Presentation is loading. Please wait.

Presentation is loading. Please wait.

Network Security in Ring Multicast Diffie - Hellman Algorithm 1.A and B agree on a prime q and a number 1 <g <q. 2.A and B choose private keys, S A and.

Published byDarleen Green Modified over 7 years ago

Similar presentations

Presentation on theme: "Network Security in Ring Multicast Diffie - Hellman Algorithm 1.A and B agree on a prime q and a number 1 <g <q. 2.A and B choose private keys, S A and."— Presentation transcript:

1 Network Security in Ring Multicast Diffie - Hellman Algorithm 1.A and B agree on a prime q and a number 1 <g <q. 2.A and B choose private keys, S A and S B. 3.A and B compute public keys, K A = g S A mod q K B = g S A mod q 4.For A, K = (K B ) S A mod p = g S A S B mod q For B, K = (K A ) S B mod p = g S A S B mod q X EA, D’EA, CD’EA da b c 3 2 5 1 4 EABC * D’, CD’, BCD’, ABCD’ * * * e * E, D’E, CD’E, BCD’E EAB, D’EAB Member Addition Protocol a b c 2 AC’ 1 C’, BC’ * * * Member Exclusion Protocol e joins the multicast ring; d updates D to D’; New key will be ABCD’E. d leaves the multicast ring; c updates C to C’; New key will be ABC’. Mass Join Protocol ABF,ABEF, ABD’EF da b c 3 2 6 1 5 * D’, CD’, BCD’, ABCD’ * * * e * f E,D’E, CD’E BCD’E, ABCD’E F,EF,D’EF, CD’EF BCD’EF, * AF,AEF, AD’EF, ACD’EF 4 ABCF, ABCEF 7 ABCD’F da b c 2 1 * D’’, CD’’, ACD’’ * * ef D’’F, CD’’F * 3 AD”F Subgroup Exclusion Protocol e, f join the group; Chain e & f in sequence; d updates D to D’; New key is ABCD’EF. b, e leave the group; d updates D to D’’; New key is ACD’’F. da b c ef a b c 2 AC’ 1 C’, BC’ * * * d ef Group 1: d e f 1 D’’ 2 3 4 E’’, D’’E’’ F’’, E”F’’ * * * D’’F’’ Group 2: Subgroup Exclusion IKE Group Division Protocol Run the subgroup exclusion protocol to form Group 1; Run IKE to form Group 2. da b c 1 2 3 Ko [F;0;new;B’,AB’,AB’D] * * * Ko [F;0;new;B’C,AB’C] Ko [F;0;new;B’CD] K N [G;1;-;-] Key Refresh with New word Policy Ko [F; 0; new; B’C,AB’C] Packet dataAlternating bitNew subkeys New key specified b refreshes the key; F & G are packet data; Key refresh doesn’t interrupt data flow. Key format KoKNKN Old key New key Key Refresh with Transformation K [F; 0; from d; T 1 ] Packet dataAlternating bitTransformation Refreshing member da b c 3 2 1 * * * K [F;0;from d;T 1 ] * K [G;1;from d;T 1 ] T 1 K [G;1;-;-] K T1KT1K Key format d refreshes the key; F & G are packet data; New key is T 1 K; Key refresh doesn’t interrupt data flow. Key Refresh with Transformations K TK T=T A T B T C T D d a b c 3 2 1 * * K [F;0;from d;T D ] K [G;1;from d; T D,T A ] K [G;1;from d; T D,T A,T B ] 4 5 6 7 K [G;1;from d; T C,T A,T B ] K [G;1;from d; T B,T C ] * * K [H;0;from d;T C ] TK [H;0;-;-] d initiates the key refresh; Each member contributes its own transformation; F, G & H are packet data; Key refresh doesn’t interrupt data flow. Multicast Network Advantages: Low network transmission overheads High user scalability Applications: Stock quote services, Internet radio, Video conferencing, Pay per view TV Concerns: Backward/Forward secrecy Data confidentiality Membership changes (Dynamic Groups) Efficient key management scheme (Key Agreement, Key Refresh etc.) New word Policy in Ring Multicast N1N1 N1N1 M0M0 M0M0 M0M0 DC X 1 N1N1 N1N1 N1N1 N1N1 2 3 4 5 Station Station 1 is source; N 1 is new message; M 0 is prior packet; X means transmission error; DC means “Don’t Care”; 1 resent N 1 when seeing M 0. Secure Acknowledging Multicast (SAM) da b c 1 A 2 3 4 5 6 B, AB C, BC, ABC * D, CD, BCD * * * AD,ACD ABD a is source; b, c, d are receivers; Group key is ABCD; Asterisk denotes receiver now has common secret key. ABCD AB ABC A Initial Key Establishment (IKE) Notations: SAM scheme achieves secure and efficient key agreement in the context of dynamic ring multicast network, such as initial key establishment, member addition, member exclusion, mass join, subgroup exclusion and group division etc. SAM provides both simple acknowledgement with new-word policy and simple key refresh via transformations. Key refresh does not interrupt the data exchange and acknowledgement. Conclusions Thank you for stopping by ! Any Questions ?? Contact us via email: John J. Metzner metzner@cse.psu.edumetzner@cse.psu.edu Yuexin Liu yxl185@psu.eduyxl185@psu.edu John J. Metzner, Yuexin Liu Dept. of Computer Science and Engineering, The Pennsylvania State University

Download ppt "Network Security in Ring Multicast Diffie - Hellman Algorithm 1.A and B agree on a prime q and a number 1 <g <q. 2.A and B choose private keys, S A and."

