KAIS T Distributed Collaborative Key Agreement and Authentication Protocols for Dynamic Peer Groups IEEE/ACM Trans. on Netw., Vol. 14, No. 2, April 2006.

Slides:



Advertisements
Similar presentations
Fast and Secure Universal Roaming Service for Mobile Internet Yeali S. Sun, Yu-Chun Pan, Meng-Chang Chen.
Advertisements

A Survey of Key Management for Secure Group Communications Celia Li.
A hierarchical key management scheme for secure group communications in mobile ad hoc networks Authors: Nen-Chung Wang and Shian-Zhang Fang Sources: The.
Group Protocols for Secure Wireless Ad hoc Networks Srikanth Nannapaneni Sreechandu Kamisetty Swethana pagadala Aparna kasturi.
Distribution and Revocation of Cryptographic Keys in Sensor Networks Amrinder Singh Dept. of Computer Science Virginia Tech.
1 Performance Char’ of Region- Based Group Key Management --- in Mobile Ad Hoc Networks --- by Ing-Ray Chen, Jin-Hee Cho and Ding-Chau Wang Presented by.
Fall, Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style A Survey on Decentralized Group Key Management Schemes.
Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 5 Group Key Management.
SplitStream: High- Bandwidth Multicast in Cooperative Environments Monica Tudora.
URSA: Providing Ubiquitous and Robust Security Support for MANET
An Improvement on Authenticated Key Agreement Scheme Authors: Chin-Chen Chang and Shih-Yi Lin Source: 2007 International Conference on Intelligent Pervasive.
KAIS T Scalable Key Management for Secure Multicast Communication in the Mobile Environment Jiannong Cao, Lin Liao, Guojun Wang Pervasive and Mobile Computing.
Secure and Efficient Key Management in Mobile Ad Hoc Networks Bing Wu, Jie Wu, Eduardo B. Fernandez, Mohammad Ilyas, Spyros Magliveras Department of Computer.
1.1 Distributed and Collaborative Key Agreement Protocols with Authentication and Implementation for Dynamic Peer Groups Patrick Pak-Ching LEE.
Secure Multicast (II) Xun Kang. Content Batch Update of Key Trees Reliable Group Rekeying Tree-based Group Diffie-Hellman Recent progress in Wired and.
1 Authenticated key agreement without using one-way hash functions Harn, L.; Lin, H.-Y. Electronics Letters, Volume: 37 Issue: 10, 10 May 2001 Presented.
1 Dynamic Key-Updating: Privacy- Preserving Authentication for RFID Systems Li Lu, Lei Hu State Key Laboratory of Information Security, Graduate School.
Secure Multicast Xun Kang. Content Why need secure Multicast? Secure Group Communications Using Key Graphs Batch Update of Key Trees Reliable Group Rekeying.
1 Security analysis of an enhanced authentication key exchange protocol Authors : H.Y. Liu, G.B. Horng, F.Y. Hung Presented by F.Y. Hung Date : 2005/5/20.
Cryptography1 CPSC 3730 Cryptography Chapter 10 Key Management.
Secure Group Communications Using Key Graphs Chung Kei Wong, Member, IEEE, Mohamed Gouda Simon S. Lam, Fellow, IEEE Evgenia Gorelik Yuksel Ucar.
Distributed Collaborative Key Agreement Protocols for Dynamic Peer Groups Patrick P. C. Lee, John C. S. Lui and David K. Y. Yau IEEE ICNP 2002.
A Secure Network Access Protocol (SNAP) A. F. Al Shahri, D. G. Smith and J. M. Irvine Proceedings of the Eighth IEEE International Symposium on Computers.
LPT for Data Aggregation in Wireless Sensor networks Marc Lee and Vincent W.S Wong Department of Electrical and Computer Engineering, University of British.
The Diffie-Hellman Algorithm Riley Lochridge April 11, 2003.
Group Key Distribution Chih-Hao Huang
Slide 1 Comparison of Inter-Area Rekeying Algorithms for Secure Mobile Group Communication C. Zhang*, B. DeCleene +, J. Kurose*, D. Towsley* * Dept. Computer.
Computer Science 1 CSC 774 Advanced Network Security Secure Group Communications Using Key Graphs Presented by: Siddharth Bhai 9 th Nov 2005.
Hierarchical agent-based secure and reliable multicast in wireless mesh networks Yinan LI, Ing-Ray Chen Robert Weikel, Virginia Sistrunk, Hung-Yuan Chung.
Simple and Fault-Tolerant Key Agreement for Dynamic Collaborative Groups David Insel John Stephens Shawn Smith Shaun Jamieson.
