Presentation is loading. Please wait.

Presentation is loading. Please wait.

NSF Faculty Career Award

Published byJosephine Goodman Modified over 6 years ago

Similar presentations

Presentation on theme: "NSF Faculty Career Award"— Presentation transcript:

1 NSF Faculty Career Award 00-93187
Explicit Design of Sub-Linear Trees with Pre-specified Key Update Communication Bound Mingyan Li Radha Poovendran Department of Electrical Engineering University of Washington, Seattle, USA Work Supported by NSF Faculty Career Award Acknowledgment: Dr. Eric J. Harder

2 Mingyan Li and Radha Poovendran
Outline Motivation Key Management Problem Logical Key Hierarchy; One-way Function Tree Tradeoff between Key Update Communication and Storage Hybrid Tree Optimization Problem Design Solutions and Algorithm Numerical Comparison Conclusions We focus on point-to-multipoint multicast.? To control access, symmetric keys protocols are used. An efficient way to deliver identical data to all group memebers is for the group owner to use a single cryptophic key and symmetric key encryption to encrypt and transmit the data. 08/07/2001 Mingyan Li and Radha Poovendran

3 Mingyan Li and Radha Poovendran
Motivation Many real-time network applications involve group communications, e.g., video conferencing When an identical message is to be sent to multiple receivers, multicast is suitable. Sender resources saved Network resources saved Our research focuses on point-to-multiplepoint multicast Sender Receivern Receiver2 Receiver1 Sender Receivern Receiver2 Receiver1 Unicast Multicast We focus on point-to-multipoint multicast.? To control access, symmetric keys protocols are used. An efficient way to deliver identical data to all group memebers is for the group owner to use a single cryptophic key and symmetric key encryption to encrypt and transmit the data. 08/07/2001 Mingyan Li and Radha Poovendran

4 Key Management— Review
Cryptography is one approach to secure multicast. Every group memeber shares the same Session Encryption Key (SEK) SEK has to be updated whenever there is a change in membership (addition/deletion of member(s)) Key Encryption Keys (KEK) are used to encrypt and transmit updated SEK to valid members. Key management problem How to ensure that only valid members have an access to SEK at any given time instance Key management problem reduces to How to distribute KEKs so that all valid members can be securely reached and updated with the new SEK 08/07/2001 Mingyan Li and Radha Poovendran

5 Logical Key Hierarchy (LKH) (with 8 members)
Ko M1 M2 M5 M4 M3 M6 M7 M8 Keys Assigned to M1 Member Leaf Node Root Node M1: {K0, K1.1, K2.1, K3.1} Height: h= logaN (a: the degree) Group size N=8 Virtual/logic key hierarchy/Tree? Each member is uniquely assigned to a leaf node A KEK is assigned to every node A member is assigned the keys from root to its leaf node Storage of KEKs Group controller (GC): Member: Update Comm. : 08/07/2001 Mingyan Li and Radha Poovendran

6 One-Way Function Tree (OFT) (with 4 members)
Member M1 is assigned {K2.1, g(K2.2), g(K1.2)} K0= f(g(K1.1), g(K1.2)) Root Node Height: h= logaN (a: the degree) K1.1= f(g(K2.1), g(K2.2)) K1.2= f(g(K2.3), g(K2.4)) Leaf Node K2.1 K2.2 K2.3 K2.4 Member M1 M2 M3 M4 Each member is assigned to a leaf node Every node x has two keys, unblinded key Kx and blinded key Kx’ =g(Kx ) Leaf keys: generated by the GC Internal keys: K=f(g(Kchild1),…, g(Kchilda)) A member is assigned the unblinded leaf key and the blinded keys of the siblings of nodes in the key path from leaf to root Storage of KEKs GC: Member: Update Comm. : Virtual/logic key hierarchy/Tree? 08/07/2001 Mingyan Li and Radha Poovendran

7 LKH and OFT: Similarity and Difference
Both have a tree structure The height of the tree determines user storage and key update communication related to as Keys on LKH are independent, while keys on OFT are related by one-way function The GC storage LKH: , all the keys of a tree are stored OFT: N, only the leaf keys are stored; The storage is independent of the tree degree a Key update communication OFT trades user computation for the reduction in rekey messages by a factor when compared with LKH 08/07/2001 Mingyan Li and Radha Poovendran

8 Minimal Key Storage Scheme
Each member shares a KEK with the GC Storage GC: O(2) = seed r + SEK Member: 2 keys = KEK + SEK Key update communication (N-1) when a member leave r Seed Leaf Node K1 K2 KN M1 ... M2 MN Member Title “One key management scheme” or “A minimal key management scheme” number of unit message, linearly proportional to number of encryptions; Communication under member deletion is usually more expensive than communication under member join, so we focus on communication member deletion only. To evaluate a key management scheme: Storage Communication Key Update Communication Linear increase i: member index N: group size Group Size N 08/07/2001 Mingyan Li and Radha Poovendran

