Re: Hand Waving vs. Rigorous Analysis... (was Security Engineeringvs. Crypto Academics...)

From: Ernst Lippe (ernstl-at-planet-dot-nl_at_ignore.this)
Date: 09/15/04


Date: Wed, 15 Sep 2004 12:38:29 +0200

On Wed, 15 Sep 2004 06:35:06 +0000, Lassi Hippeläinen wrote:

> Ernst Lippe wrote:
> <...>
>> There are two major weaknesses in this system, and they are not at all
>> related to key management as I understand the term. First, permission
>> management for a large user group is very difficult from an
>> organizational point of view. Any modifications to the permission
>> databased should only be made by authorized personel.
>
> This is a real problem. The real fun begins, when support for dynamic
> membership is added to the game. New members may join the group in the
> middle of a session, and old members may be revoked. I haven't seen any
> working system where those actions could be done in real time. Usually the
> stream is broken to fragments with a separate key, and the keys are
> distributed to members as late as possible. Still there is a time window,
> when authorised recipients (the new members) can't receive the stream, and
> unauthorised ones (revoked members) can.

The only way that you can achieve this is by changing the keys
at very short intervals. Technically, it seems possible but it
would probably be expensive. I don't think that there
are many situations where these additional expenses could be
economically justified.

Ernst Lippe