Similar presentations

Diffie-Hellman Diffie-Hellman is a public key distribution scheme First public-key type scheme, proposed in 1976.

Diffie-Hellman Diffie-Hellman is a public key distribution scheme First public-key type scheme, proposed in 1976.
Secure Mobile IP Communication

Secure Mobile IP Communication
A Survey of Key Management for Secure Group Communications Celia Li.

A Survey of Key Management for Secure Group Communications Celia Li.
ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.

ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.
Modelling and Analysing of Security Protocol: Lecture 14 Some Real Life Protocols Tom Chothia CWI.

Modelling and Analysing of Security Protocol: Lecture 14 Some Real Life Protocols Tom Chothia CWI.
1 Efficient Self-Healing Group Key Distribution with Revocation Capability by Donggang Liu, Peng Ning, Kun Sun Presented by Haihui Huang

1 Efficient Self-Healing Group Key Distribution with Revocation Capability by Donggang Liu, Peng Ning, Kun Sun Presented by Haihui Huang
Group Protocols for Secure Wireless Ad hoc Networks Srikanth Nannapaneni Sreechandu Kamisetty Swethana pagadala Aparna kasturi.

Group Protocols for Secure Wireless Ad hoc Networks Srikanth Nannapaneni Sreechandu Kamisetty Swethana pagadala Aparna kasturi.
Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style A Survey on Decentralized Group Key Management Schemes.

Fall, Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style A Survey on Decentralized Group Key Management Schemes.
Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 5 Group Key Management.

Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 5 Group Key Management.
Chapter 13 IPsec. IPsec (IP Security)  A collection of protocols used to create VPNs  A network layer security protocol providing cryptographic security.

Chapter 13 IPsec. IPsec (IP Security)  A collection of protocols used to create VPNs  A network layer security protocol providing cryptographic security.
Annexations and Merging in Weighted Voting Games: The Extent of Susceptibility of Power Indices by Ramoni Lasisi Vicki Allan.

Annexations and Merging in Weighted Voting Games: The Extent of Susceptibility of Power Indices by Ramoni Lasisi Vicki Allan.
CS555Spring 2012/Topic 161 Cryptography CS 555 Topic 16: Key Management and The Need for Public Key Cryptography.

CS555Spring 2012/Topic 161 Cryptography CS 555 Topic 16: Key Management and The Need for Public Key Cryptography.
Real Time Flow Handoff in Ad Hoc Wireless Networks using Mobility Prediction William Su Mario Gerla Comp Science Dept, UCLA.

Real Time Flow Handoff in Ad Hoc Wireless Networks using Mobility Prediction William Su Mario Gerla Comp Science Dept, UCLA.
Secure Multicast (II) Xun Kang. Content Batch Update of Key Trees Reliable Group Rekeying Tree-based Group Diffie-Hellman Recent progress in Wired and.

Secure Multicast (II) Xun Kang. Content Batch Update of Key Trees Reliable Group Rekeying Tree-based Group Diffie-Hellman Recent progress in Wired and.
1 Authenticated key agreement without using one-way hash functions Harn, L.; Lin, H.-Y. Electronics Letters, Volume: 37 Issue: 10, 10 May 2001 Presented.

1 Authenticated key agreement without using one-way hash functions Harn, L.; Lin, H.-Y. Electronics Letters, Volume: 37 Issue: 10, 10 May 2001 Presented.
Secure Multimedia Multicast: Interface and Multimedia Transmission GROUP 2: Melissa Barker Norman Lo Michael Mullinix server router client router client.

Secure Multimedia Multicast: Interface and Multimedia Transmission GROUP 2: Melissa Barker Norman Lo Michael Mullinix server router client router client.
Distributed Collaborative Key Agreement Protocols for Dynamic Peer Groups Patrick P. C. Lee, John C. S. Lui and David K. Y. Yau IEEE ICNP 2002.

Distributed Collaborative Key Agreement Protocols for Dynamic Peer Groups Patrick P. C. Lee, John C. S. Lui and David K. Y. Yau IEEE ICNP 2002.
Establishment of Conference Keys in Heterogeneous Networks Wade Trappe, Yuke Wang, K. J. Ray Liu 2002. ICC 2002. IEEE International Conference.

Establishment of Conference Keys in Heterogeneous Networks Wade Trappe, Yuke Wang, K. J. Ray Liu ICC IEEE International Conference.
Scalable Secure Bidirectional Group Communication Yitao Duan and John Canny Berkeley Institute of Design Computer Science.

Scalable Secure Bidirectional Group Communication Yitao Duan and John Canny Berkeley Institute of Design Computer Science.
Multicast Security May 10, 2004 Sam Irvine Andy Nguyen.

Multicast Security May 10, 2004 Sam Irvine Andy Nguyen.

Similar presentations

Ads by Google