Overlay Network Physical LayerR : router Overlay Layer N R R R R R N.
Robust Sharing of Secrets when the Dealer Is Honest or Cheating Tal Rabin 1994 Brian Fry COEN
Secure Group Communication: Key Management by Robert Chirwa.
Project guide Dr. G. Sudha Sadhasivam Asst Professor, Dept of CSE Presented by C. Geetha Jini (07MW03)
Trust- and Clustering-Based Authentication Service in Mobile Ad Hoc Networks Presented by Edith Ngai 28 October 2003.
Secure Group Communication Shaun Jamieson Shawn Smith John Stephens William Heinbockel.
Fall, Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Collusion-Resistant Group Key Management Using Attribute-
Content Addressable Network CAN. The CAN is essentially a distributed Internet-scale hash table that maps file names to their location in the network.
Cryptanalysis and Improvement of an Access Control in User Hierarchy Based on Elliptic Curve Cryptosystem Reporter : Tzer-Long Chen Information Sciences.
1 Distributed and Collaborative Key Agreement Protocols with Authentication and Implementation for Dynamic Peer Groups Patrick P. C. Lee.
A secure re-keying scheme Introduction Background Re-keying scheme User revocation User join Conclusion.
The School of Electrical Engineering and Computer Science (EECS) CS/ECE 419/478 Applied Cryptography ADVANCED KEY ESTABLISHMENT AND GROUP KEY MANAGEMENT.
K-Anycast Routing Schemes for Mobile Ad Hoc Networks 指導老師 : 黃鈴玲 教授 學生 : 李京釜.
SAODV and Distributed Key Management Mark Guzman, Jeff Walter, Dan Bress, Pradhyumna Wani.
Optimal Batch Rekeying for Secure Group Communications in Wireless Networks Authors: Jin-Hee Cho, Ing-ray Chen, Mohamed Eltoweissy Presented by Niharika.
Group Key Distribution Xiuzhen Cheng The George Washington University.
R-Trees: A Dynamic Index Structure For Spatial Searching Antonin Guttman.
J.-H. Cho, I.-R. Chen, M. Eltoweissy ACM/Springer Wireless Networks, 2007 Presented by: Mwaffaq Otoom CS5214 – Spring © 2007 On optimal batch re-keying.
An Adaptive Protocol for Efficient & Secure Multicasting in Wireless LANS Sandeep Gupta & Sriram Cherukuri Arizona State University
Weichao Wang, Bharat Bhargava Youngjoo, Shin
A Dynamic Query-tree Energy Balancing Protocol for Sensor Networks H. Yang, F. Ye, and B. Sikdar Department of Electrical, Computer and systems Engineering.
Efficient Group Key Management in Wireless LANs Celia Li and Uyen Trang Nguyen Computer Science and Engineering York University.
Password-based user authentication and key distribution protocols for client-server applications Authors: Her-Tyan Yeh and Hung-Min Sun Sources: The Journal.
Algorithms and Techniques in Structured Scalable Peer-to-Peer Networks
MITRE 7 April 2009 CS 5214 Presenter: Phu-Gui Feng Performance Analysis of Distributed IDS Protocols for Mobile GCS Dr. Jin-Hee Cho, Dr. Ing-Ray Chen MITRE.
Security Kim Soo Jin. 2 Contents Background Introduction Secure multicast using clustering Spatial Clustering Simulation Experiment Conclusions.
1 Authenticated Key Exchange Rocky K. C. Chang 20 March 2007.
Diffie-Hellman Key Exchange first public-key type scheme proposed by Diffie & Hellman in 1976 along with the exposition of public key concepts – note:
KAIS T A Secure Group Key Management Scheme for Wireless Cellular Network Hwayoung Um and Edward J. Delp, ITNG’ Kim Pyung.
Dynamic Proxy Tree-Based Data Dissemination Schemes for Wireless Sensor Networks Wensheng Zhang, Guohong Cao and Tom La Porta Department of Computer Science.
Computer Science Authenticated Group Key Agreement and Friends Giuseppe Ateniese, Michael Stiener and Gene Tsudik Presented by Young Hee Park November.
Presented by Edith Ngai MPhil Term 3 Presentation
Qiong Zhang, Yuke Wang Jason P, Jue 2008
CSC 774 Advanced Network Security
Efficient State Update for Key Management
به نام آنکه هستی نام از او یافت
Date:2011/09/28 報告人:向峻霈 出處: Ren-Chiun Wang  Wen-Shenq Juang 
Design and Implementation of SUPnP Networks
Distributed security – Dynamic Group Key Management by Jaman Bhola
Key Management Protocols
Presentation transcript:

