleviate out of synchronization problems among rekey messages
as well as between rekey and data messages.
D.
The rekey workload has a sparseness factor. This means that each member of the group only
needs to receive a small fraction of the packers that carry a rekey message
sent by the key server.
- Critique the main
contribution
- Significance- 4 The
implementation of periodic batch rekeying makes the possibility of larger
groups and requires less resources for the key server. I feel that the evaluation of the
rekeying algorithms and the study into the reliability of key dispersal
belongs in a separate paper because even though it is related, it is not
breakthrough like the periodic batch rekeying and does not add much to
it.
- Convincing- 3
The key tree approach seams to solve some of the issues of the
forward access control problem, but I was unsure how reliably it works when
the latency between the key server and 2 host varies by a very large
amount. I was also unsure how the
periodic batch rekeying works when all group members must be restricted
by the latency of the slowest link and there are many group members
constantly leaving and entering.
- Systems annalists and
researchers should recognize that the combination of a few older ideas
with some breakthrough ideas can lead to very large performance gains. Many of the breakthrough ideas in this
paper were started by other research, but have been optimized through
further research. I think that this
paper shows that many simple ideas can be made better, although more
complicated, by combining new strategies.