Presentation is loading. Please wait.

Presentation is loading. Please wait.

Optimal Batch Rekeying for Secure Group Communications in Wireless Networks Authors: Jin-Hee Cho, Ing-ray Chen, Mohamed Eltoweissy Presented by Niharika.

Published byGrace Hopkins Modified over 9 years ago

Similar presentations

Presentation on theme: "Optimal Batch Rekeying for Secure Group Communications in Wireless Networks Authors: Jin-Hee Cho, Ing-ray Chen, Mohamed Eltoweissy Presented by Niharika."— Presentation transcript:

1 Optimal Batch Rekeying for Secure Group Communications in Wireless Networks Authors: Jin-Hee Cho, Ing-ray Chen, Mohamed Eltoweissy Presented by Niharika Gujarati and Sindhu Motupalli

2 Agenda Introduction and previous work System model and assumptions Threshold-based periodic batch rekeying Performance model Numerical results and analysis Conclusion

3 1.Group Communication Applications inherently based on group communication. Wireless networks –Network functionality –Assure confidentiality, authenticity and intergrity User = End-user / network node.

4 Symmetric key Group key shared by members. Group key dist by key server. Dedicated key server or existing server employed Multiple key servers can co-exist in clustered network. Group key used to encrypt and decrypt messages only by group members.

5 Forward secrecy - Group key management property that ensures that an intruder that knows a contiguous subset of old group keys cannot identify subsequent group keys. Backward secrecy - Group key management property that ensures that an intruder that knows a subset of group keys cannot discover previous group keys

6 Individual Rekeying Performs a rekey operation for every join or leave. Not scalable because of significant communication overhead. Synchronization difficult to maintain. To Remedy – periodic batch rekeying

7 Periodic Batch Rekeying Joins and leaves aggregated. Rekeying done only periodically. Thus communication overhead is reduced when compared to individual rekeying. Improves efficiency and reduces out-of sync problem. Consequence – forward and backward secrecy not strictly satisfied.

8 Contributions of paper. Develops new threshold-based batch rekeying schemes. Finding an optimal rekey interval to reduce communication costs while maintaining intergrity. SPN model to measure performance metrics.

9 2.System Model and Assumption

10 KS maintains a key tree based on LKH (logical key hierarchy) protocol.

11 Each node – cryptographic sym key KS connects each member with one tree node Each node knows all keys from leaf to root node

12 No other nodes’ keys are known This key set is called key path Root node key plays as group key Example : key path of M 2 is K 5, K 2 and K 1.

13 When member joins, KS sends all the keys in keypath Msg length – k(2log 2 (N) -1) When member leaves, KS updates all the keys in the key path Msg length – 2klog 2 (N) k – length of key N - number of members Therefore each updates’ msg length is logarithimic in no of group members.

14 Assume periodic batch rekeying is used User cannot join without authorisation, ie; no Untrusted Joins. Leaves can be Trusted or Untrusted. Trusted leave - User voluntarily leaves the group. Untrusted leave – User is evicted from the group. if rekeying doesn’t take place immediately after an untrusted leave it will result in a period of security vulnerability.

15 Probability of trustworthiness. P t = number of trusted leave oprns total number of trusted and untrusted leaves Data is periodically collected by the KS

16 3.Threshold-based periodic batch rekeying Based on notion of thresholds that govern the max number of leave and join requests to be accumulated beyond which rekeying is done Rekeying scheme using only one threshold k3 Rekeying schemes using two thresholds k1 and k2

17 This scheme identifies the set of states in which rekeying is performed thus implicitly determining time between two rekeying oprns. State machine with 3 component state representation ( a, b, c) a  number of trusted join requests. b  number of trusted leave requests. c  number of untrusted leave requests.

18 Threshold based rekeying ULT Untrusted Leave Threshold Based TAUDT Trusted and Untrusted Double Threshold based JALDT Join and Leave Double Threshold based

19 ULT One Threshold k3 that guards only untrusted leave K3  number of untrusted leave requests ( state variable “c”) Special case k3=1, individual rekeying is used. Used as a baseline to compare other two schemes.

