Download presentation
Presentation is loading. Please wait.
Published byMarshall Owen Modified over 9 years ago
1
J.-H. Cho, I.-R. Chen, M. Eltoweissy ACM/Springer Wireless Networks, 2007 Presented by: Mwaffaq Otoom CS5214 – Spring © 2007 On optimal batch re-keying for secure group communications in wireless networks
2
Agenda Introduction Contributions System model and assumptions Threshold-based batch re-keying. Performance model. Numerical results and analysis. Conclusions Future work.
3
Introduction Cost-effective secure group communication –Symmetric key - group key Dynamic group –Forward secrecy –Backward secrecy Re-keying –Individual re-keying –Periodic batch re-keying
4
Contributions Develops new threshold-based batch rekeying schemes. Identifies an optimal rekey interval for each scheme that would minimize the communication cost per join/leave operation while satisfying secrecy and delay constraints. Measures performance metrics for finding an optimal batch rekey interval using SPN models.
5
System Model & Assumptions Central key distribution server. –Key tree based on LKH, why? Inter-arrival times of join and leave requests are exponentially distributed with rates λ and µ, respectively, why? A user can not join the group unless it is authorized by the server. –Trusted/un-trusted join/leave.
6
Threshold-based periodic batch rekeying The behavior of periodic batch rekeying schemes can be described by a state machine with 3-component state representation (a, b, c) –a: number of trusted join requests –b: number of trusted leave requests –c: number of untrusted leave requests
7
Threshold-based periodic batch rekeying Threshold-based batch rekeying schemes: –Untrusted Leave Threshold-based (ULT) –Trusted and Untrusted Double Threshold- based (TAUDT) –Join and Leave Double Threshold-based (JALDT)
8
Threshold-based periodic batch rekeying Probability of trustworthiness (P t ) is given in all three schemes. Only untrusted leave requests need to be considered by the key server.
9
Threshold-based periodic batch rekeying Application-specific constraints: –P v : probability of (forward) secrecy violation –D: delay occurred due to periodic batch rekeying
10
Threshold-based periodic batch rekeying The key server applies the following procedure when performing a rekeying operation at the end of each batch interval: –if a > b+c, then the server will process b+c join-leave request pairs before processing a – (b+c) join requests; –if a = b+c, then the server will process b+c join-leave request pairs; –if a < b+c, then the server will process a join-leave A new join member can take the place of a leave member in the key tree. –The server only needs to generate new keys along the paths of the leave members and give the new keys to the new join member.
11
Performance model Notation
12
Performance model (ULT) The average batch rekey interval in ULT (T) For ULT, the state of the system representation at the end of each batch rekeying interval
13
Performance model (ULT) The total communication overhead bits (C m ) in ULT Average communication overhead delay for batch rekey (S cm )
14
Performance model (ULT) Average communication overhead delay per join/leave (S) in ULT Average probability of secrecy violation (P v ) in ULT The delay per join/leave operation (D) in ULT
15
Performance Model For TAUDT and JALDT, there are too many states, thus, SPN model is developed to measure performance metrics.
16
Performance Model
18
Average communication overhead delay per join/leave (S): Average probability of secrecy violation (P v ):
19
Performance Model The delay per join/leave operation (D):
20
Numerical results and analysis Constants: –Number of members in the group (N) is set to 1024 –The length of each key (J) is 64 bits –Average overhead for broadcasting (T b ) is 5msec –Network bandwidth (BW) is 1 Mbps Variables: –Ratio arrival rate of join requests to the arrival rates of leave request (λ : µ) –Probability of trustworthiness (P t )
21
Numerical results and analysis
34
Conclusions An optimal rekeying interval (T) exists under each of these schemes By varying the Pv and (λ : µ), TAUDT is able to produce the minimum S and the maximum T. As Pt increases, minimum S decreases and T increases. As µ increases, minimum S increases and optimal T decreases
35
Future work Analyzing the effects of insider attacks and intrusion detection system design on the security and performance prosperities of group communications in wireless systems. Add reliability and availability to the SPN model. Investing the issue of optimal batch rekeying for the case in which a group consists of multiple subgroups.
36
Questions Thank you
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.