Simple and Fault-Tolerant Key Agreement for Dynamic Collaborative Groups David Insel John Stephens Shawn Smith Shaun Jamieson.

Slides:

Advertisements

Similar presentations

Chapter 5: Tree Constructions

Advertisements

COL 106 Shweta Agrawal, Amit Kumar

A Survey of Key Management for Secure Group Communications Celia Li.

1 AVL Trees. 2 AVL Tree AVL trees are balanced. An AVL Tree is a binary search tree such that for every internal node v of T, the heights of the children.

AVL Trees1 Part-F2 AVL Trees v z. AVL Trees2 AVL Tree Definition (§ 9.2) AVL trees are balanced. An AVL Tree is a binary search tree such that.

1 AVL Trees (10.2) CSE 2011 Winter April 2015.

Chapter 4: Trees Part II - AVL Tree

AVL Trees COL 106 Amit Kumar Shweta Agrawal Slide Courtesy : Douglas Wilhelm Harder, MMath, UWaterloo

B+-Trees (PART 1) What is a B+ tree? Why B+ trees? Searching a B+ tree

KAIS T Distributed Collaborative Key Agreement and Authentication Protocols for Dynamic Peer Groups IEEE/ACM Trans. on Netw., Vol. 14, No. 2, April 2006.

AA Trees another alternative to AVL trees. Balanced Binary Search Trees A Binary Search Tree (BST) of N nodes is balanced if height is in O(log N) A balanced.

Balanced Search Trees. 2-3 Trees Trees Red-Black Trees AVL Trees.

B-Trees. Motivation for B-Trees Index structures for large datasets cannot be stored in main memory Storing it on disk requires different approach to.

Data Structures and Algorithms1 B-Trees with Minimum=1 2-3 Trees.

Secure Multicast (II) Xun Kang. Content Batch Update of Key Trees Reliable Group Rekeying Tree-based Group Diffie-Hellman Recent progress in Wired and.

Distributed Collaborative Key Agreement Protocols for Dynamic Peer Groups Patrick P. C. Lee, John C. S. Lui and David K. Y. Yau IEEE ICNP 2002.

Other time considerations Source: Simon Garrett Modifications by Evan Korth.

Course Review COMP171 Spring Hashing / Slide 2 Elementary Data Structures * Linked lists n Types: singular, doubly, circular n Operations: insert,

Trees and Red-Black Trees Gordon College Prof. Brinton.

B + -Trees (Part 1). Motivation AVL tree with N nodes is an excellent data structure for searching, indexing, etc. –The Big-Oh analysis shows most operations.

B-Trees. CSM B-Trees 2 Motivation for B-Trees So far we have assumed that we can store an entire data structure in main memory What if we have so.

P2P Course, Structured systems 1 Introduction (26/10/05)

Binary Trees – Part I CS 367 – Introduction to Data Structures.

Binary Trees Chapter 6.

CSC 213 – Large Scale Programming. Today’s Goals  Review a new search tree algorithm is needed  What real-world problems occur with old tree?  Why.

CPSC 335 BTrees Dr. Marina Gavrilova Computer Science University of Calgary Canada.

IntroductionIntroduction  Definition of B-trees  Properties  Specialization  Examples  2-3 trees  Insertion of B-tree  Remove items from B-tree.

More Trees Multiway Trees and 2-4 Trees. Motivation of Multi-way Trees Main memory vs. disk ◦ Assumptions so far: ◦ We have assumed that we can store.

Storage CMSC 461 Michael Wilson. Database storage  At some point, database information must be stored in some format  It’d be impossible to store hundreds.

Searching: Binary Trees and Hash Tables CHAPTER 12 6/4/15 Nyhoff, ADTs, Data Structures and Problem Solving with C++, Second Edition, © 2005 Pearson Education,

Lecture 10 Trees –Definiton of trees –Uses of trees –Operations on a tree.

B-Trees. CSM B-Trees 2 Motivation for B-Trees So far we have assumed that we can store an entire data structure in main memory What if we have so.

Secure Group Communication Shaun Jamieson Shawn Smith John Stephens William Heinbockel.

Chapter 6 Binary Trees. 6.1 Trees, Binary Trees, and Binary Search Trees Linked lists usually are more flexible than arrays, but it is difficult to use.

