Presentation is loading. Please wait.

Presentation is loading. Please wait.

Security Kim Soo Jin. 2 Contents Background Introduction Secure multicast using clustering Spatial Clustering Simulation Experiment Conclusions.

Published byMavis Newman Modified over 9 years ago

Similar presentations

Presentation on theme: "Security Kim Soo Jin. 2 Contents Background Introduction Secure multicast using clustering Spatial Clustering Simulation Experiment Conclusions."— Presentation transcript:

1 Security Kim Soo Jin

2 2 Contents Background Introduction Secure multicast using clustering Spatial Clustering Simulation Experiment Conclusions

3 3 Background(1/3) Cryptosystem Secret key system (Private key system) AB Encryption Decryption

4 4 Background(2/3) Multicasting Key server Host – Individual Key Group multicasting

5 5 Background(3/3) Multicasting Key server Host – ”Group Key” * Secure group communication * Group multicasting

6 6 Introduction(1/2) If assuming the network infrastructure is insecure : Non-members can eavesdrop on the multicast group and store encrypted messages The members who have left the group can continue to decrypt messages New members can decrypt messages they had stored previously Need the “ Group re-keying ” during each membership change

7 7 Introduction(2/2) Point-to-point Point-to-multipoint Scalability problem of key management This paper ’ s algorithm Does not require router support Completely end-host based

8 8 Secure Multicast using Clustering Member hierarchy for Key distribution The procedure terminates when there is only a single member in any layer Cluster [ABC] Cluster [DEJF] Cluster [GHI] Cluster [CEH]

9 9 Secure Multicast using Clustering Layer Keys and Cluster Keys : Layer key Possessed by the group members in that specific layer Generated, on-demand, by a key-server Cluster key The leader of each cluster is responsible for generating the cluster key for that cluster A pair-wise key is shared between the cluster- leader and each member

10 10 Secure Multicast using Clustering Key Distribution Protocol (Example 1) Assuming the cluster size : 3~5 Multicast to all members in L1 encrypted by L1 layer key

11 11 Secure Multicast using Clustering Key Distribution Protocol (Example 2)

12 12 Example 2 cont.

13 13 Secure Multicast using Clustering Key Distribution Protocol (Example 2)

14 14 Spatial Clustering Clustering algorithm Member discovery protocol Clustering protocol

15 15 Spatial clustering Member discovery protocol Defines parent-child relationships among the different members of the multicast tree Focus on network layer multicast scheme that creates shared bi-directional trees (e.g.CBT) d(x,y) : distance between the members x and y, in router hops, then, y is considered to be parent of x, if and only if - d(S,y) d(S,x) (where, S is source) - z that satisfy d(y,x) d(z,x)

16 16 Spatial Clustering Member discovery protocol (Cont.) 1 2 34 5 3 4

17 17 Spatial Clustering Clustering protocol To create the clusters, the tree is logically traversed from the leaves upwards to the root. Whenever a set of members that fall within the size bounds is detected, they are grouped into a cluster. : subtree rooted at some node v, which cannot be joined to any cluster rooted at v, and has to be joined to a cluster that is rooted at a node upstream of node v Unstable subtree Cluster size : k~2k 3k/2 + 3k/4 = 9k/4 > 2k

18 18 Spatial Clustering Clustering protocol (Cont.)

19 19 Simulation Experiment Experiment setup Simulated network infrastructures that do support directed multicast → sender can multicast a packet to individual subtree(s) rooted at a specific router on the multicast delivery tree do not support directed multicast → using a different multicast address → Instead, using TTL-scoping : scoped multicast

20 20 Simulation Experiment Experimental methodology Key-normalized byte count The network overhead for re-keying at a single router assuming unit(1 byte) key size Packet load A counter of the # of packets processed by the routers on the multicast tree Storage and Processing Overhead The # of keys stored at each node and the # of cryptographic operation at each node

21 21 Simulation Experiment Spatial-i : i different multicast addresses → a simple decentralized address assignment scheme : each cluster picks one multicast address at random, independent of each other Spill over

22 22 Simulation Experiment

23 23 Simulation Experiment

24 24 Conclusions This paper ’ s algorithm Does not require router support Completely end-host based efficient in practice Directed multicast is an useful primitive for implementing many secure multicast schemes

25 25 References Suman Banerjee, Bobby Bhattacharjee,Scalable Secure Group Communication over IP Multicast I. Chang, R. Engel, D. Kandlur, D. Pendarakis, and D. Saha, Key management for secure internet multicast using boolean function minimization techniques. In Proceedings of Infocom, New York, March 1999 C.K. Wong, M. Gouda, and S. Lam. Secure group communications using key graphs. Proceedings of SIGCOMM, September 1998

Download ppt "Security Kim Soo Jin. 2 Contents Background Introduction Secure multicast using clustering Spatial Clustering Simulation Experiment Conclusions."

Similar presentations

Internet Indirection Infrastructure (i3 ) Ion Stoica, Daniel Adkins, Shelley Zhuang, Scott Shenker, Sonesh Surana UC Berkeley SIGCOMM 2002 Presented by:

Internet Indirection Infrastructure (i3 ) Ion Stoica, Daniel Adkins, Shelley Zhuang, Scott Shenker, Sonesh Surana UC Berkeley SIGCOMM 2002 Presented by:
A Survey of Key Management for Secure Group Communications Celia Li.

