Presentation is loading. Please wait.

Presentation is loading. Please wait.

A secure re-keying scheme Introduction Background Re-keying scheme User revocation User join Conclusion.

Similar presentations


Presentation on theme: "A secure re-keying scheme Introduction Background Re-keying scheme User revocation User join Conclusion."— Presentation transcript:

1 A secure re-keying scheme Introduction Background Re-keying scheme User revocation User join Conclusion

2 Introduction Multicast is the preferred mode for group communication services A group key is known to all users in the group, but is unknown to non-group users Ensure this while the group membership changes A re-keying scheme is an algorithm to securely and efficiently update the group key

3 Background Approaches to form authorized subgroups: –Broadcast Enable a single source to securely broadcast to an arbitrary and dynamically changing subset of users –Secure sharing Requires a user to store only one key –Logical key hierarchy Use tree structure to update a group key in order to revoke or join users

4 Re-keying scheme Based on the logical key hierarchy approach Uses a one-way hash chain to generate all the keys of a user from a seed value h v (x), where h() is a one-way hash function, is a one-way hash chain when h is applied v times to x. h v (x) = h(h(…(h(x)…)).

5 Model U: set of users GC:group controller A users hold a unique set of keys, K is the set of keys in the system of users sharing a session key

6 Group operation Re-keying consists of two group operations: –User revocation A subset of users R i is revoked from M i resulting a new session consisting of M i+1 = M i \ R i sharing a new session key K s+1 –User join A subset of users J i is join M i resulting a new session consisting of M i+1 = M i U J i sharing a new session key K s+1

7 System operation During the initial session, GC generates the keys K and sends a subset of keys to user via a secure unicast channel In all subsequence session, GC sending a re- keying message over an insecure multicast channel. A user user his set of keys and the re-keying message to calculate the new session key k i+1

8 A LKH re-keying scheme A logical key hierarchy(LKH) is a tree where each node logically corresponds to a key and each leaf logically corresponds to a user. A user knows the keys of nodes along the path from the user’s leaf to the root.

9 A LKH re-keying scheme

10 Each node is given a label I w (l) and a key K w (l). Node label is public and node keys are private. The user holds the set of node keys along the path. All user have a common root key K w (0).

11 Re-keying algorithm for GC GC choose a random number where b is the security parameter. For level l = s, …,0 and node, updates K w (l) to K’ w (l) = h s-l (r) Generate the re-keying message: E() denotes the encryption algorithm.

12 Re-keying algorithm for users A user U find the nodes that are both in N(U) and M rkey User decrypts using his node key. User needs to update keys of node I w (y) and all it’s ancestors, i.e., I w (y-1),… I w (0) For level l= y-1, … 0 and every node User updates the node key

13 System Initialization Let GC construct a tree structure with n 0 leaves, given a unique label to each node, attaches a randomly generated key to each node and corresponds each leaf to a user. GC publishes the tree structure in a public bulletin board and keeps all node keys secret. GC sends to user U, a set of node keys along the path from U’s leaf to the root over a secure unicast channel.

14 User revocation Group controller 1.Updates the tree structure 2.Updating the session key Ks i to Ks i+1 (updating root key) All internal keys belong to the users in R i require to be updated User 1.Each affected user remove the redundant nodes and keys and rearranged the levels of the affected nodes and keys. 2.Each user receives the re-keying message and perform the re-keying scheme, obtaining the new session key.

15 User revocation

16

17 Suppose Node have been pruned. Nodes in dashed line have been arranged to new levels Keys require to be updated Re-keying: Re-keying message:

18 User revocation U 1, U 2: have, calculate U 4: have, and calculate U 7, U 8: have The session key is

19 User join Group controller 1.Updates the tree structure 2.Produce a randomly chosen key for each new leaf, and associates each new user to a new leaf 3.Updating the session key User 1.Each new user performs the re-keying operation to obtain the updated keys and the new session key. 2.Each affected user adds the new nodes and rearranges the levels of the affected nodes and keys. 3.The rest of the users perform the re-keying operation to update the keys and obtain the new session key.

20 User join

21

22 Suppose Node have been added. Nodes in dashed line have been arranged to new levels Keys require to be updated Re-keying: Re-keying message:

23 User join U 6, U 9: have, calculate U 7,U 8,U 10 : have, and calculate U 1 …. U 5 : have The session key is

24 Conclusion A re-keying scheme for multiple user revocation and multiple user join. Employs logical key hierarchy with one way hash chain to achieve higher efficiency. The scheme satisfies forward secrecy, backward secrecy and forward-backward secrecy.

25 Reference H. Kurnio, R. Safavi-Naini, Huaxiong Wang, A Secure Re-keying Scheme with Key Recovery Property, 7th Australasian Conference on Information Security and Privacy, ACISP 2002, Vol. 2384, pages 40--55. Adrian Perrig, Dawn Song, J.D. Tygar ELK, a New Protocol for Efficient Large-Group Key Distribution. IEEE symposium on security and privacy 2001. Page 247-262 Kurnio H and Safavi-Naini R, Huaxiong Wang, A group key distribution scheme with decentralised user join. Third Conference on Security in Communication Networks '02 September 12-13, 2002 Dalit Naor, Moni Naor, Jeff Lotspiech, Revocation and Tracing Schemes for Stateless Receivers. Advances in Cryptology – CRYPTO 2001, Lecture Notes in Computer Science 2139, pages 41-62


Download ppt "A secure re-keying scheme Introduction Background Re-keying scheme User revocation User join Conclusion."

Similar presentations


Ads by Google