9 Tradeoff between communication and storage
We want optimal tradeoff between storage and update communication, under suitable conditions Storage Ideal operating region Update Communication How to relate this tradeoff to a logical tree algorithm? 08/07/2001 Mingyan Li and Radha Poovendran

10 Hybrid Tree of Canetti (with 24 members, cluster size of 3)
Keys assigned to M1: {K0, K1.1, K2.1, K3.1, K1} Ko Root Node h= loga(N/M) K1.1 K1.2 ... K2.1 K2.4 Leaf Node ... K3.1 K3.2 K3.7 K3.8 K4 M4 K5 K6 M5 M6 K22 M22 K23 K24 M23 M24 K1 K2 K3 M1 M2 M3 ... Member Cluster Size M=3 Group Size N=24 There are N/M clusters Group is divided into clusters of size M Each cluster is uniquely assigned to a leaf node Within a cluster, a minimal storage scheme is used 08/07/2001 Mingyan Li and Radha Poovendran

11 Canetti’s Examples of Hybrid Schemes
General M,a Example 1 Example 2 User Storage 2 Center Storage Communication To Design a Tree, choose parameters M and a. 08/07/2001 Mingyan Li and Radha Poovendran

12 Mingyan Li and Radha Poovendran
Our Formulation Given Prespecified update communication value, design an optimal hybrid tree —compute the value of cluster size M 08/07/2001 Mingyan Li and Radha Poovendran

13 Mingyan Li and Radha Poovendran
Use of Hybrid Tree Storage of GC: Storage(tree)+Storage(cluster) LKH-GC: OFT-GC: Update communication under member deletion: Comm(tree) + Comm(cluster) LKH-Comm: OFT-Comm: Binary OFTs, i.e., a=2, lead to least key update communication for a member addition/deletion How to find optimal cluster size M to minimize the storage of GC while the update communication is upper bounded by with being a scalar factor? 08/07/2001 Mingyan Li and Radha Poovendran

14 Optimization of Hybrid Tree
Optimization problem (structurally LKH and OFT have same form) LKH: OFT: Storage is a monotonically decreasing function w.r.t. M, the largest value of M satisfying the communication constraint will be the solution. Solve for M by where the communication scale factor 08/07/2001 Mingyan Li and Radha Poovendran

15 Design Solution of Cluster Size M
The 1st order approximation of the optimal M Design Procedure Given a, N, and  Compute M using (*) Build hybrid tree of degree a The asymptotic storage when M is optimal 08/07/2001 Mingyan Li and Radha Poovendran

16 Numerical Comparison for LKH for the case
(Degree a, Group Size N) # of Keys in GC by LKH # of Keys in GC by Hybrid LKH Storage reduction Comm. increase (2, 210) 2047 444 78.3% 1.7% (2, 220) 226920 89.2% 13.2% (3, 210) 1535 370 75.9% 3.4% (4, 210) 1365 345 74.7% (4, 220) 176490 87.4% 08/07/2001 Mingyan Li and Radha Poovendran

17 Numerical Comparison for OFT for the case
(Degree a, Group Size N) # of Keys in GC by OFT # of Keys in GC by Hybrid OFT Storage Reduction Comm. increase (2, 210) 1024 205 80.0% 31.4% (2, 220) 104858 90.0% 45.4% (3, 210) 325 68.3% 19.1% (4, 210) 410 60.0% 11.6% (4, 220) 209715 23.9% 08/07/2001 Mingyan Li and Radha Poovendran

18 Mingyan Li and Radha Poovendran
Conclusions An explicit design procedure for a given communication budget is presented for hybrid tree schemes (hybrid LKH, hybrid OFT). The reduction in storage of GC from O(N) to O(N/logN) is proved. More details of our work in CISS’01 handout Future Work?? 08/07/2001 Mingyan Li and Radha Poovendran

Download ppt "NSF Faculty Career Award"

Similar presentations

Efficient Kerberized Multicast Olga Kornievskaia University of Michigan Giovanni Di Crescenzo Telcordia Technologies.

Efficient Kerberized Multicast Olga Kornievskaia University of Michigan Giovanni Di Crescenzo Telcordia Technologies.
ECE 250 Algorithms and Data Structures Douglas Wilhelm Harder, M.Math. LEL Department of Electrical and Computer Engineering University of Waterloo Waterloo,

ECE 250 Algorithms and Data Structures Douglas Wilhelm Harder, M.Math. LEL Department of Electrical and Computer Engineering University of Waterloo Waterloo,
A Survey of Key Management for Secure Group Communications Celia Li.

