Information technology — Security techniques — Key management — Part 5: Group key management

ISO/IEC 11770-5:2011 specifies key establishment mechanisms for multiple entities to provide procedures for handling cryptographic keying material used in symmetric or asymmetric cryptographic algorithms according to the security policy in force. It defines the symmetric key based key establishment mechanisms for multiple entities with a key distribution centre (KDC), and defines symmetric key establishment mechanisms based on general tree based structure with both individual rekeying and batched rekeying. It also defines key establishment mechanisms based on key chain with both unlimited forward key chain and limited forward key chain. Both key establishment mechanisms can be combined by applications. ISO/IEC 11770-5:2011 also describes the required content of messages which carry keying material or are necessary to set up the conditions under which the keying material can be established.

Technologies de l'information — Techniques de sécurité — Gestion de clés — Partie 5: Gestion de clés de groupe

General Information

Status
Withdrawn
Publication Date
15-Dec-2011
Withdrawal Date
15-Dec-2011
Current Stage
9599 - Withdrawal of International Standard
Completion Date
10-Nov-2020
Ref Project

Relations

Buy Standard

Standard
ISO/IEC 11770-5:2011 - Information technology -- Security techniques -- Key management
English language
22 pages
sale 15% off
Preview
sale 15% off
Preview

Standards Content (Sample)

INTERNATIONAL ISO/IEC
STANDARD 11770-5
First edition
2011-12-15


Information technology ― Security
techniques — Key management —
Part 5:
Group key management
Technologies de l'information ― Techniques de sécurité — Gestion de
clés —
Partie 5: Gestion de clés de groupe





Reference number
ISO/IEC 11770-5:2011(E)
©
ISO/IEC 2011

---------------------- Page: 1 ----------------------
ISO/IEC 11770-5:2011(E)

COPYRIGHT PROTECTED DOCUMENT


©  ISO/IEC 2011
All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form or by any means,
electronic or mechanical, including photocopying and microfilm, without permission in writing from either ISO at the address below or
ISO's member body in the country of the requester.
ISO copyright office
Case postale 56  CH-1211 Geneva 20
Tel. + 41 22 749 01 11
Fax + 41 22 749 09 47
E-mail copyright@iso.org
Web www.iso.org
Published in Switzerland

ii © ISO/IEC 2011 – All rights reserved

---------------------- Page: 2 ----------------------
ISO/IEC 11770-5:2011(E)
Contents Page
Foreword . iv
Introduction . v
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
4 Symbols and abbreviations . 4
5 Requirements . 5
6 Tree based key establishment mechanisms for multiple entities . 5
6.1 General model . 5
6.2 Joining process . 6
6.3 Leaving process . 6
6.4 Rekeying process . 6
6.5 Logical key structure . 7
6.6 Symmetric key based key establishment mechanisms . 8
7 Key chain based group key management . 12
8 Key chain based group key management with unlimited forward key chain . 13
8.1 Calculations by the key distribution centre . 13
8.2 Calculations by the client entity . 15
9 Key chain based group key management with limited forward key chain . 18
9.1 Calculations by the key distribution centre . 18
9.2 Calculations by the client entity . 19
Annex A (normative) Object identifiers . 20
Annex B (informative) Load balancing mechanism for general tree based structure . 21
Bibliography . 22

© ISO/IEC 2011 – All rights reserved iii

---------------------- Page: 3 ----------------------
ISO/IEC 11770-5:2011(E)
Foreword
ISO (the International Organization for Standardization) and IEC (the International Electrotechnical
Commission) form the specialized system for worldwide standardization. National bodies that are members of
ISO or IEC participate in the development of International Standards through technical committees
established by the respective organization to deal with particular fields of technical activity. ISO and IEC
technical committees collaborate in fields of mutual interest. Other international organizations, governmental
and non-governmental, in liaison with ISO and IEC, also take part in the work. In the field of information
technology, ISO and IEC have established a joint technical committee, ISO/IEC JTC 1.
International Standards are drafted in accordance with the rules given in the ISO/IEC Directives, Part 2.
The main task of the joint technical committee is to prepare International Standards. Draft International
Standards adopted by the joint technical committee are circulated to national bodies for voting. Publication as
an International Standard requires approval by at least 75 % of the national bodies casting a vote.
Attention is drawn to the possibility that some of the elements of this document may be the subject of patent
rights. ISO and IEC shall not be held responsible for identifying any or all such patent rights.
ISO/IEC 11770-5 was prepared by Joint Technical Committee ISO/IEC JTC 1, Information technology,
Subcommittee SC 27, IT Security techniques.
ISO/IEC 11770 consists of the following parts, under the general title Information technology ― Security
techniques — Key management:
 Part 1: Framework
 Part 2: Mechanisms using symmetric techniques
 Part 3: Mechanisms using asymmetric techniques
 Part 4: Mechanisms based on weak secrets
 Part 5: Group key management
iv © ISO/IEC 2011 – All rights reserved