20 TAUDT Two thresholds k1 and k2. k1  number of trusted requests : a + b state variables k2  number of untrusted leave requests : c state variable

21 JALDT Two thresholds k1 and k2. k1  number of trusted join requests : state variable a k2  number of trusted and untrusted leaves : b + c state variables.

22 Rekeying Only at the end of the batch interval T

23 Two application specific constraints are Probability of secrecy violation P v –Proportion of time with secrecy violation risk –Only forward secrecy Delay D –Latency per join or leave request (the same) –Joins and leaves are not distinguished as they are aggregated. Optimal batch rekeying interval (T) – interval in which overhead is minimised while satisfying P v and D

24 Simple optimization feature used to reduce communication overhead New join member can take the place of leave member in a key tree. Thus for each join-leave pairs, KS only generates new keys along the keypath and a new key to the new member.

25 KS applies following procedure while rekeying. if a > b+c, then the server will process b+c join-leave request pairs before processing a – (b+c) join requests; if a = b+c, then the server will process b+c join-leave request pairs; if a < b+c, then the server will process a join-leave

26 Performance Model

27 For ULT we derive analytical closed from solution Average Batch Rekey interval T = = average inter-arrival ime of untrusted leave requests

28 Thus at end of each batch rekeying the state variables have the values…

29 The communication overhead bits C m is calc as

30 S cm is the communication overhead T b is overhead for broadcast Thus S cm is calculated as the sum of this overhead and packet transmission time. S cm = T b + C m / BW

31 Average communication overhead per join or leave S = S cm a + b + c Probability of secrecy violation is the propotion of time in which fwd secrecy has been violated P v = [ (k3-1) / k3 ] * T + S cm (T + S cm )

32 Delay per join / leave D = S + T/2 T/2 = average wait time for batch rekeying for an operation S = average communication overhead per join/ leave Calculated D is almost the same as resp time per operation

33 For TAUDT and JALDT there are too many states to yield closed-form analytical expressions, hence the use of SPN model.

34 Places tmp is a temporary place holder not corresponding to any state component just to hold newly arriving leave requests.

35 Transitions

36 Arcs

37 Firing Rule for any of the transactions in the model –There are atleast m tokens in each of its input places connected by an input arc of multiplicity m –The associate enabling function of that transaction

38 when trusted join arrives-token in “a” Modelled by transition T1 with rate λ * P t because there are no untrusted joins, only trusted ones.

39 Any leave – token in tmp Modelled by T2 with rate µ If leave trusted go to “b” with immediate transition (T4) rate of P t. If untrusted go to “c” with immediate transition rate (T5) of 1 – P t.

40 For both schemes rekeying is performed when rekeying condition is satisfied. Modelled by using an enabling function that has to be satisfied to fire the transition T3.

41 Enbling function for T3 TAUDT  if mark(a) + mark(b) = k1 or if mark(c) = k2 then true else false JALDT  if mark(a) = k1 or if mark(b) + mark(c) = k2 then true else false

42 Enabling functions

43

44 Average communication overhead –R = Set of rekeying states – P(i) = The steady-state probability of the system being in state i. The Secrecy of Violation: –V denotes the set of states in which mark(c)>0 –r i = 1

45 To obtain T, convert all rekeying states to absorbing states. Assign a reward value of 1 to all states other than absorbing states. T is computed as expected cumulative reward until absorption.