KAIS T Distributed Collaborative Key Agreement and Authentication Protocols for Dynamic Peer Groups IEEE/ACM Trans. on Netw., Vol. 14, No. 2, April 2006 Patrick P. C. Lee, at el. Hyeongseop Shim NS Lab, Div. of CS November 6, 2007

2 / 21 Contents Introduction Tree-Based Group Diffie-Hellman (TGDH) Protocol Interval-Based Distributed Rekeying Algorithms Rebuild Algorithm Batch Algorithm Queue-Batch Algorithm Performance Evaluation Authenticated TGDH Conclusion

3 / 21 Introduction Emergence of group-oriented distributed applications Necessity to provide group communication privacy Distributed group key group key agreement Comparison with centralized group key management No centralized key server Increase in system reliability

4 / 21 TGDH Protocol (1/2) Key tree in tree-based group Diffie-Hellman protocol Blinded key BK v BK v = α Kv mod p Secret key K v K v = (BK 2v+1 ) K 2v+2 mod p = (BK 2v+2 ) K 2v+1 mod p = α K 2v+1 K 2v+2 mod p Secret key at a leaf node is selected randomly Every member M i can compute the keys along its key path to the root Sponsor Responsible for updating keys held by the new or departed member Rightmost member under the subtree rooted at the sibling of the join and leave nodes

5 / 21 TGDH Protocol (2/2) Rekeying operation Single leave Single join

6 / 21 Interval-Based Rekeying Algorithms (1/4) Overview Constant rekeying frequency regardless of the dynamic join and leave Delay of the update of the group key Tradeoff of weakening both backward and forward secrecy Proposed algorithms Rebuild algorithm Batch algorithm Queue-batch algorithm

7 / 21 Interval-Based Rekeying Algorithms (2/4) Rebuild algorithm Reconstructs the whole key tree with the remaining and joining members Resulting tree is a left-complete tree

8 / 21 Interval-Based Rekeying Algorithms (3/4) Batch algorithm L > J > 0 J > L > 0

9 / 21 Interval-Based Rekeying Algorithms (4/4) Queue-batch algorithm Reduces rekeying load by pre-processing the joining members Two phases Queue-subtree phase Queue-merge phase

10 / 21 Performance Evaluation (1/6) Mathematical analysis Two performance measures Number of exponentiation operations Number of renewed nodes Average numbers of exponentiation (J = 128 / 256 / 384) Average number of renewed nodes (J = 128 / 256 / 384)

11 / 21 Performance Evaluation (2/6) Experiment 1 Comparison between individual and interval-based rekeying

12 / 21 Performance Evaluation (3/6) Experiment 2 Average number of exponentiation (P J = 0.25 / 0.5 / 0.75) Average number of renewed nodes (P J = 0.25 / 0.5 / 0.75)

13 / 21 Performance Evaluation (4/6) Experiment 3 Instantaneous number of exponentiation (P J = P L = 0.25 / 0.5 / 0.75) Instantaneous number of renewed nodes (P J = P L = 0.25 / 0.5 / 0.75)

14 / 21 Performance Evaluation (5/6) Experiment 4 Performance of Queue-batch at different reset intervals (P J = 0.5) Reconstruction of the key tree using Rebuild every T R rekeying intervals Robustness in maintaining a relatively balanced tree

15 / 21 Performance Evaluation (6/6) Experiment 5 Average number of rounds (P J = 0.25 / 0.5 / 0.75) Period during which the group members compute the secret key as far up the key tree as they can

16 / 21 Authenticated TGDH (1/5) Overview Provides key authentication for interval-based algorithms Basic idea To couple the session-based group key with the certified permanent private components of the group members Two types of keys Short-term secret and blinded keys Long-term private and public keys Satisfies Perfect forward secrecy Known-key security Key authentication

17 / 21 Authenticated TGDH (2/5) Notations Secret key K v Blinded key BK v Blinded key set BK v ’ Set of BK v ’s respectively encrypted by the long-term private key of every descendant of the sibling of the node v Set of descendants of node v, M v ith member, M i, holds Short-term secret key r Mi, and blinded key α r Mi mod p Long-term private key x Mi, and public key α x Mi mod p Two-party, two-pass AK protocol M1M1 M2M2 α r M1 α r M2 Compute (α x M2 ) r M1 * (α r M2 ) r M1 +x M1 = α r M1 r M2 +r M1 x M2 +r M2 x M1 Compute (α x M1 ) r M2 * (α r M1 ) r M2 +x M2 = α r M1 r M2 +r M1 x M2 +r M2 x M1

18 / 21 Authenticated TGDH (3/5) A-TGDH protocol Association of a node v with K v and BK v ’ Case 1) v is a nonleaf node with child nodes 2v+1 and 2v+2 Case 2) v is a leaf node associated with member M i

19 / 21 Authenticated TGDH (4/5) How A-TGDH works After rekeying, nodes 0, 1 and 2 are renewed 1. Secrete keys of nodes 1 and 2 are computed K 1 = α r M1 r M2 +r M1 x x2 +r M2 x M1 K 2 = α r M3 r M4 +r M3 x x4 +r M4 x M3 2. Sponsor M 1 broadcasts α K 1 x M3 and α K 1 x M4 Sponsor M 2 broadcasts α K 2 x M1 and α K 2 x M2 3. M 1 and M 2 can retrieve α K 2 from α K 2 x M1 and α K 2 x M2 M 3 and M 4 can retrieve α K 1 from α K 1 x M3 and α K 1 x M4 4. Members can compute K 0 = α K 1 K 2 +K 1 (x M3 +x M4 )+K 2 (x M1 +x M2 )

20 / 21 Authenticated TGDH (5/5) Comparison between nonauth and auth Queue-batch (P j = 0.25)

21 / 21 Conclusion Interval-based distributed rekeying algorithms Rebuild Batch algorithm Queue-batch algorithm Evaluation of interval-based algorithms Authenticated group key agreement protocol

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.