---------------------- Page: 4 ----------------------
ISO/IEC 11770-5:2011(E)
Introduction
This part of ISO/IEC 11770 does not specify the means to be used to establish initial secret keys; that is, all
the mechanisms specified in this part of ISO/IEC 11770 require an entity to share the secret key with another
entity, the key distribution centre (KDC). For general guidance on the key lifecycle see ISO/IEC 11770-1. This
part of ISO/IEC 11770 does not explicitly address the issue of interdomain key management. This part of
ISO/IEC 11770 also does not define the implementation of key establishment mechanisms; products
complying with this part of ISO/IEC 11770 might be compatible.
This part of ISO/IEC 11770 does not specify the information which has no relation with key establishment
mechanisms, nor does it specify other messages such as error messages. The explicit format of messages is
not within the scope of this part of ISO/IEC 11770.
The mechanisms specified in this part of ISO/IEC 11770 have been assigned object identifiers in accordance
with ISO/IEC 9834. The list of assigned object identifiers is given in the normative Annex A. Any change to the
specification of the mechanisms resulting in a change of functional behavior will result in a change of the
object identifier assigned to the mechanisms.

© ISO/IEC 2011 – All rights reserved v

---------------------- Page: 5 ----------------------
INTERNATIONAL STANDARD ISO/IEC 11770-5:2011(E)

Information technology ― Security techniques — Key
management —
Part 5:
Group key management
1 Scope
This part of ISO/IEC 11770 specifies key establishment mechanisms for multiple entities to provide
procedures for handling cryptographic keying material used in symmetric or asymmetric cryptographic
algorithms according to the security policy in force.
It defines symmetric key based key establishment mechanisms for multiple entities with a key distribution
centre (KDC), and defines symmetric key establishment mechanisms based on a general tree based structure
with both individual rekeying and batched rekeying. It also defines key establishment mechanisms based on a
key chain with both unlimited forward key chain and limited forward key chain. The two types of key
establishment mechanisms can be combined by applications.
This part of ISO/IEC 11770 also describes the required content of messages which carry keying material or
are necessary to set up the conditions under which the keying material can be established.
2 Normative references
The following referenced documents are indispensable for the application of this document. For dated
references, only the edition cited applies. For undated references, the latest edition of the referenced
document (including any amendments) applies.
ISO/IEC 10118-3:2004, Information technology — Security techniques — Hash-functions — Part 3: Dedicated
hash-functions
ISO/IEC 14888-2:2008, Information technology — Security techniques — Digital signatures with appendix —
Part 2: Integer factorization based mechanisms
3 Terms and definitions
For the purpose of this document, the following terms and definitions apply.
3.1
active
state of an entity in which the entity can obtain the shared secret key
3.2
ancestor keys of key k
set of keys in a logical key hierarchy that are assigned to the ancestor nodes of the node to which k is
assigned
NOTE One of the keys in a set of ancestor keys is either the shared secret key or a key encryption key.
© ISO/IEC 2011 – All rights reserved 1

---------------------- Page: 6 ----------------------
ISO/IEC 11770-5:2011(E)
3.3
ancestor nodes of node v
set of nodes in a tree that can be reached by repeatedly going to the parent node from v
3.4
backward secrecy with interval T
security condition in which an entity joining at time t = t cannot obtain any former shared secret keys at time
0
t < t – T
0
3.5
batch rekeying
rekeying method in which the shared secret key, and optionally, key encryption keys are updated at every
rekeying interval T
3.6
child keys of key k
set of keys in a logical key hierarchy where the keys are assigned to the child nodes of the node to which k is
assigned
NOTE One of the keys in a set of child keys shall be a key encryption key or individual key.
3.7
child nodes of node w
set of nodes in a tree which hang on w
3.8
d-ary tree
tree where each node has d children except the leaf nodes in the tree
3.9
forward secrecy with interval T
security condition in which an entity leaving at time t = t cannot obtain any subsequent shared secret keys at
0
time t > t + T
0
3.10
inactive
state of an entity in which the entity cannot obtain the shared secret key
3.11
individual key
key shared between the key distribution centre and each entity
3.12
individual rekeying
rekeying method in which the shared secret key, and optionally, key encryption keys are updated when an
entity joins or leaves
3.13
key
sequence of symbols that controls the operations of a cryptographic transformation
3.14
key chain
set of cryptographic keys which are not necessarily independent
3.15
key distribution centre
KDC
entity trusted to generate or acquire, and distribute keys to entities
2 © ISO/IEC 2011 – All rights reserved

