Presentation is loading. Please wait.

Presentation is loading. Please wait.

Slide 1 Comparison of Inter-Area Rekeying Algorithms for Secure Mobile Group Communication C. Zhang*, B. DeCleene +, J. Kurose*, D. Towsley* * Dept. Computer.

Published byJulianna Robbins Modified over 9 years ago

Similar presentations

Presentation on theme: "Slide 1 Comparison of Inter-Area Rekeying Algorithms for Secure Mobile Group Communication C. Zhang*, B. DeCleene +, J. Kurose*, D. Towsley* * Dept. Computer."— Presentation transcript:

1 slide 1 Comparison of Inter-Area Rekeying Algorithms for Secure Mobile Group Communication C. Zhang*, B. DeCleene +, J. Kurose*, D. Towsley* * Dept. Computer Science University of Massachusetts/Amherst Amherst MA USA + ALPHATECH Burlington MA USA Performance 2002 in Rome

2 slide 2 Overview  introduction: hierarchical key management in a mobile environment  four key management algorithms  performance models  results  summary

3 slide 3 Scenario:  many mobile nodes requiring encrypted communication  symmetric data key used for encryption  rekey when member joins domain (backward confidentiality)  rekey when member leaves domain (forward confidentiality) Scalable, Secure Group Management Q: How to perform scalable rekeying given mobility? DKD … … AKD 1AKD 3 AKD 7AKD 8

4 slide 4 AKD 1AKD 3 AKD 7AKD 8 Efficient, scalable, secure group management  Hierarchical key distribution: domain divided into areas  area key distributor (AKD) distributes data key within area  per-area key to encrypt rekeying within area  exploit multicast communication within area DKD … … transfer leave join  Q: key management given mobility in/out/among areas

5 slide 5 Overview  introduction: hierarchical key distribution in a mobile environment  four key management algorithms  performance models  results  summary and future work

6 slide 6 SR: Static Rekeying  inter-AS communication during rekeying: inter-AS multicast AKD Static (SR)  node always belongs to same area move data key AS 1 AS 2  performance degradation: multiple data keys sent to an AS ( …)

7 slide 7 BR: Baseline Rekeying Baseline Rekeying (BR)  AS = area  move between ASs = transition between areas AKD join transfer leave data key AS 2 AS 1  inter-area-transfer implemented as domain leave/join  domain leave: area key rekey, data key rekey  domain join : area key rekey, data key rekey

8 slide 8 IR: Immediate Rekeying Immediate Rekeying (IR)  no data key rekeying during transition  area keys ( ) are rekeyed  credentials passed between AKDs to implement transfer of security relationship AKD data key AS 2 AS 1 join transfer leave

9 slide 9 FEDRP: First Entry Delayed Rekey (Periodic) First Entry Delayed Rekey (FEDRP)  area key rekeyed only on first entry to area and domain leave holding the area key AKD data key AS 2 AS 1 transfer  periodic rekey (optional): bound outside member area key holding time  no area key rekey for visit other than 1 st time  no area key rekeying when transferring out  mobile holds area keys while moving within domain

10 slide 10 Overview  introduction: hierarchical key distribution in a mobile environment  four key management algorithms  performance models  results  summary and future work

11 slide 11 Analysis Overview Performance metrics:  communication:  key-related msg rate within AS i  key-related msg rate out of AS i  computation: area key rekey rate  security: #(area keys) held by area member Modeling approach:  M areas  Poisson arrivals ( ) of new members to domain  exponential sojourn time within AS  inter-AS member mobility: Markov process

12 slide 12 Analysis Details  model each AS as M/M/ ∞ queue  1/  i (i  {1,…,M}) : average sojourn time in AS i per visit  state i (i  {1,…,M}) : inside domain, in AS i state M+1: outside domain  P = [p i,j ] (i,j  {1,…,M+1}) : state transition probability   = [  i ] (i  {1,…,M}) : area key periodic rekey interval (FEDRP)  compute occupancy probabilities for AS i  achieve performance metric of interest

13 slide 13 Analysis Summary:  SR, BR, IR  closed form solutions  FEDRP  further assumptions needed: (domain leave and period rekey) area rekeying is Poisson  solved as a fixed point problem  validated by DaSSF simulator

