We prove a tight lower bound on the communication complexity of secure multicast key distribution protocols in which rekey messages are built using symmetric-key encryption, pseudorandom generators and secret sharing schemes. Our lower bound shows that the amortized cost of updating the group key for each group membership change (as a function of the current group size) is at least log₂(n) - o(1) basic rekey messages. This lower bound matches, up to a subconstant additive term, the upper bound due to Canetti, Garay, Itkis, Micciancio, Naor and Pinkas [Proc. of Infocomm 1999], who showed that log₂(n) basic rekey messages (each time a user joins and/or leaves the group) are sufficient. Our lower bound is, thus, optimal up to a small, subconstant additive term. The result of this paper considerably strengthens previous lower bounds by Canetti, Malkin and Nissim [Proc. of Eurocrypt 1999] and Snoeyink, Suri and Varghese [Computer Networks 47(3):2005], which allowed for neither the use of pseudorandom generators and secret sharing schemes, nor the iterated (nested) application of the encryption function. Our model (which allows for arbitrarily nested combinations of encryption, pseudorandom generators and secret sharing schemes) is much more general, and, in particular, encompasses essentially all known multicast key distribution protocols of practical interest.