---------------------- Page: 7 ----------------------
ISO/IEC 11770-5:2011(E)
3.16
key encryption key
cryptographic key that is used for the encryption or decryption of other keys
[ISO/IEC 19790:2006]
3.17
leaf node
node in a tree which is not a parent of any other node, i.e. has no child nodes
3.18
logical key hierarchy
tree used for managing the shared secret key and key encryption keys
3.19
logical key structure
logical structure to manage keys
NOTE This structure has no correlation with the network topology.
3.20
one-way function
function with the property that it is easy to compute the output for a given input but it is computationally
infeasible to find for a given output an input which maps to this output
[ISO/IEC 11770-3:2008]
3.21
one-way function with trapdoor
function that is known to be easy to compute but hard to invert unless some secret information (trapdoor) is
known
3.22
parent node of node c
node on which node c hangs
3.23
perfect backward secrecy
security condition in which a joining entity cannot obtain any former shared secret keys
3.24
perfect forward secrecy
security condition in which a leaving entity cannot obtain any subsequent shared secret keys
3.25
random number
time variant parameter whose value is unpredictable
[ISO/IEC 11770-1:2010]
3.26
rekeying
process of updating and redistributing the shared secret key, and optionally, key encryption keys
NOTE This process is executed by the key distribution centre.
3.27
root node
node in a tree which is not a child of any other node
© ISO/IEC 2011 – All rights reserved 3

---------------------- Page: 8 ----------------------
ISO/IEC 11770-5:2011(E)
3.28
shared secret key
key which is shared with all the active entities via a key establishment mechanism for multiple entities
3.29
symmetric key based key establishment mechanism for multiple entities
process of establishing a shared secret key between all active entities, using symmetric cryptographic
techniques
3.30
tree
connected, acyclic graph with an identified special vertex, the root node
4 Symbols and abbreviations
AK Ancestor key
BWK Backward key for the time instance i
i
CK Child key
COM(X,Y) Function, which generates from the data items X and Y a key designed to be applied as key of
the used encryption algorithm
CUT(k,S) Function which outputs a substring of length k of the least significant bits of a string S of bits
d Number of children of a parent node (see term d-ary tree)
e(K,Z) Result of encrypting data Z with a symmetric encryption algorithm using the secret key K
f One-way function with trap door
- 1
f Inverted function of f, which requires the trapdoor of f
FWK Forward key for the time instance i
i
g One-way function
1
g One-way function
2
h Number of ancestor nodes of a leaf node excluding the root node
IK Individual key
IK x Individual key shared between entity x and the key distribution centre
KDC Key distribution centre
KEK Key encryption key
LKH Logical key hierarchy
m Number of entities connected to the hub in a star structure
MAC(K,Z) MAC function as defined in ISO/IEC 9797 using key K and data Z
r Random number to initialize the backward key chain
BWKinit
4 © ISO/IEC 2011 – All rights reserved

---------------------- Page: 9 ----------------------
ISO/IEC 11770-5:2011(E)
r Random number to initialize the forward key chain
FWKinit
RSA Digital signature mechanism as defined in ISO/IEC 14888-2
s Private key
SHA-1 Dedicated hash function as defined in ISO/IEC 10118-3
SSK Shared secret key
 Public key
X||Y Result of concatenating data items X and Y in that order
5 Requirements
The key establishment mechanisms specified in this part of ISO/IEC 11770 realize point-to-multipoint key
communication by using logical key structures. The point-to-multipoint communication requires a key updating
process when a new entity joins or an entity leaves the communication in order to maintain the secrecy of the
communication.
a) There are two types of security requirements, perfect backward secrecy and forward secrecy and
backward secrecy and forward secrecy with intervals. One of these security requirements shall be
chosen depending on the security requirements of the particular application. Key establishment
mechanisms for multiple entities require two different rekeying methods according to the security
requirements: individual rekeying and batched rekeying. Individual re-keying provides perfect backward
secrecy and forward secrecy, and batched rekeying provides backward secrecy and forward secrecy with
interval T. The rekeying method and parameter setting have a strong influence on the security
requirements; thus, they shall be determined according to the security policy of the application.

b) The encryption algorithm shall be chosen in accordance with the following:

1) A symmetric encryption algorithm shall be chosen from among those standardised in
ISO/IEC 18033-3 and ISO/IEC 18033-4.