14 slide 14 Overview  introduction: hierarchical key distribution in a mobile environment  four key management algorithms  performance models  results  summary

15 slide 15 Message Rate within an AS FEDRP(1/δ=0): smallest msg rate, except with high mobility M=16, =100, 1/  = 1, HOMOGEMEOUS 10m 100m 1km Foot Urban HWY FootUrban HWY Foot Urban

16 slide 16 Message Rate out of an AS SR: higher inter-AS communication

17 slide 17 Area Key Rekey Rate FEDRP: rekey rate bounded by 2 +1/  i 1200=2*100+1000 300=2*100+100 200=2*100+0

18 slide 18 Average #Area Keys held by a member FEDRP: # area keys held small except with high mobility

19 slide 19 same trend as homogeneous case small difference among areas Heterogeneous Case : 2D Random Walk  thus far: “transporter” mobility model - member can move directly from any AS to any other AS  2D random walk: only move to neighboring AS IR FEDRP AB BC BA CB BC AB CB BA

20 slide 20 Summary performance analysis of four inter-area rekey algorithms addressing the mobility issue  analytic performance models  modeling heterogeneous mobility such as “2D random walk”  FEDRP has lowest communication costs, and low computation costs  FEDRP allows to hold small number of area keys  SR performs better in highly mobile scenarios  cost: higher inter-AS communication

21 slide 21 Thanks

22 slide 22 Applications  large scale military  law enforcement  disaster recovery  business

23 slide 23 Future Work  data throughput  impact of loss and latency  authentication overhead  effect of LKH

24 slide 24 Thanks

Download ppt "Slide 1 Comparison of Inter-Area Rekeying Algorithms for Secure Mobile Group Communication C. Zhang*, B. DeCleene +, J. Kurose*, D. Towsley* * Dept. Computer."

Similar presentations

Supporting Cooperative Caching in Disruption Tolerant Networks

Supporting Cooperative Caching in Disruption Tolerant Networks
MMOM: Efficient Mobile Multicast Support Based on the Mobility of Mobile Hosts YUNGOO HUH and CHEEHA KIM Presented by Kiran Kumar Bankupally.

MMOM: Efficient Mobile Multicast Support Based on the Mobility of Mobile Hosts YUNGOO HUH and CHEEHA KIM Presented by Kiran Kumar Bankupally.
A Survey of Key Management for Secure Group Communications Celia Li.

A Survey of Key Management for Secure Group Communications Celia Li.
Ion Stoica, Robert Morris, David Karger, M. Frans Kaashoek, Hari Balakrishnan MIT and Berkeley presented by Daniel Figueiredo Chord: A Scalable Peer-to-peer.

Ion Stoica, Robert Morris, David Karger, M. Frans Kaashoek, Hari Balakrishnan MIT and Berkeley presented by Daniel Figueiredo Chord: A Scalable Peer-to-peer.
Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 5.3 Group Key Distribution Acknowledgment: Slides on.

Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 5.3 Group Key Distribution Acknowledgment: Slides on.
1 Performance Char’ of Region- Based Group Key Management --- in Mobile Ad Hoc Networks --- by Ing-Ray Chen, Jin-Hee Cho and Ding-Chau Wang Presented by.

1 Performance Char’ of Region- Based Group Key Management --- in Mobile Ad Hoc Networks --- by Ing-Ray Chen, Jin-Hee Cho and Ding-Chau Wang Presented by.
Data Communications and Computer Networks Chapter 4 CS 3830 Lecture 22 Omar Meqdadi Department of Computer Science and Software Engineering University.

Data Communications and Computer Networks Chapter 4 CS 3830 Lecture 22 Omar Meqdadi Department of Computer Science and Software Engineering University.
Optimizing Buffer Management for Reliable Multicast Zhen Xiao AT&T Labs – Research Joint work with Ken Birman and Robbert van Renesse.

Optimizing Buffer Management for Reliable Multicast Zhen Xiao AT&T Labs – Research Joint work with Ken Birman and Robbert van Renesse.
Improving TCP Performance over Mobile Ad Hoc Networks by Exploiting Cross- Layer Information Awareness Xin Yu Department Of Computer Science New York University,

Improving TCP Performance over Mobile Ad Hoc Networks by Exploiting Cross- Layer Information Awareness Xin Yu Department Of Computer Science New York University,
Load Balancing of Elastic Traffic in Heterogeneous Wireless Networks Abdulfetah Khalid, Samuli Aalto and Pasi Lassila 23.01.2013.