Binary Trees, Binary Search Trees RIZWAN REHMAN CENTRE FOR COMPUTER STUDIES DIBRUGARH UNIVERSITY.

© 2006 Pearson Addison-Wesley. All rights reserved13 B-1 Chapter 13 (continued) Advanced Implementation of Tables.

Beyond (2,4) Trees What do we know about (2,4)Trees? Balanced

Chapter 13 B Advanced Implementations of Tables – Balanced BSTs.

Content Addressable Network CAN. The CAN is essentially a distributed Internet-scale hash table that maps file names to their location in the network.

CSCE 3110 Data Structures & Algorithm Analysis AVL Trees Reading: Chap. 4, Weiss.

Data Structures Balanced Trees 1CSCI Outline  Balanced Search Trees 2-3 Trees Trees Red-Black Trees 2CSCI 3110.

2-3 Trees, Trees Red-Black Trees

B + -Trees. Motivation An AVL tree with N nodes is an excellent data structure for searching, indexing, etc. The Big-Oh analysis shows that most operations.

A secure re-keying scheme Introduction Background Re-keying scheme User revocation User join Conclusion.

2-3 Tree. Slide 2 Outline  Balanced Search Trees 2-3 Trees Trees.

Starting at Binary Trees

© 2010 Pearson Addison-Wesley. All rights reserved. Addison Wesley is an imprint of CHAPTER 12: Multi-way Search Trees Java Software Structures: Designing.

The School of Electrical Engineering and Computer Science (EECS) CS/ECE 419/478 Applied Cryptography ADVANCED KEY ESTABLISHMENT AND GROUP KEY MANAGEMENT.

Chapter 2: Basic Data Structures. Spring 2003CS 3152 Basic Data Structures Stacks Queues Vectors, Linked Lists Trees (Including Balanced Trees) Priority.

SAODV and Distributed Key Management Mark Guzman, Jeff Walter, Dan Bress, Pradhyumna Wani.

CE 221 Data Structures and Algorithms Chapter 4: Trees (Binary) Text: Read Weiss, §4.1 – 4.2 1Izmir University of Economics.

CS 61B Data Structures and Programming Methodology Aug 7, 2008 David Sun.

1 Chapter 7 Objectives Upon completion you will be able to: Create and implement binary search trees Understand the operation of the binary search tree.

Binary Search Trees (BSTs) 18 February Binary Search Tree (BST) An important special kind of binary tree is the BST Each node stores some information.

Rooted Tree a b d ef i j g h c k root parent node (self) child descendent leaf (no children) e, i, k, g, h are leaves internal node (not a leaf) sibling.

BATON A Balanced Tree Structure for Peer-to-Peer Networks H. V. Jagadish, Beng Chin Ooi, Quang Hieu Vu.

1 Joe Meehean. A A B B D D I I C C E E X X A A B B D D I I C C E E X X  Terminology each circle is a node pointers are edges topmost node is the root.

CMSC 202, Version 5/02 1 Trees. CMSC 202, Version 5/02 2 Tree Basics 1.A tree is a set of nodes. 2.A tree may be empty (i.e., contain no nodes). 3.If.

1 Binary Search Trees  Average case and worst case Big O for –insertion –deletion –access  Balance is important. Unbalanced trees give worse than log.

1 Diffie-Hellman (Key Exchange) Protocol Rocky K. C. Chang 9 February 2007.

Trees By JJ Shepherd. Introduction Last time we discussed searching and sorting in a more efficient way Divide and Conquer – Binary Search – Merge Sort.

More Trees. Outline Tree B-Tree 2-3 Tree Tree Red-Black Tree.

B+-Tree Deletion Underflow conditions B+ tree Deletion Algorithm

Multiway Search Trees Data may not fit into main memory

(edited by Nadia Al-Ghreimil)

CSC 774 Advanced Network Security

Group Key Management Scheme for Simultaneous Multiple Groups with Overlapped Membership Andrew Moore 9/27/2011.