2) If a block cipher encryption algorithm is used, then the Mode of Operation employed shall be one of
those standardised in ISO/IEC 10116, ISO/IEC 18033-3, ISO/IEC 18033-4 and ISO/IEC 19772. An
encryption algorithm used for key encryption shall provide integrity, and input length shall be more
than 128 bits. One of the mechanisms in ISO/IEC 19772 shall be used for integrity protection.

c) The shared secret key is established using either a secure or insecure communication channel. At least
the individual key shall be exchanged between the key distribution centre and each entity using a secure
channel in order to allow secure communication. A secure communication channel is one where an
attacker cannot eavesdrop or tamper with messages in the channel.

d) The key establishment mechanisms in this part of ISO/IEC 11770 require the use of random numbers to
generate the shared secret key, and optionally, key encryption keys. For means of generating random
numbers, see ISO/IEC 18031.
6 Tree based key establishment mechanisms for multiple entities
6.1 General model
Key establishment for multiple entities enables the transmission of a message to all the entities, such that any
active entities can decrypt the message correctly and any coalition of inactive entities cannot decrypt it. All the
active entities share the shared secret key that is used to encrypt the message. An active entity may
© ISO/IEC 2011 – All rights reserved 5

---------------------- Page: 10 ----------------------
ISO/IEC 11770-5:2011(E)
dynamically change to being inactive, and vice versa. The key distribution centre updates the shared secret
key to prevent the joining entity from obtaining the former messages and the leaving entity from obtaining the
subsequent messages.
Figure 1 shows the general model of key establishment for multiple entities, in which the key distribution
centre can communicate with all the entities. The communication between the key distribution centre and
entities does not need to be secure. The key distribution centre and each entity shall share a distinct individual
key. The key distribution centre is responsible for distributing the shared secret key to all the active entities.
The join/leave request is represented by (1) and the distribution of keys to the entities by (2), (3), ., (n+1).
From ii onward, the order in which the updates take place is not important.
NOTE if one of the entities that knows the shared secret key cannot be contacted for a period of time, that entity may
miss a key update message, and cannot compute the updated shared secret key.

Figure 1 — General model of key establishment for multiple entities
6.2 Joining process
An entity sends a joining request to the key distribution centre in order to start obtaining the shared secret key.
The key distribution centre executes the rekeying process after the requesting entity was accepted to join in
the case where individual rekeying is adopted. On the other hand, the key distribution centre does not execute
the rekeying process in the joining process in the case where batched rekeying is adopted.
6.3 Leaving process
An entity sends a leave request to the key distribution centre in order to stop obtaining the shared secret key.
The key distribution centre executes rekeying after the leaving entity has left in the case where individual
rekeying is adopted. On the other hand, there is no explicit leaving process in the case where batched
rekeying is adopted. However, the key distribution centre shall record the leaving entities for the next rekeying
process.
NOTE When the batched rekeying is used, the entity leaving the group can still decrypt communications in the group
until the next batch rekeying takes place.
6.4 Rekeying process
The key distribution centre updates the shared secret key, and optionally, key encryption keys in order to
satisfy security requirements. This process is executed in both the joining and leaving processes in the case
where individual rekeying is adopted, and executed at regular time intervals in the case where batched
rekeying is adopted.
6 © ISO/IEC 2011 – All rights reserved

---------------------- Page: 11 ----------------------
ISO/IEC 11770-5:2011(E)
6.5 Logical key structure
6.5.1 Star based structure
Key establishment mechanisms for multiple entities can be classified by their logical structures and are used
to assign keys to entities. Figure 2 shows the star-based structure.
IK2
IK1 IK3
SSK
IK6 IK4
IK5

