Pairwise Key Agreement in Broadcasting Networks - 2005.11.11 - Ik Rae Jeong.

Slides:



Advertisements
Similar presentations
TCC 2006 Research on Password-Authenticated Group Key Exchange Jeong Ok Kwon, Ik Rae Jeong, and Dong Hoon Lee (CIST, Korea Univ.) Kouchi Sakurai (Kyushu.
Advertisements

The Diffie-Hellman Algorithm
Diffie-Hellman Diffie-Hellman is a public key distribution scheme First public-key type scheme, proposed in 1976.
Foundations of Cryptography Lecture 7 Lecturer:Danny Harnik.
Off-the-Record Communication, or, Why Not To Use PGP
An Introduction to Pairing Based Cryptography Dustin Moody October 31, 2008.
A Survey of Key Management for Secure Group Communications Celia Li.
11 Efficient and Secure Certificateless Authentication and Key Agreement Protocol for Hybrid P2P Network Authors: Z. B. Xu and Z. W. Li Source: The 2nd.
1 CCSDS Security Architecture Key Management 13 th April 2005 Athens.
CS555Topic 191 Cryptography CS 555 Topic 19: Formalization of Public Key Encrpytion.
Tight Bounds for Unconditional Authentication Protocols in the Moni Naor Gil Segev Adam Smith Weizmann Institute of Science Israel Modeland Shared KeyManual.
Rennes, 23/10/2014 Cristina Onete Key-Exchange Protocols. Diffie-Hellman, Active Attacks, and TLS/SSL.
Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 5 Group Key Management.
Eran Omri, Bar-Ilan University Joint work with Amos Beimel and Ilan Orlov, BGU Ilan Orlov…!??!!
Public-key based. Public-key Techniques based Protocols –may use either weak or strong passwords –high computation complexity (Slow) –high deployment.
Information Security for Sensors Overwhelming Random Sequences and Permutations Shlomi Dolev, Niv Gilboa, Marina Kopeetsky, Giuseppe Persiano, and Paul.
CS555Spring 2012/Topic 161 Cryptography CS 555 Topic 16: Key Management and The Need for Public Key Cryptography.
1 Authenticated key agreement without using one-way hash functions Harn, L.; Lin, H.-Y. Electronics Letters, Volume: 37 Issue: 10, 10 May 2001 Presented.
CMSC 414 Computer and Network Security Lecture 6 Jonathan Katz.
CMSC 414 Computer (and Network) Security Lecture 21 Jonathan Katz.
1 Security analysis of an enhanced authentication key exchange protocol Authors : H.Y. Liu, G.B. Horng, F.Y. Hung Presented by F.Y. Hung Date : 2005/5/20.
Cryptography1 CPSC 3730 Cryptography Chapter 10 Key Management.