Load Balancing of Elastic Traffic in Heterogeneous Wireless Networks Abdulfetah Khalid, Samuli Aalto and Pasi Lassila
KAIS T Scalable Key Management for Secure Multicast Communication in the Mobile Environment Jiannong Cao, Lin Liao, Guojun Wang Pervasive and Mobile Computing.

KAIS T Scalable Key Management for Secure Multicast Communication in the Mobile Environment Jiannong Cao, Lin Liao, Guojun Wang Pervasive and Mobile Computing.
KAIS T Distributed Collaborative Key Agreement and Authentication Protocols for Dynamic Peer Groups IEEE/ACM Trans. on Netw., Vol. 14, No. 2, April 2006.

KAIS T Distributed Collaborative Key Agreement and Authentication Protocols for Dynamic Peer Groups IEEE/ACM Trans. on Netw., Vol. 14, No. 2, April 2006.
Secure Multicast (II) Xun Kang. Content Batch Update of Key Trees Reliable Group Rekeying Tree-based Group Diffie-Hellman Recent progress in Wired and.

Secure Multicast (II) Xun Kang. Content Batch Update of Key Trees Reliable Group Rekeying Tree-based Group Diffie-Hellman Recent progress in Wired and.
ZIGZAG A Peer-to-Peer Architecture for Media Streaming By Duc A. Tran, Kien A. Hua and Tai T. Do Appear on “Journal On Selected Areas in Communications,

ZIGZAG A Peer-to-Peer Architecture for Media Streaming By Duc A. Tran, Kien A. Hua and Tai T. Do Appear on “Journal On Selected Areas in Communications,
Secure Multicast Xun Kang. Content Why need secure Multicast? Secure Group Communications Using Key Graphs Batch Update of Key Trees Reliable Group Rekeying.

Secure Multicast Xun Kang. Content Why need secure Multicast? Secure Group Communications Using Key Graphs Batch Update of Key Trees Reliable Group Rekeying.
Towards Scalable and Reliable Secure Multicast Presenter: Yang Richard Yang Network Research Lab Department of Computer Sciences The University of Texas.

Towards Scalable and Reliable Secure Multicast Presenter: Yang Richard Yang Network Research Lab Department of Computer Sciences The University of Texas.
Scalable Application Layer Multicast Suman Banerjee Bobby Bhattacharjee Christopher Kommareddy ACM SIGCOMM Computer Communication Review, Proceedings of.

Scalable Application Layer Multicast Suman Banerjee Bobby Bhattacharjee Christopher Kommareddy ACM SIGCOMM Computer Communication Review, Proceedings of.
1 IMPROVING RESPONSIVENESS BY LOCALITY IN DISTRIBUTED VIRTUAL ENVIRONMENTS Luca Genovali, Laura Ricci, Fabrizio Baiardi Lucca Institute for Advanced Studies.

1 IMPROVING RESPONSIVENESS BY LOCALITY IN DISTRIBUTED VIRTUAL ENVIRONMENTS Luca Genovali, Laura Ricci, Fabrizio Baiardi Lucca Institute for Advanced Studies.
Secure Group Communications Using Key Graphs Chung Kei Wong, Member, IEEE, Mohamed Gouda Simon S. Lam, Fellow, IEEE Evgenia Gorelik Yuksel Ucar.

Secure Group Communications Using Key Graphs Chung Kei Wong, Member, IEEE, Mohamed Gouda Simon S. Lam, Fellow, IEEE Evgenia Gorelik Yuksel Ucar.
Distributed Collaborative Key Agreement Protocols for Dynamic Peer Groups Patrick P. C. Lee, John C. S. Lui and David K. Y. Yau IEEE ICNP 2002.

Distributed Collaborative Key Agreement Protocols for Dynamic Peer Groups Patrick P. C. Lee, John C. S. Lui and David K. Y. Yau IEEE ICNP 2002.

Similar presentations

Ads by Google