Figure 2 — Star-based structure
6.5.2 d-ary tree based structure
Figure 3 shows the binary tree structure where d = 2. A shared secret key is assigned to the root node of the
tree. Each individual key is assigned to the leaf nodes of the tree. Additionally, key encryption keys are
assigned to the other nodes. The key encryption keys are shared by multiple entities whose individual keys
are assigned to the descendant of the node to which the key encryption key is assigned. The communication
cost of the leaving process can be reduced by using key encryption keys. Each entity has all the keys
assigned to the nodes on the path from the root node to the leaf node, to which the individual key of the entity
is assigned. Thus, the number of keys an entity has is proportional to the logarithm of the total number of
entities.
SSK
KEK1 KEK2
KEK3 KEK5
KEK4 KEK6
IK1 IK2 IK3 IK4 IK5 IK6 IK7 IK8

Figure 3 — d-ary tree based structure
6.5.3 General tree based structure
A general tree based structure can be used as the logical key structure. The general tree based structure
makes use of a d-ary tree based structure where m entities construct a cluster. This structure can be
considered as a hybrid of the star-based structure with m clients and the d-ary tree based structure.
© ISO/IEC 2011 – All rights reserved 7

---------------------- Page: 12 ----------------------
ISO/IEC 11770-5:2011(E)
This structure can be used to optimize the efficiency of key establishment mechanisms (see Annex B).
Figure 4 shows the tree based structure where d = 2 and m = 4. The general tree based structure contains a
d-ary tree based structure, however, the opposite does not hold. For example, the tree based structure in
Figure 4 is not a d-ary tree based structure.

Figure 4 — General-tree based structure
6.6 Symmetric key based key establishment mechanisms
6.6.1 Mechanism 1 - Key establishment mechanism with individual rekeying
This document defines symmetric-key based key establishment mechanisms based on general tree based
structure: 1) mechanism with individual rekeying and 2) mechanism with batched rekeying. In the mechanism
with individual rekeying, the rekeying process is executed whenever an entity joins or leaves.
This mechanism is based on a tree based structure with individual rekeying.
a) Joining process
It is assumed that there is a set of n entities {u , u , ., u }, and the entity u joins. Let AK(l,u) be the
1 2 n n+1 i
ancestor key of entity u that is assigned to the l-th layer from the root node of the logical key hierarchy. h
i
denotes the height of the logical key hierarchy.
1) The entity u sends a join request to the key distribution centre.
n+1
2) The key distribution centre assigns the individual key of u (i.e., IK u ) to a leaf node of the logical
n+1 n+1
key hierarchy.
3) The key distribution centre generates random numbers and updates the ancestor keys of the individual
key of u using these numbers. SSK, AK(1,u ), AK(2,u ), ., AK(h,u ) are updated to SSK',
n+1 n+1 n+1 n+1
AK'(1,u ), AK'(2,u ), ., AK'(h,u ), respectively.
n+1 n+1 n+1
4) The key distribution centre encrypts each updated key with the old key, and broadcasts it. That is,
e(SSK,SSK'), e(AK(1,u ),AK'(1,u )), e(AK(2,u ),AK'(2,u )), ., and e(AK(h,u ),AK'(h,u )) are
n+1 n+1 n+1 n+1 n+1 n+1
broadcast.
5) Each entity obtains the updated keys using the old keys.
6) The key distribution centre encrypts the updated keys SSK'||AK'(1,u )||AK'(2,u )||.||AK'(h,u ) by
n+1 n+1 n+1
the individual key of u , and sends e(IK u ,SSK'||AK'(1,u )||AK'(2,u )||.||AK'(h,u )) to u .
n+1 n+1 n+1 n+1 n+1 n+1
7) The entity u obtains the keys.
n+1
8 © ISO/IEC 2011 – All rights reserved

---------------------- Page: 13 ----------------------
ISO/IEC 11770-5:2011(E)
b) Leaving process
It is assumed that there are n entities {u , u , ., u }, and the entity u (1≤j≤n) leaves. Let AK(l,u) be the
1 2 n j i
ancestor key of entity u that is assigned to the l-th layer from the root node of the logical key hierarchy. h
i
denotes the height of the logical key hierarchy.
1) The key distribution centre generates random numbers and updates the ancestor keys of the individual
key of u using these numbers. SSK, AK(1,u ), AK(2,u), ., AK(h,u) are updated to SSK', AK'(1,u ),
j j j j j
AK'(2,u ), ., AK'(h,u ), respectively.
j j
2) The key distribution centre encrypts each updated key with its child keys except the individual key of u
j
and broadcasts them. For example, the SSK' is encrypted with the child keys CK , CK , ., CK , and
1 2 d
e(CK ,SSK'), e(CK ,SSK'), ., and e(CK ,SSK') are broadcast.
1 2 d
NOTE  In the case that child keys have been updated, the updated child keys are used.
3) Each entity obtains the updated keys using the child keys.
An example of mechanism 1:
1) Phase 1
An example of the joining process of mechanism 1 is illustrated in Figure 5. It is assumed that the key
distribution centre uses the logical key hierarchy in Figure 6 and the entity H is joining.

