Merge Protocol

 

As we discuss in section 3, network faults can partition a group into several subgroups. After the network faults heal, subgroups may re-merge. We describe the merge protocol for two merging groups.

In the first round of the merge protocol, each sponsor(the rightmost member of each group) broadcasts its tree information with all blinded keys to the other group. Upon receiving this message, all members can uniquely and independently determine the merge position of the two trees. If the two trees have the same height, we join one tree to the root node (insertion node) of the other tree. Otherwise, the trees are of different height and we join the shallower tree to the deeper tree. The insertion node can be: 1) the rightmost shallowest node (not necessarily a leaf node), where the join does not increase the height of the tree, and 2) the root node, if join to any other node increases the height of the key tree.

The rightmost member of the subtree rooted at the joining location becomes the sponsorof the key update operation. The sponsorcomputes every key on the key-path and the corresponding blinded key. It, then, broadcasts the tree with the blinded keys to the other members. All members now have the complete set of blinded keys, which allows them to compute all keys on their key path.

Figure 7 shows an example, where the sponsors$M$₂ and $M$₇ broadcast their trees ($T$₂ and $T$₇) containing all the blinded keys, along with $BK$₂ and $BK$₇. Upon receiving these broadcast messages, every member checks whether it is the sponsorin the second round. Every member in both groups merges two trees, and then $M$₂, the sponsorin this example updates the key tree and computes and broadcasts blinded keys.

    
Figure 7: Tree updating in merge operation
Figure 6: Merge Protocol