To improve the security of unicasting or multicasting within a cluster, a novel key reference scheme of a cluster-shared key chain for all the cluster members is proposed. Even though a cluster shares all the keys of a key chain, every member uniquely makes use of a different key out of the key chain as a one-time encrypting key and such a key is privately known by only its desirable receiver(s). We discuss its resource overheads in memory, communication and computation as well as resiliency against known-key attacks.