به نام آنکه هستی نام از او یافت بسم الله الرحمن الرحیم به نام آنکه هستی نام از او یافت

Key Management in Group Communication Mohammad Dakhilalian Electrical and Computer Faculty, Isfahan University of Technology (IUT)

Topics Introduction Key Management Key Management in Group Communication Centralized Distributed Decentralized

Introduction Group communication: a means for providing multi-point to multi-point communication, by organizing processes in groups. Efficiency: using minimum resources and hence saving bandwidth.

Examples Video conference Radar Tracking VPN On-line Chat On-line playing ...

Introduction Dynamic Group Communication has an active membership section, Join Leave Merge Partition

Is Security Important?

C I A Is Security Important? Confidentiality Integrity Availability Using Cryptography Algorithms as a trivial Solution. I C A

Topics Introduction Key Management Key Management in Group Communication Centralized Distributed Decentralized

Key Management Architecture Secure Applications Authorization, Access control, Non-repudiation … Encryption, Authentication Key Management

Key Management Administration and use of the services of generation, registration, certification, distribution, installation and destruction of keying material. The objective of key management is the secure administration and use of these management services and therefore the protection of keys is extremely important.

Definitions Key agreement Key confirmation Entity authentication Key Distribution Centre (KDC) Key Translation Centre (KTC) Certification Authority (CA)

Key Management Techniques Mechanisms using Symmetric Algorithms Pre-shared key Using KDC Using KTC Mechanisms using Asymmetric Algorithms Certificate based (or using a TTP) ID (Identity) based

Example (Pre-Shared key) A , NA A B B , {KB , NB , NA}KAB A , {KA , NA , NB}KAB K=g(KA ,KB)

Example (KDC) KDC = KA = KB Generates KAB A, B, N, {A,T}KA {B,N,KAB}KA, {A,KAB}KB A B {A,T}KAB, {A,KAB}KB KAB KAB

Example (KTC) KTC = KA = KB Translates KAB A, {KAB , B}KA {A,KAB}KB A

Example (Certificate) B , N,CertB A B CertA , [{N, KAB}PKB]SKA PK : Public Key SK : Secret Key

How ID Based works in practice Alice sends a Message to Bob Key Server Receives Private Key for bob@b.com 3 Requests private key, authenticates 2 bob@b.com Notes: Alice encrypts with Bob’s ID, here email address No key lookup is required Bob is not provisioned yet – ad hoc In a PKI system, Bob generates key himself – In IBE no longer possible. Ig Bob could, so could everyone else Instead bob goes to a key server Only Key server can generate the key Bob authenticates Bob gets key decrypts alice@a.com bob@b.com Alice encrypts with bob@b.com 1 Bob decrypts with Private Key 4

Topics Introduction Key Management Key Management in Group Communication Centralized Distributed Decentralized

Key Management in SGC (Secure Group Communication) Establishment and maintenance of key (Group Key) between valid parties according to a security policy being enforced on the group.

… Simple Group Rekeying KDC k = Group key KDC {k}k1 … {k}k8 {k}k2 k1 k2 k3 k4 k5 k6 k7 k8 The cost of using the simple scheme in large groups is very high. u1 u2 u3 u4 u5 u6 u7 u8

Group Key Management Criteria Scalability Robustness Anonymity Dynamic Forward, Backward Secrecy Collusion Transmission Efficiency Computational Efficiency

Key Management Role Providing member identification and authentication. Access control. Generation, distribution and installation of key material.

Different Approaches to Group Key Management. Centralized Distributed Decentralized

Centralized group key management The efficiency of protocols can be measured by: Storage requirements. Size of messages. Backwards and forward secrecy. Collusion

The solution has no forward secrecy Example k1 k2 u1 u2 k3 k4 u3 u4 k5 k6 u5 u6 k7 k8 u7 u8 KDC Broadcast {knew }kold The solution has no forward secrecy

Example LKH (Logical key Hierarchy) u1 u2 u3 u4 u5 u6 u7 u8

LKH Join {k’}k’14 {k’}k58 {k’14}k12 {k’14}k’34 {k’34}k3 {k’34}k4 k k’ u1 u2 u3 u4 u5 u6 u7 u8

LKH Leave {k’}k14 {k’}k’58 {k’56}k’56 {k’78}k78 {k’56}k6 k’ k k14 k’58 u1 u2 u3 u4 u5 u6 u7 u8

Example OFT (One way Function Tree) Join k k’ k13 k’14 k58 k12 k34 k’34 k56 k78 k1 k2 k3 k4 k5 k6 k7 k8 u1 u2 u3 u4 u5 u6 u7 u8

OFT Leave k’ k k14 k’14 k58 k12 k34 k’4 k56 k78 k1 k2 k3 k3 k4 k5 k6 u1 u2 u3 u4 u5 u6 u7 u8

Topics Introduction Key Management Key Management in Group Communication Centralized Distributed Decentralized

Distributed group key management The efficiency of protocols can be measured by: Number of rounds Number of messages. Processing during setup.

Example (CLIQUES): (Group Diffie-Helman Key Exchange) K= gk1k2k3k4 k4 gk2k3k4 , gk1k3k4 ,gk1k2k4 Broadcast gk1k2 ,gk1k3 , gk2k3 ,gk1k2k3 K= gk1k2k3k4 K= gk1k2k3k4 K= gk1k2k3k4 gk1 gk1 , gk2 ,gk1k2 k1 k2 k3 u1 u2 u3

Example(STR): k k14 k5 k13 k4 k12 k3 k1 k2 Blinding function u5 u4 u3

STR- Join k’ k k’14 k5 sponsor k13 k’4 k4 u5 k12 k3 u4 k1 k2 u3 u1 u2

STR -Leave k k’ k’14 k14 k5 k13 k4 k12 k’12 k3 k3 sponsor k1 k2 k’2 u5

TGDH join k k’ k14 k58 k’58 sponsor k12 k34 k56 k’7 k’78 k7 k1 k2 k3 u1 u2 u3 u4 u5 u6 u7 u8

TGDH leave k k’ k14 k58 k’58 k12 k34 k56 k78 sponsor k1 k2 k3 k4 k’5 u1 u2 u3 u4 u5 u6 u7 u8

Topics Introduction Key Management Key Management in Group Communication Centralized Distributed Decentralized

Decentralized group key management The efficiency of protocols can be measured by: Key independence. Decentralized controller. Local rekeying. Rekeying per membership. Type of communication. Keys versus Data path

IOLUS hierarchy k4 k3 GSA3 GSA4 k1 k6 GSA1 GSA6 k2 k5 GSA2 GSA5

Intra-Domain Group Key Management Elements All-KD-group k DKD k AKD 1 k AKD 2 k AKD 3 m m m m m m m m m k1 k2 k3 Local area group Local area group Local area group

Summary Definition of Group Communication (GC) and Secure GC(SGC) Key Management with emphasis on Key Agreement Type of Key Management Approach in Group Communication and their examples (LKH,OFT,CLIQUES,STR,TGDH,IOLUS,IGKMP)

با تشکر از تمامی شرکت کنندگان در جلسه با تشکر از تمامی شرکت کنندگان در جلسه