Summary: Multicast routing is a service that provides for efficient many-to-many communication in a network. Traditionally, secure multicast protocols have used existing multicast routing services and relied on cryptographic protection of the messages sent to provide security. Much previous work in the area has been on methods of establishing a shared key between members subscribing to the multicast group. Some problems with this approach are that any network member can receive the encrypted traffic, and that the multicast routing protocol itself is subject to attacks which allow for effective denial-of-service attacks against the group members. I present Keyed-HIP (KHIP), a protocol for secure, hierarchical, multicast routing that changes the multicast model to prevent non-group members from receiving the secure traffic, and limits the effectiveness of denial of service attacks against the multicast group. KHIP also provides an efficient mechanism for distributing data encryption keys to all members of the group. While the type of security provided by KHIP is not necessary in all cases, for some applications the traditional model of multicast security may be lacking. About the speaker: Clay was born in Washington, D.C, and spent much of his childhood living overseas as required by the career of his stepfather, who was a covert agent for the CIA. Clay got an undergraduate degree in electrical engineering from the University of Virginia, and after a year as a computer programmer on Capitol Hill, joined the U.S. Army. As an infantry officer with the 101st Airborne Division, Clay served overseas with the peace-keeping force in the Sinai Peninsula, earning a commendation for liaison work with the Egyptian and Israeli military. Because sitting in a muddy foxhole with a rifle was not intellectually challenging enough, Clay left the Army to return to graduate school. He attended the University of California at Santa Cruz, and for his dissertation he studied computer networking, particularly multicast routing and network security issues. With the ink not yet dry on his PhD, Clay took a job as an assistant professor in computer science at Purdue University, not so much for easy access to corn, but to be associated with CERIAS and to continue his research into network security. Clay is particularly interested in finding ways to exploit existing protocols, in designing secure protocols and in finding ways to keep careful track of what is happening in a network while maintaining user privacy and anonymity.
