High Performance, Robust and Secure Group Communication

About us
Technology Transfer
Secure Spread

A DARPA/ITO grant (May 2000 - September 2003) to Johns Hopkins Univesity with a subcontract to University of California, Irvine. A component of the DARPA Dynamic Coalitions effort. This grant is co-funded by the NSA.
Principal Investigator: Yair Amir. Co-PIs: Baruch Awerbuch and Jonathan Stanton. Subcontract PI: Gene Tsudik.

Research Activity



Related Papers

  • Scaling Secure Group Communication Systems: Beyond Peer-to-Peer
    In the Proceedings of DISCEX3 Washington DC, April 22-24, 2003. Obsoletes Technical Report CNDS-2002-3, October 2002. Y. Amir, C. Nita-Rotaru, J. Stanton and G. Tzudik
    This paper develops several integrated security architecture scenarios for client-server group communication systems. In an integrated architecture, security services are implemented in servers, in contrast to a layered architecture where the same services are implemented in clients. We discuss benefits and drawbacks of each proposed architecture and present experimental results that demonstrate the superior scalability of an integrated architecture.

  • On the Performance of Group Key Agreement Protocols
    Published in the Proceedings of the 22nd IEEE International Conference on Distributed Computing Systems (ICDCS), Vienna, Austria, July 2-5, 2002, short paper. A longer version is available as CNDS Technical Report 2001-5 . Y. Amir, Y. Kim, C. Nita-Rotaru and G. Tzudik
    This paper presents a performance evaluation of five notable key agreement protocols for peer groups, integrated with a reliable group communication system (Spread). They are: Centralized Group Key Distribution (CKD), Burmester-Desmedt (BD), Steer et al. (STR), Group Diffie-Hellman (GDH) and Tree-Based Group Diffie-Hellman (TGDH). The paper includes an in-depth comparison and analysis of conceptual results and is the first to report practical results in real-life local and wide area networks. Our analysis of these protocols' experimental results offers insights into their scalability and practicality.

  • Framework for Authentication and Access Control of Client-Server Group Communication Systems
    Published in the Proceedings of the Third International Workshop on Networked Group Communications, London, United Kingdom, November 7-9, 2001. A longer version is available as CNDS Technical Report 2001-2 . Y. Amir, C. Nita-Rotaru and J. Stanton
    In this paper we present a framework for integrating authentication and access control mechanisms and policies into a group communication system.

  • Communication-Efficient Group Key Agreement
    Published in IFIP -SEC 2001, June 2001. Y. Kim, A. Perring and G. Tsudik
    Most prior research in group key management focused on minimizing computational overhead stemming from expensive cryptographic operations whereas bandwidth and communication round complexity was of secondary concern. However, recent advances in computation have resulted in the network delay in wide area networks (WANs) being the primary cost factor in the performance of group key management protocols. In this paper, we reconsider a group key agreement protocol previously proposed by Steer, et al. in 1988. We extend it to handle dynamic groups and network faults such as topology partitions and merges. The resulting protocol suite is simple, provably secure, fault-tolerant, and particularly well-suited for applications in high-delay WANs.

  • Exploring Robustness in Group Key Agreement
    Published in Proceedings of the 21th IEEE International Conference on Distributed Computing Systems, Phoenix, Arizona, April 16-19, 2001, pp 399-408. A longer version is available as CNDS Technical Report 2000-4 . Yair Amir, Yongdae Kim, Cristina Nita-Rotaru, John Schultz, Jonathan Stanton and Gene Tsudik.
    In this paper we present Secure Spread, a secure version of the Spread Toolkit. Secure Spread is a group communication system that utilizes contributory group k ey management developed by the Cliques project and Blowfish symmetric encryption al gorithm. Its modular design allows drop-in replacement of encryption and/or key agreement protocol.