A Survey of Key Management for Secure Group Communications Celia Li.
1 Efficient Self-Healing Group Key Distribution with Revocation Capability by Donggang Liu, Peng Ning, Kun Sun Presented by Haihui Huang

1 Efficient Self-Healing Group Key Distribution with Revocation Capability by Donggang Liu, Peng Ning, Kun Sun Presented by Haihui Huang
Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 5.3 Group Key Distribution Acknowledgment: Slides on.

Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 5.3 Group Key Distribution Acknowledgment: Slides on.
Multicast in Wireless Mesh Network Xuan (William) Zhang Xun Shi.

Multicast in Wireless Mesh Network Xuan (William) Zhang Xun Shi.
Group Protocols for Secure Wireless Ad hoc Networks Srikanth Nannapaneni Sreechandu Kamisetty Swethana pagadala Aparna kasturi.

Group Protocols for Secure Wireless Ad hoc Networks Srikanth Nannapaneni Sreechandu Kamisetty Swethana pagadala Aparna kasturi.
Optimal Communication Complexity of Generic Multicast Key Distribution Saurabh Panjwani UC San Diego (Joint Work with Daniele Micciancio)

Optimal Communication Complexity of Generic Multicast Key Distribution Saurabh Panjwani UC San Diego (Joint Work with Daniele Micciancio)
Secure Multicast (II) Xun Kang. Content Batch Update of Key Trees Reliable Group Rekeying Tree-based Group Diffie-Hellman Recent progress in Wired and.

Secure Multicast (II) Xun Kang. Content Batch Update of Key Trees Reliable Group Rekeying Tree-based Group Diffie-Hellman Recent progress in Wired and.
1 Dynamic Key-Updating: Privacy- Preserving Authentication for RFID Systems Li Lu, Lei Hu State Key Laboratory of Information Security, Graduate School.

1 Dynamic Key-Updating: Privacy- Preserving Authentication for RFID Systems Li Lu, Lei Hu State Key Laboratory of Information Security, Graduate School.
Secure Multicast Xun Kang. Content Why need secure Multicast? Secure Group Communications Using Key Graphs Batch Update of Key Trees Reliable Group Rekeying.

Secure Multicast Xun Kang. Content Why need secure Multicast? Secure Group Communications Using Key Graphs Batch Update of Key Trees Reliable Group Rekeying.
CMPE 150- Introduction to Computer Networks 1 CMPE 150 Fall 2005 Lecture 22 Introduction to Computer Networks.

CMPE 150- Introduction to Computer Networks 1 CMPE 150 Fall 2005 Lecture 22 Introduction to Computer Networks.
Cache Placement in Sensor Networks Under Update Cost Constraint Bin Tang, Samir Das and Himanshu Gupta Department of Computer Science Stony Brook University.

Cache Placement in Sensor Networks Under Update Cost Constraint Bin Tang, Samir Das and Himanshu Gupta Department of Computer Science Stony Brook University.
Secure Group Communications Using Key Graphs Chung Kei Wong, Member, IEEE, Mohamed Gouda Simon S. Lam, Fellow, IEEE Evgenia Gorelik Yuksel Ucar.

Secure Group Communications Using Key Graphs Chung Kei Wong, Member, IEEE, Mohamed Gouda Simon S. Lam, Fellow, IEEE Evgenia Gorelik Yuksel Ucar.
Distributed Collaborative Key Agreement Protocols for Dynamic Peer Groups Patrick P. C. Lee, John C. S. Lui and David K. Y. Yau IEEE ICNP 2002.

Distributed Collaborative Key Agreement Protocols for Dynamic Peer Groups Patrick P. C. Lee, John C. S. Lui and David K. Y. Yau IEEE ICNP 2002.
Multicast Security May 10, 2004 Sam Irvine Andy Nguyen.

Multicast Security May 10, 2004 Sam Irvine Andy Nguyen.
Group Key Distribution Chih-Hao Huang

Group Key Distribution Chih-Hao Huang
Simple and Fault-Tolerant Key Agreement for Dynamic Collaborative Groups David Insel John Stephens Shawn Smith Shaun Jamieson.

Simple and Fault-Tolerant Key Agreement for Dynamic Collaborative Groups David Insel John Stephens Shawn Smith Shaun Jamieson.
Topology aggregation and Multi-constraint QoS routing Presented by Almas Ansari.

Topology aggregation and Multi-constraint QoS routing Presented by Almas Ansari.
Overlay Network Physical LayerR : router Overlay Layer N R R R R R N.

Overlay Network Physical LayerR : router Overlay Layer N R R R R R N.

Similar presentations

Ads by Google