Figure 5 — Joining process of mechanism 1 — mechanism with individual rekeying
SSK
AK1 AK2
AK3 AK4 AK5 AK6
IKA IKB IKC IKD IKE IKF IKG IKH

Figure 6 — Logical key procedure
The updated keys (UpdatedKey ), broadcasted by the key distribution centre to A, B, C, D, E, F, and G is:
A-G
UpdatedKey =e(SSK,SSK')||e(AK ,AK' )||e(AK ,AK' ).
A-G 2 2 6 6
The updated keys (UpdatedKey ), sent by the key distribution centre to H is:
H
© ISO/IEC 2011 – All rights reserved 9

---------------------- Page: 14 ----------------------
ISO/IEC 11770-5:2011(E)
UpdatedKey = e(IK ,SSK'||AK' ||AK' ).
H H 2 6
(1) H sends Join request to key distribution centre.
(2) The key distribution centre generates and broadcasts UpdatedKey to A, B, C, D, E, F, and G.
A-G
(3) The key distribution centre generates and sends UpdateKey to H.
H
NOTE The key distribution centre and H share the individual key of H in advance.
2) Phase 2
An example of the leaving process of mechanism 1 is illustrated in Figure 7. It is assumed that the key
distribution centre uses the logical key hierarchy in Figure 6 and the entity H is leaving.

Figure 7— Leaving process of mechanism 1 — mechanism with individual rekeying
The form of the updated keys (UpdatedKey ), broadcast by the key distribution centre to A, B, C, D, E, F,
A-G
and G is:
UpdatedKey =e(AK ,SSK')||e(AK' ,SSK')||e(AK ,AK' )|| e(AK' ,AK' )|| e(IK ,AK' ).
A-G 1 2 5 2 6 2 G 6
(1) H sends Leaving request to key distribution centre.
(2) The key distribution centre generates and broadcasts UpdatedKey to A, B, C, D, E, F, and G.
A-G
6.6.2 Mechanism 2 - Key establishment mechanism with batched rekeying
In the mechanism with batched rekeying, the rekeying process is periodically executed.
a) Joining process
It is assumed that there are n entities {u , u , ., u }, and the entity u joins. Let AK(l,u) be the ancestor key
1 2 n n+1 i
of entity u that is assigned to the l-th layer from the root node of the logical key hierarchy. h denotes the
i
height of the logical key hierarchy.
1) The entity u sends a join request to the key distribution centre.
n+1
2) The key distribution centre assigns the individual key of u to a leaf node of the logical key hierarchy.
n+1
3) The key distribution centre encrypts the ancestor keys of the individual key of u by the individual key
n+1
of u . Then, the key distribution centre sends e(IK u , SSK||AK(1, u )||AK(2, u )|| .||AK(h, u ))
n+1 n+1 n+1 n+1 n+1
to u .
n+1
4) The entity u obtains SSK and AK(1, u ), AK(2, u ), …, AK(h, u ).
n+1 n+1 n+1 n+1
b) Leaving process
10 © ISO/IEC 2011 – All rights reserved

---------------------- Page: 15 ----------------------
ISO/IEC 11770-5:2011(E)
The leaving entity sends Leaving request to key distribution centre.
NOTE Rekeying is not executed in the leaving process of the mechanism with batched rekeying.
c) Rekeying process
This process executed at regular time intervals. It is assumed that there is a set of n entities {u , u , ., u }
1 2 n
and that the entities of the set  {u ,u ,. u } left during a rekeying interval. k is the number of leaving entities
i1 i2 ik
during a rekeying interval i. Let AK(l,u) be the ancestor key of entity u that is assigned to the l-th layer from
i i
the root node of the logical key hierarchy. h denotes the height of the logical key hierarchy.
1) The key distribution centre generates random number
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.