46 Numerical results and analysis Analyze numerical results obtained from applying mathematical models developed for ULT, TAUDT and JALDT. Following system parameters are used: number of members in the group (N) = 1024 length of each key (J) is 64 bits Tb = 5 msec bandwidth (BW) is 1 Mbps

47 ULT Analysis Baseline scheme which TAUDT and JALDT will be compared against. Assumed - λ: μ = 1: 0.5 and Pt = 0.9 D is Delay k3 increases  D increases Hence takes more time to accumulate “c” to reach the threshold Pv is Secrecy Voilation k3 increases  c increases When k3 = 0  Pv = 0

48 The optimal batch rekey interval (T) is the interval at which the overhead is minimized while satisfying the two application-level constraints T = 1 μ(1 − P t ) × k3 At D= 5, P v =.05, k3 = 1 T = 6.67 seconds

49 TAUDT Analysis Two thresholds – k1 number of trusted requests (a+b)and k2 number of untrusted requests (c). K1 increases  Pv increases since high threshold means more states voilated secrecy requirement. As K2 increases, Pv increases too, until k2 reaches a threshold ( k2 > 2). D increases as k1 increases and k2 increases. K2 not significant as k1 due to high Pt used.

50 As k1 increases, S decreases since aggregating join and leave events reduces rekeying overhead S is insensitive to incresing k2 since “c” is very small optimal batch rekey interval At D= 5, P v =.05  (k1,k2) = (16,1) T = 8.83 seconds

51 JALDT Analysis two thresholds - k1 number of join requests (a) and k2 the number of leave requests (b+c) Pv and D increase when either k1 or k2 increases

52 S decreases as both k1 and k2 increase because aggregating more join and leave events for a batch rekeying operation will amortize the cost per operation. optimal batch rekey interval At D= 5, P v =.05  (k1,k2) = (13,2) T = 3.96 seconds

53 Comparison Calculated Optimal batch rekey intervals : ULT 6.67 seconds TAUDT 8.83 seconds JALDT 3.96 seconds TAUDT has the highest optimal T JALDT shows the second highest optimal T, followed by ULT

54 TAUDT is able to produce the minimum S and the maximum T, which makes it the most efficient scheme among all.

55 Conclusion By varying the P v and (λ : µ), TAUDT is able to produce the minimum S and the maximum T. As P t increases, minimum S decreases and T increases. As µ increases, minimum S increases and optimal T decreases

56 Future Works Augment by taking reliability and availability considerations to the SPN model. Analyzing the effects of insider attacks and intrusion detection system design on the security and performance prosperities of group communications in wireless systems. Investing the issue of optimal batch rekeying for the case in which a group consists of multiple subgroups.

Download ppt "Optimal Batch Rekeying for Secure Group Communications in Wireless Networks Authors: Jin-Hee Cho, Ing-ray Chen, Mohamed Eltoweissy Presented by Niharika."

Similar presentations

Hierarchical Trust Management for Wireless Sensor Networks and its Applications to Trust-Based Routing and Intrusion Detection Presented by: Vijay Kumar.

Hierarchical Trust Management for Wireless Sensor Networks and its Applications to Trust-Based Routing and Intrusion Detection Presented by: Vijay Kumar.
A Survey of Key Management for Secure Group Communications Celia Li.

A Survey of Key Management for Secure Group Communications Celia Li.
HIERARCHY REFERENCING TIME SYNCHRONIZATION PROTOCOL Prepared by : Sunny Kr. Lohani, Roll – 16 Sem – 7, Dept. of Comp. Sc. & Engg.

HIERARCHY REFERENCING TIME SYNCHRONIZATION PROTOCOL Prepared by : Sunny Kr. Lohani, Roll – 16 Sem – 7, Dept. of Comp. Sc. & Engg.
Group Protocols for Secure Wireless Ad hoc Networks Srikanth Nannapaneni Sreechandu Kamisetty Swethana pagadala Aparna kasturi.

Group Protocols for Secure Wireless Ad hoc Networks Srikanth Nannapaneni Sreechandu Kamisetty Swethana pagadala Aparna kasturi.
1 Performance Char’ of Region- Based Group Key Management --- in Mobile Ad Hoc Networks --- by Ing-Ray Chen, Jin-Hee Cho and Ding-Chau Wang Presented by.

1 Performance Char’ of Region- Based Group Key Management --- in Mobile Ad Hoc Networks --- by Ing-Ray Chen, Jin-Hee Cho and Ding-Chau Wang Presented by.
Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, 2010. ICWCSC 2010. International.

Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, ICWCSC International.
Presented By- Sayandeep Mitra 13000110043 7 TH SEMESTER Sensor Networks(CS 704D) Assignment.

Presented By- Sayandeep Mitra TH SEMESTER Sensor Networks(CS 704D) Assignment.
Playback delay in p2p streaming systems with random packet forwarding Viktoria Fodor and Ilias Chatzidrossos Laboratory for Communication Networks School.

Playback delay in p2p streaming systems with random packet forwarding Viktoria Fodor and Ilias Chatzidrossos Laboratory for Communication Networks School.
Digital Signatures and Hash Functions. Digital Signatures.

Digital Signatures and Hash Functions. Digital Signatures.
Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 5 Group Key Management.

Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 5 Group Key Management.
LOGO Multi-user Broadcast Authentication in Wireless Sensor Networks ICU 20082065 Myunghan Yoo.

LOGO Multi-user Broadcast Authentication in Wireless Sensor Networks ICU Myunghan Yoo.
MQ: An Integrated Mechanism for Multimedia Multicasting By De-Nian Yang Wanjiun Liao Yen-Ting Lin Presented By- Sanchit Joshi Roshan John.

MQ: An Integrated Mechanism for Multimedia Multicasting By De-Nian Yang Wanjiun Liao Yen-Ting Lin Presented By- Sanchit Joshi Roshan John.
Mobile and Wireless Computing Institute for Computer Science, University of Freiburg Western Australian Interactive Virtual Environments Centre (IVEC)

Mobile and Wireless Computing Institute for Computer Science, University of Freiburg Western Australian Interactive Virtual Environments Centre (IVEC)
1 Complexity of Network Synchronization Raeda Naamnieh.

1 Complexity of Network Synchronization Raeda Naamnieh.
CSCE 715 Ankur Jain 11/16/2010. Introduction Design Goals Framework SDT Protocol Achievements of Goals Overhead of SDT Conclusion.

CSCE 715 Ankur Jain 11/16/2010. Introduction Design Goals Framework SDT Protocol Achievements of Goals Overhead of SDT Conclusion.
Secure Multicast (II) Xun Kang. Content Batch Update of Key Trees Reliable Group Rekeying Tree-based Group Diffie-Hellman Recent progress in Wired and.

Secure Multicast (II) Xun Kang. Content Batch Update of Key Trees Reliable Group Rekeying Tree-based Group Diffie-Hellman Recent progress in Wired and.
ZIGZAG A Peer-to-Peer Architecture for Media Streaming By Duc A. Tran, Kien A. Hua and Tai T. Do Appear on “Journal On Selected Areas in Communications,

ZIGZAG A Peer-to-Peer Architecture for Media Streaming By Duc A. Tran, Kien A. Hua and Tai T. Do Appear on “Journal On Selected Areas in Communications,
Secure Multicast Xun Kang. Content Why need secure Multicast? Secure Group Communications Using Key Graphs Batch Update of Key Trees Reliable Group Rekeying.

Secure Multicast Xun Kang. Content Why need secure Multicast? Secure Group Communications Using Key Graphs Batch Update of Key Trees Reliable Group Rekeying.
Secure Data Communication in Mobile Ad Hoc Networks Authors: Panagiotis Papadimitratos and Zygmunt J Haas Presented by Sarah Casey Authors: Panagiotis.

Secure Data Communication in Mobile Ad Hoc Networks Authors: Panagiotis Papadimitratos and Zygmunt J Haas Presented by Sarah Casey Authors: Panagiotis.
Dept. of Computer Science & Engineering, CUHK1 Trust- and Clustering-Based Authentication Services in Mobile Ad Hoc Networks Edith Ngai and Michael R.

Dept. of Computer Science & Engineering, CUHK1 Trust- and Clustering-Based Authentication Services in Mobile Ad Hoc Networks Edith Ngai and Michael R.

Similar presentations

Ads by Google