slide 1 Comparison of Inter-Area Rekeying Algorithms for Secure Mobile Group Communication C. Zhang*, B. DeCleene +, J. Kurose*, D. Towsley* * Dept. Computer Science University of Massachusetts/Amherst Amherst MA USA + ALPHATECH Burlington MA USA Performance 2002 in Rome

slide 2 Overview  introduction: hierarchical key management in a mobile environment  four key management algorithms  performance models  results  summary

slide 3 Scenario:  many mobile nodes requiring encrypted communication  symmetric data key used for encryption  rekey when member joins domain (backward confidentiality)  rekey when member leaves domain (forward confidentiality) Scalable, Secure Group Management Q: How to perform scalable rekeying given mobility? DKD … … AKD 1AKD 3 AKD 7AKD 8

slide 4 AKD 1AKD 3 AKD 7AKD 8 Efficient, scalable, secure group management  Hierarchical key distribution: domain divided into areas  area key distributor (AKD) distributes data key within area  per-area key to encrypt rekeying within area  exploit multicast communication within area DKD … … transfer leave join  Q: key management given mobility in/out/among areas

slide 5 Overview  introduction: hierarchical key distribution in a mobile environment  four key management algorithms  performance models  results  summary and future work

slide 6 SR: Static Rekeying  inter-AS communication during rekeying: inter-AS multicast AKD Static (SR)  node always belongs to same area move data key AS 1 AS 2  performance degradation: multiple data keys sent to an AS ( …)

slide 7 BR: Baseline Rekeying Baseline Rekeying (BR)  AS = area  move between ASs = transition between areas AKD join transfer leave data key AS 2 AS 1  inter-area-transfer implemented as domain leave/join  domain leave: area key rekey, data key rekey  domain join : area key rekey, data key rekey

slide 8 IR: Immediate Rekeying Immediate Rekeying (IR)  no data key rekeying during transition  area keys ( ) are rekeyed  credentials passed between AKDs to implement transfer of security relationship AKD data key AS 2 AS 1 join transfer leave

slide 9 FEDRP: First Entry Delayed Rekey (Periodic) First Entry Delayed Rekey (FEDRP)  area key rekeyed only on first entry to area and domain leave holding the area key AKD data key AS 2 AS 1 transfer  periodic rekey (optional): bound outside member area key holding time  no area key rekey for visit other than 1 st time  no area key rekeying when transferring out  mobile holds area keys while moving within domain

slide 10 Overview  introduction: hierarchical key distribution in a mobile environment  four key management algorithms  performance models  results  summary and future work

slide 11 Analysis Overview Performance metrics:  communication:  key-related msg rate within AS i  key-related msg rate out of AS i  computation: area key rekey rate  security: #(area keys) held by area member Modeling approach:  M areas  Poisson arrivals ( ) of new members to domain  exponential sojourn time within AS  inter-AS member mobility: Markov process

slide 12 Analysis Details  model each AS as M/M/ ∞ queue  1/  i (i  {1,…,M}) : average sojourn time in AS i per visit  state i (i  {1,…,M}) : inside domain, in AS i state M+1: outside domain  P = [p i,j ] (i,j  {1,…,M+1}) : state transition probability   = [  i ] (i  {1,…,M}) : area key periodic rekey interval (FEDRP)  compute occupancy probabilities for AS i  achieve performance metric of interest

slide 13 Analysis Summary:  SR, BR, IR  closed form solutions  FEDRP  further assumptions needed: (domain leave and period rekey) area rekeying is Poisson  solved as a fixed point problem  validated by DaSSF simulator

slide 14 Overview  introduction: hierarchical key distribution in a mobile environment  four key management algorithms  performance models  results  summary

slide 15 Message Rate within an AS FEDRP(1/δ=0): smallest msg rate, except with high mobility M=16, =100, 1/  = 1, HOMOGEMEOUS 10m 100m 1km Foot Urban HWY FootUrban HWY Foot Urban

slide 16 Message Rate out of an AS SR: higher inter-AS communication

slide 17 Area Key Rekey Rate FEDRP: rekey rate bounded by 2 +1/  i 1200=2* =2* =2*100+0

slide 18 Average #Area Keys held by a member FEDRP: # area keys held small except with high mobility

slide 19 same trend as homogeneous case small difference among areas Heterogeneous Case : 2D Random Walk  thus far: “transporter” mobility model - member can move directly from any AS to any other AS  2D random walk: only move to neighboring AS IR FEDRP AB BC BA CB BC AB CB BA

slide 20 Summary performance analysis of four inter-area rekey algorithms addressing the mobility issue  analytic performance models  modeling heterogeneous mobility such as “2D random walk”  FEDRP has lowest communication costs, and low computation costs  FEDRP allows to hold small number of area keys  SR performs better in highly mobile scenarios  cost: higher inter-AS communication

slide 21 Thanks

slide 22 Applications  large scale military  law enforcement  disaster recovery  business

slide 23 Future Work  data throughput  impact of loss and latency  authentication overhead  effect of LKH

slide 24 Thanks