RFC 1949 (rfc1949) - Page 2 of 18
Scalable Multicast Key Distribution
Alternative Format: Original Text Document
RFC 1949 Scalable Multicast Key Distribution May 1996
Unlike many network layer protocols, the Core Based Tree (CBT)
multicast protocol [4] makes explicit provision for security; it has
its own protocol header, unlike existing IP multicast schemes
[10,11], and other recently proposed schemes [12].
In this document we describe how the CBT multicast protocol can
provide for the secure joining of a CBT group tree, and how this same
process can provide a scalable solution to the multicast key
distribution problem. These security services are an integral part
of the CBT protocol [4]. Their use is optional, and is dependent on
each individual group's requirements for security. Furthermore, the
use of the CBT multicast protocol for multicast key distribution does
not preclude the use of other multicast protocols for the actual
multicast communication itself, that is, CBT need only be the vehicle
with which to distribute keys.
Secure joining implies the provision for authentication, integrity,
and optionally, confidentiality, of CBT join messages. The scheme we
describe provides for the authentication of tree nodes (routers) and
receivers (end-systems) as part of the tree joining process. Key
distribution (optional) is an integral part of secure joining.
Network layer multicast protocols, such as DVMRP [7] and M-OSPF [9],
do not have their own protocol header(s), and so cannot provision for
security in themselves; they must rely on whatever security is
provided by IP itself. Multicast key distribution is not addressed to
any significant degree by the new IP security architecture [2].
The CBT security architecture is independent of any particular
cryptotechniques, although many security services, such as
authentication, are easier if public-key cryptotechniques are
employed.
What follows is an overview of the CBT multicasting. The description
of our proposal in section 6.1 assumes the reader is reasonably
familiar with the CBT protocol. Details of the CBT architecture and
protocol can be found in [7] and [4], respectively.
2. Overview of BCT Multicasting
CBT is a new architecture for local and wide-area IP multicasting,
being unique in its utilization of just one shared delivery tree per
group, as opposed to the source-based delivery tree approach of
existing IP multicast schemes, such as DVMRP and MOSPF.
A shared multicast delivery tree is built around several so-called
core routers. A group receiver's local multicast router is required
to explicitly join the corresponding delivery tree after receiving an
Ballardie Experimental