  • Simple and Fault-Tolerant Key Agreement for Dynamic Collaborative Groups
    Published in ACM CCS'2000, November 2000. Y. Kim, A. Perring and G. Tsudik
    Secure communication in peer groups is an increasingly popular research area having received much attention in recent years. The fun damental challenge revolves a round secure and efficient group key management. This work investigates a novel approach to group key agreement by blending binary key trees with Diffie-Hellman key exchange. The resultant protocol suite is very simple, secure and fault-tolerant.

  • The Cost of Adding Security Services to Group Communication Systems
    Technical Report CNDS-2000-3. Cristina Nita-Rotaru.
    In this paper we present Secure Spread, a secure version of the Spread Toolkit. Secure Spread is a group communication system that utilizes contributory group k ey management developed by the Cliques project and Blowfish symmetric encryption al gorithm. Its modular design allows drop-in replacement of encryption and/or key agreement protocol.


A practical group communication system should provide secure multicast services for peer groups over local and wide area networks. To support the environment described in the Dynamic Coalition program, such a system should scale to tens of coalition parties, with hundreds of servers, supporting thousands of users. This service is crucial for building distributed applications that work in dynamic environments and communicate over unsecured networks (e.g. the Internet). It is also important for enabling other infrastructures for these environments, such as replicated certification, highly available policy management, and high performance access control. A common claim is that a wide-area, secure group communication system with strict reliability semantics and strict security requirements cannot perform well enough to be practical. Therefore, some research is focused on different ways to relax either the security or the reliability requirements (or both). Based on our past and current work, we claim that with careful protocol design, a system that is limited to the size of the above peer groups can perform well without relaxing any of the security or reliability guarantees. This project enables us to built it.

Key innovations

  • Constructing group communication protocols that support wide and local area networks with tens of sites, hundreds of servers, and thousands of users.

  • Current key agreement protocols are not designed to tolerate failures and changes in the membership during their execution. Our protocols, in contrast, will be completely resilient to any sequence of such events. We believe this will be the first robust implementation of distributed key agreement protocols that provide perfect forward secrecy, group membership authentication, non-repudiation, and resilience to known-key attacks. ? The performance of a group key generation protocol is very dependent on the network structure, the relative power of machines, and the algorithm used. We do not think that there can be one key agreement protocol that outperforms all other protocols in all of the possible environments. Instead, we will develop several different algorithms, each optimized (performance-wise) for a different setting.

  • We will design and build a modular architecture that allows different security protocols to be plugged in. The architecture will switch protocols during execution in agreement with other members, so that the most suitable protocol for the current situation is invoked. The selection will be based on the current state of the network, available system resources, the number of members in the group, a user defined policy, etc.

  • The current state of the art in secure group communication implements security as a layer, separate from the reliability, ordering, and membership services. Although this structure has much merit, there is a high performance cost attached. We will build two versions of our system that share most of the code and infrastructure. The Layered Architecture version will have the security services provided on top of the reliability, ordering and membership services. The Integrated Architecture version will tailor the security protocols into the core reliability, ordering and membership services, drastically cutting the latency and bandwidth cost associated with group membership changes.

  • In a Dynamic Coalition environment, it is likely that each coalition party will retain its autonomy, which includes full control over its part of the infrastructure. This is in contrast to current group communication architectures that assume one administrative domain. Our system will allow multiple autonomous control domains, while still preserving the tightly coupled group communication semantics.

  • Our system will incorporate a new trust model and "trust ranking" algorithms, combining mutual respect values of group members into a consistent global trust vector. This vector is continuously updated in a distributed fashion as a result of ongoing interactions between members. The trust vector affects the allocation of resources in the group (who can multicast, how much), the selection of security protocols used, the admission/eviction of members, and other privileges.

Questions or comments to:
webmaster (at) dsn.jhu.edu
TEL: (410) 516-5562
FAX: (410) 516-6134
Distributed Systems and Networks Lab
Computer Science Department
Johns Hopkins University
3400 N. Charles Street Baltimore, MD 21218-2686