A Survey of Key Management for Secure Group Communications Celia Li.
Pastry Peter Druschel, Rice University Antony Rowstron, Microsoft Research UK Some slides are borrowed from the original presentation by the authors.

Pastry Peter Druschel, Rice University Antony Rowstron, Microsoft Research UK Some slides are borrowed from the original presentation by the authors.
A hierarchical key management scheme for secure group communications in mobile ad hoc networks Authors: Nen-Chung Wang and Shian-Zhang Fang Sources: The.

A hierarchical key management scheme for secure group communications in mobile ad hoc networks Authors: Nen-Chung Wang and Shian-Zhang Fang Sources: The.
Impact Analysis of Cheating in Application Level Multicast s 1090176 Masayuki Higuchi.

Impact Analysis of Cheating in Application Level Multicast s 1090176 Masayuki Higuchi.
Presentation By: Garrett Lund Paper By: Sandro Rafaeli and David Hutchison.

Presentation By: Garrett Lund Paper By: Sandro Rafaeli and David Hutchison.
Yan (Lindsay) Sun and K. J. Ray Liu IEEE/ACM Transactions on Networking, Dec. 2007. Presented by Seo Bon Keun, 2008.

Yan (Lindsay) Sun and K. J. Ray Liu IEEE/ACM Transactions on Networking, Dec Presented by Seo Bon Keun, 2008.
SCRIBE A large-scale and decentralized application-level multicast infrastructure.

SCRIBE A large-scale and decentralized application-level multicast infrastructure.
Ranveer Chandra , Kenneth P. Birman Department of Computer Science

Ranveer Chandra , Kenneth P. Birman Department of Computer Science
Optimal Communication Complexity of Generic Multicast Key Distribution Saurabh Panjwani UC San Diego (Joint Work with Daniele Micciancio)

Optimal Communication Complexity of Generic Multicast Key Distribution Saurabh Panjwani UC San Diego (Joint Work with Daniele Micciancio)
“Scalable and Topologically-aware Application-layer Multicast” 2004.1.29 Yusung Kim Korea Advanced Institute of Science and Technology.

“Scalable and Topologically-aware Application-layer Multicast” Yusung Kim Korea Advanced Institute of Science and Technology.
Secure Multicast (II) Xun Kang. Content Batch Update of Key Trees Reliable Group Rekeying Tree-based Group Diffie-Hellman Recent progress in Wired and.

Secure Multicast (II) Xun Kang. Content Batch Update of Key Trees Reliable Group Rekeying Tree-based Group Diffie-Hellman Recent progress in Wired and.
10/31/2007cs6221 Internet Indirection Infrastructure ( i3 ) Paper By Ion Stoica, Daniel Adkins, Shelley Zhuang, Scott Shenker, Sonesh Sharma Sonesh Sharma.

10/31/2007cs6221 Internet Indirection Infrastructure ( i3 ) Paper By Ion Stoica, Daniel Adkins, Shelley Zhuang, Scott Shenker, Sonesh Sharma Sonesh Sharma.
Secure Multicast Xun Kang. Content Why need secure Multicast? Secure Group Communications Using Key Graphs Batch Update of Key Trees Reliable Group Rekeying.

Secure Multicast Xun Kang. Content Why need secure Multicast? Secure Group Communications Using Key Graphs Batch Update of Key Trees Reliable Group Rekeying.
Network Layer4-1 Spanning trees r Suppose you have a connected undirected graph m Connected: every node is reachable from every other node m Undirected:

Network Layer4-1 Spanning trees r Suppose you have a connected undirected graph m Connected: every node is reachable from every other node m Undirected:
CS 268: Lecture 5 (Project Suggestions) Ion Stoica February 6, 2002.

CS 268: Lecture 5 (Project Suggestions) Ion Stoica February 6, 2002.
Internet Indirection Infrastructure Ion Stoica UC Berkeley.

Internet Indirection Infrastructure Ion Stoica UC Berkeley.
Scalable Application Layer Multicast Suman Banerjee Bobby Bhattacharjee Christopher Kommareddy ACM SIGCOMM Computer Communication Review, Proceedings of.

Scalable Application Layer Multicast Suman Banerjee Bobby Bhattacharjee Christopher Kommareddy ACM SIGCOMM Computer Communication Review, Proceedings of.
CMPE 150- Introduction to Computer Networks 1 CMPE 150 Fall 2005 Lecture 22 Introduction to Computer Networks.

CMPE 150- Introduction to Computer Networks 1 CMPE 150 Fall 2005 Lecture 22 Introduction to Computer Networks.
Secure Group Communications Using Key Graphs Chung Kei Wong, Member, IEEE, Mohamed Gouda Simon S. Lam, Fellow, IEEE Evgenia Gorelik Yuksel Ucar.

Secure Group Communications Using Key Graphs Chung Kei Wong, Member, IEEE, Mohamed Gouda Simon S. Lam, Fellow, IEEE Evgenia Gorelik Yuksel Ucar.

Similar presentations

Ads by Google