The growing number of multimedia multicast applications makes security of such applications important. I have studied key management in IP-multicast in this master thesis. Only authorized members in a multicast group should be able to decrypt data sent to the group.Revoked members should not receive information that make them able to compute decryption keys.The intellectual property rights of the producer must be protected.
Managing keys in multicasting is more complicated than in unicasting. The authorized part of the members in a group may change during a session so that new keys must be generated and distributed. I implement a key management server that uses the subset difference method to generate keys in an effective way. The server functions in a client-server architecture where the client part represents the distributor of multicast data. The protocol made should be able to integrate with existing multicast software, like the MBone Tools. IPv6 will probably soon become the new standard Internet Protocol. It supports both security and multicasting. An effective key management mechanism may be an interesting future part of IPv6.