(edited by Nadia Al-Ghreimil)

Distributed security – Dynamic Group Key Management by Jaman Bhola

Combinatorial Optimization of Multicast Key Management

Presentation transcript:

Simple and Fault-Tolerant Key Agreement for Dynamic Collaborative Groups David Insel John Stephens Shawn Smith Shaun Jamieson

Outline Algorithm Join: a new member is added to the group Merge: a subgroup is added to the group Leave:a member is removed from the group Partition: a subgroup is split from the group Key Refresh:The group key is updated Tree Management

Algorithm Each member note is a Leaf in the tree, and is connected by an intermediate node. for each member, there is a public (blinded) key and a private key the public key would be calculated by using a modular function such as Diffie-Hellman public key = f( private key ) for each pair of nodes connected by an intermediate node, a given member can calculate a key for the intermediate node by using that member's key and the other node's public key using the given function: key = ( public key ) ^ ( private key ) mod p where 'p' is some prime by applying this to the node path up to the root, a given member can calculate an overall group key for security purposes, this group key is then hashed, and then used to encrypt the transmission also for security purposes, at lease one member needs to change their key so the group key is different for each transmission

Join Steps: 1. new member sends a join request message containing his blind key 2. Determine the insertion node to be either 2a) rightmost leave node in the subtree in an unbalanced tree or 2b) joining the root node 3. The sponsor (the one that the new member will "attach to") creates a new intermediate node to separate itself from the insertion point 4. The new intermediate node is promoted to become the parent of the sponsor and the new node 5. New member is added to tree and group key is regenerated using new set of blind keys. 6. Sponsor broadcasts the new key to the group.

Merge Merge protocol: A group merge is basically a multiple node addition. It can be voluntary or involuntary, and may be the result of 'network fault heal' or an 'explicit (application-driven) merge'. Step1: The sponsor (the rightmost node) of each group broadcasts its tree information (blinded keys) to the other group. Step2: Once received, each group member can uniquely and independently determine the merge position of the tree. Step2a: If the trees are the same height they merge at the root. An 'insertion node' is generated with the two former root nodes as its children Step2b: If the trees are not the same height the insertion node is the rightmost shallowest node, where the join doesn't increase the height of the tree. If such a join point cannot be found merge at the root as described in 2a.

Leave The leaving node is removed from the tree Any siblings are promoted to replace the node’s parent node The sponsor picks a new secret share Then the sponsor computes all keys on its path up to the root Finally the new set of blinded keys is broadcast to the group

Partition Protocol: 1. Every member updates its tree by deleting all partitioned members and their respective parent nodes. This is done in the following manner: a. All leaving nodes are sorted in order of depth. b. Starting at the deepest level, each pair of siblings is collapsed into its parent and marked as leaving. c. The node is then moved to the "leaving nodes" list. d. Steps b & c are repeated for all leaving nodes. e. For each [parent] node in the "leaving nodes" list, one of their children is not leaving. f. For each node, a sponsor is identified and using the LEAVE PROTOCOL, they are removed. 2. Each sponsor computes the keys and blinded keys on its key-path as far up the tree as possible. 3. Each sponsor broadcasts the set of new blinded keys. 4. Upon reception of the broadcast, each member checks to see whether the message contains a new blinded key. 5. Steps 2-4 are repeated until all members obtain the group key (the group key can be computed if the member has all the blinded keys on its co-path). 6. To prevent from re-using an old key, one of the members changes its key share. 7. Each member detects the end of the partition protocol independently - it is complete once the member knows all the blinded keys (and thus can compute the group key).

Key Refresh Basically a special case of leave Right most member leaves and Re-joins Could be considered a null leave

Tree Management As a special note balanced trees are desired. The modular exponentiation used in TGHD can be quite expensive. Moreover, the number of these exponentiations for membership events varies, depending on the tree structure. Examples: Joining at the root requires exactly two modular exponentiations. A join to a leaf node requires [log2 n] where n is the current number of users. This shows that joining at the root always requires the minimal number of exponentiations for additive membership operations. However, if n members join to the root, then the tree becomes unbalanced (similar to linked lists). And IF a member in the deepest node leaves the group, n- 1 exponentiations are required. Conversely, if a key tree is fully balanced the number of exponentiations is [log2 n]. All this being said, a well-balanced tree reduces the cost of leaves. And thus the reason this protocol chooses the insertion to be the right most shallowest node which does not increase the height