High Performance, Robust and Secure Group Communication

About us
Technology Transfer
Secure Spread

Quarterly Technical Report, April 2003


During this timeframe, we continued our work on both the experimantation conducted by BBN Technologies and SRI International and on the development and release of a major secure architecture for Spread: an integrated architecture. The goal of this architecture is to amortize the cost of the key agreement protocols over many groups and to provide very fast joins and leaves, while ensuring the confidentiality of the data even when long-term keys of the participant get compromised. Our contribution to the RedTeam effort on the Secure Spread project consisted of: participating in weekly teleconferences, providing feedback on the experimentation documents, answering technical questions and providing fixes when necessary.

Our main research effort concentrated on the development of an integrated architecture for Spread. Our solution describes three variants, that trade-off group communication model for performance. As part of the experimentation plan, we provided an internal release of an integrated architecture variant for BBN Technologies.

We conducted a presentation and demonstration of Secure Spread, both layered architecture and a preliminary version of the integrated architecture, in Hawai for Pacific Command.

We also participated in the DARPA DISCEX 3 Conference. Secure Spread was featured in the movie promoting all the technologies from the DARPA programs, and our group was present both in the presentations section and in the Exposition.


Scaling Secure Group Communication Systems: Beyond Peer-to-Peer.
ps, ps.gz, pdf. Published in the Proceedings of DISCEX'3 Washington DC, April 2003.

Yair Amir, Cristina Nita-Rotaru, Jonathan Stanton, and Gene Tsudik.

This paper develops several integrated security architecture scenarios for client-server group communication systems. In an integrated architecture, security services are implemented in servers, in contrast to a layered architecture where the same services are implemented in clients. We discuss benefits and drawbacks of each proposed architecture and present experimental results that demonstrate the superior scalability of an integrated architecture.


So far, we registered about 500 downloads for Secure Spread from our web site and about 6000 for Spread.

Plans for Next Quarter:

  • Continue support of the experimentation and red team effort.
  • Continue the work on the integrated architecture.
  • Update the integrated access control and authentication framework based on community feedback.
  • Continue research into high performance wide area group communication.

Questions or comments to:
webmaster (at) dsn.jhu.edu
TEL: (410) 516-5562
FAX: (410) 516-6134
Distributed Systems and Networks Lab
Computer Science Department
Johns Hopkins University
3400 N. Charles Street Baltimore, MD 21218-2686