About us
Technology Transfer
Secure Spread
Yair Amir
Cristina Nita-Rotaru
John Schultz
Jonathan Stanton

Current News

09/30/2002 Secure Spread 2.1.0 is available. Supports Cliques 1.0.
02/05/2002 Secure Spread 2.0 is available. The major feature is that it supports four additional key agreement protocols, besides GDH. For the new four key agreement protocols, only simple cases are supported for now (join, leave, partition, merge), the only protocol robust to any cascading group events is GDH. For more details see the README file available in the distribution.
02/05/2002 Patch available for Secure Spread. Also patch for Spread 3.16.1 available. Thanks to Frank Cole for providing them. Note that Secure Spread patch should be applied after the patch that solved the message type problem (available below).
01/29/2002 Secure Spread 1.0.0 does not compile out of box with Spread 3.16.1. The reason is that one variable defined by Spread and used by Secure Spread changed its name (MAX_SCATTER_ELEMENTS is now MAX_CLIENT_SCATTER_ELEMENTS). Fix: replace any MAX_SCATTER_ELEMENTS in the Secure Spread distribution tree with MAX_CLIENT_SCATTER_ELEMENTS.
11/15/2001 A patch that solves a problem with the message type for Secure Spread is available. Thanks to Roy Tromble for noticing the problem
07/16/2001 Spread 3.16.0 which is compatible with Secure Spread 1.0.0 was released.
06/01/2001 The Johns Hopkins Information Security Institute becomes a collaborator on the Secure Spread project.
03/30/2001 Secure Spread 1.0.0 available. Note that you still need Spread 3.12 or 3.14 .
03/28/2001 An incompatibility between Secure Spread and Spread 3.15 was reported. Spread 3.12 or 3.14 are required.
11/05/2000 Secure Spread 0.0.3 available.


The Secure Spread project addresses integrating security services with reliable group communication. In particular, it enhances the Spread Toolkit with security services.

Group communication systems are application level multicast systems, providing reliable and ordered (FIFO, Causal, Agreed, Safe) message delivery, and a group membership service. The membership service notifies the upper-level application about every group change and about the list of current group members. Many group communication systems are built around a client-server architecture where a small number of servers provide service to numerous clients.

Confidentiality is the main concern of secure group communication. As using public cryptography tools is very expensive, efficient security services can be provided by means of symmetric cryptography which requires the members of a group to share a secret key.

Secure group communication requires forward and backward secrecy to protect previous or future members of the group to decipher confidential communication. In the context of a dynamic group membership, these requirements make the management of the shared key a challenging problem. Moreover, the interrelation between high-availability and security guarantees are not well understood, especially in the presence of general, possibly cascading, network events.

Our approach uses contributory key agreement methods that proved to provide advantages versus centralized key distribution schemes.

We provide a secure group communication layer and an API that uses a robust contributory key agreement protocol based on the GDH suite protocol developed by the Cliques project. Our key agreement protocol handles processor and network faults (under a fail-stop or crash-and-recover model), asynchronous membership events (such as cascading joins,leaves,merges and network partitions) and is robust to any sequence (possibly cascading) of group membership changes.


Current work consists of providing a practical, scalable secure group communication, by integrating security services into the servers. By hosting the expensive key agreement protocols at the servers we amortize the associated cost over many groups. Using this method, joins and leaves become very fast, while the cost for refreshing the key when partitions and merges occur decreases significantly.

Join Spread mailing list .


Refereed Conferences

  • Y. Amir, C. Nita-Rotaru, J. Stanton and G.Tsudik. Scaling Secure Group Communication Systems: Beyond Peer-to-Peer. To appear in the Proceedings of DISCEX3 Washington DC, April 22-24, 2003. Obsoletes Technical Report CNDS-2002-3, October 2002. [PS], [PS.GZ], [PDF].
  • Y. Amir, Y. Kim, C. Nita-Rotaru, and G. Tsudik. On the Performance of Group Key Agreement Protocols. Published in the Proceedings of the 22th IEEE International Conference on Distributed Computing Systems, Vienna, Austria, July 2-5, 2002, short paper. ps, ps.gz, pdf.
  • Y. Amir, C. Nita-Rotaru, and J. Stanton. Framework for Authentication and Access Control of Client-Server Group Communication Systems In the Proceedings of the Third International Workshop on Networked Group Communication, London, UK November 7-9 2001. ps, ps.gz, pdf.
  • Y. Amir, Y. Kim, C. Nita-Rotaru, J. Schultz, J. Stanton, and G. Tsudik. Exploring Robustness in Group Key Agreement. Published in Proceedings of the 21th IEEE International Conference on Distributed Computing Systems, Phoenix, Arizona, April 16-19, 2001, pp 399-408. ps, ps.gz, pdf.
  • Y. Amir, G. Ateniese, D. Hasse, Y. Kim, C. Nita-Rotaru, T. Schlossnagle, J. Schultz, J. Stanton, and G. Tsudik. Secure Group Communication in Asynchronous Networks with Failures: Integration and Experiments. Published in Proceedings of the 20th IEEE International Conference on Distributed Computing Systems, pp.330--343, Taipei, Taiwan, April 2000. ps, ps.gz,pdf.

Technical Reports

  • Y. Amir, Y. Kim, C. Nita-Rotaru, and G. Tsudik. On the Performance of Group Key Agreement Protocols. Technical Report CNDS-2001-5 Obsoletes Technical Report CNDS-2001-4), Computer Science Department, Johns Hopkins University. October, 2001. ps, ps.gz, pdf.
  • Y. Amir, Y. Kim, C. Nita-Rotaru, J. Schultz, J. Stanton, and G. Tsudik. Exploring Robustness in Group Key Agreement. Technical Report CNDS-2000-4, Computer Science Department, Johns Hopkins University. August, 2000. ps, ps.gz, pdf.
  • C. Nita-Rotaru . The Cost of Adding Security Services to Group Communication Systems. Technical Report CNDS-2000-3, Computer Science Department, Johns Hopkins University. March, 2000. ps, ps.gz, pdf.



Secure Spread 2.0 and 1.0.0 are available. Linux, Solaris, BSDI and FreeBSD supported. With some minimal modification it works on Windows, too. It can be downloaded at


How to generate certificates used by Secure Spread.

Secure Spread Function Interface
  • SSP_version
  • SSP_connect
  • SSP_disconnect
  • SSP_join
  • SSP_leave
  • SSP_get_key
  • SSP_flush
  • SSP_multicast
  • SSP_scat_multicast
  • SSP_receive
  • SSP_scat_receive
  • SSP_poll
  • SSP_error


    E-mail for more information.
    Questions or comments to:
    webmaster (at)
    TEL: (410) 516-5562
    FAX: (410) 516-6134
    Distributed Systems and Networks Lab
    Computer Science Department
    Johns Hopkins University
    3400 N. Charles Street Baltimore, MD 21218-2686