Establishment of Conference Keys in Heterogeneous Networks Wade Trappe, Yuke Wang, K. J. Ray Liu ICC IEEE International Conference.
Key Establishment Techniques: Key Distribution and Key Agreement
Slide 1 Vitaly Shmatikov CS 378 Key Establishment Pitfalls.
CMSC 414 Computer and Network Security Lecture 6 Jonathan Katz.
CMSC 414 Computer and Network Security Lecture 23 Jonathan Katz.
Computer Science CSC 774Dr. Peng Ning1 CSC 774 Advanced Network Security Topic 2. Review of Cryptographic Techniques.
Public-Key Cryptography and RSA CSE 651: Introduction to Network Security.
CMSC 414 Computer and Network Security Lecture 14 Jonathan Katz.
Adaptively Secure Broadcast, Revisited
Oblivious Signature-Based Envelope Ninghui Li, Stanford University Wenliang (Kevin) Du, Syracuse University Dan Boneh, Stanford University.
© UCL Crypto group Sep-15 A Security Analysis of Cliques Protocols Suites Olivier Pereira – Jean-Jacques Quisquater UCL Crypto Group.
Overview of Key Establishment Techniques: Key Distribution, Key Agreement and PKI Wade Trappe.
Key Agreement Guilin Wang School of Computer Science 12 Nov
Software Security Seminar - 1 Chapter 5. Advanced Protocols 조미성 Applied Cryptography.
Cryptography and Network Security (CS435) Part Eight (Key Management)
Presented by: Suparita Parakarn Kinzang Wangdi Research Report Presentation Computer Network Security.
CIST/ETRI/ISIT/KDDI/Kyusyu Univ./NICT Joint Research Workshop on Ubiquitous Network Security 2005 Verifier-Based Password-Authenticated Key Exchange Jeong.
PUBLIC-KEY CRYPTOGRAPH IT 352 : Lecture 2- part3 Najwa AlGhamdi, MSc – 2012 /1433.
Chapter 3 (B) – Key Management; Other Public Key Cryptosystems.
Lecture 6.2: Protocols - Authentication and Key Exchange II CS 436/636/736 Spring 2012 Nitesh Saxena.
Digital Signatures, Message Digest and Authentication Week-9.
1 Chapter 10: Key Management in Public key cryptosystems Fourth Edition by William Stallings Lecture slides by Lawrie Brown (Modified by Prof. M. Singhal,
Protocol Analysis. CSCE Farkas 2 Cryptographic Protocols Two or more parties Communication over insecure network Cryptography used to achieve goal.
1 Authenticated Key Exchange Rocky K. C. Chang 20 March 2007.
1 Diffie-Hellman (Key Exchange) Protocol Rocky K. C. Chang 9 February 2007.
1 Chapter 3-3 Key Distribution. 2 Key Management public-key encryption helps address key distribution problems have two aspects of this: –distribution.
Diffie-Hellman Key Exchange first public-key type scheme proposed by Diffie & Hellman in 1976 along with the exposition of public key concepts – note:
1 Diffie-Hellman (Key Exchange) Protocol Rocky K. C. Chang 9 February 2007.
Computer Science Authenticated Group Key Agreement and Friends Giuseppe Ateniese, Michael Stiener and Gene Tsudik Presented by Young Hee Park November.
Round-Efficient Multi-Party Computation in Point-to-Point Networks Jonathan Katz Chiu-Yuen Koo University of Maryland.
CMSC 414 Computer and Network Security Lecture 2 Jonathan Katz.
Doc.: IEEE /2539r0 Submission September 2007 Tony Braskich, MotorolaSlide 1 Overview of an abbreviated handshake with sequential and simultaneous.
Privacy & Security.
Public-Key Cryptography and RSA
Group theory exercise.
Cryptography Lecture 12.
Diffie-Hellman Secure Key Exchange 1976.
Recent developments in group key exchange
刘振 上海交通大学 计算机科学与工程系 电信群楼3-509
El Gamal and Diffie Hellman
Diffie-Hellman key exchange/agreement algorithm
Key Establishment Protocols ~
El Gamal and Diffie Hellman
Cryptography Lecture 11.
刘振 上海交通大学 计算机科学与工程系 电信群楼3-509
Chapter 15 Key Management
Lecture 6.2: Protocols - Authentication and Key Exchange II
Presentation transcript:

Pairwise Key Agreement in Broadcasting Networks Ik Rae Jeong

Contents I.Security Notions of Key Exchange II.Type of Networks III.Key Agreement for Key Graphs

I.Security Notions of Key Exchange IA (Implicit Authentication) –Only a designated party can calculate the same session key. Dishonest parties can not get any information about the session key. KI (Key Independence) –security against Denning-Sacco attacks (known key attacks) –for the cases when other session keys are revealed FS (Forward Secrecy) –for the cases when long-term secrets are revealed

II.Types of Network half-duplex full-duplex 4 Rounds 2 Rounds Alice Bob Alice Bob

II.Types of Network Broadcasting Network Round 1 P1 P4 P3 P2 Round 2

DH (half-duplex) Alice Bob 2 Rounds

DH (full-duplex) Alice Bob 1 Round

Session Identifier The unique string per session Used to define matching session in the definition of security of key exchange In the full-duplex channel: the message concatenation by the ordering of owners

III. Key Agreement for Key Graphs We have constructed more efficient key exchange schemes which provides pairwise key exchange between parties via randomness re-use technique.

Sequential Key Exchange between Parties P1 P4P3 P2

Concurrent Key Exchange between Parties P1 P4P3 P2

Motivation How do we efficiently do concurrent execution of the two-party key exchange scheme ?

Our Results An efficient one-round key exchange scheme providing key independence in the standard model A two-round key exchange scheme providing forward secrecy in the standard model

Key Graph for Session keys (1) P1 P4 P3 P2 G={V,E} V={P1,P2,P3,P4} E={(P1,P2),(P1,P3),(P1,P4)} G={V,E} V={P1,P2,P3,P4} E={(P1,P2),(P2,P3),(P3,P4), (P4,P1)} P1 P4 P3 P2

Key Graph for Session keys (2) G={V,E} V={P1,P2,P3,P4} E={(P1,P2),(P1,P3), (P2,P4), (P2,P5), (P3,P6), (P3,P7)} G={V,E} V={P1,P2,P3,P4} E={(P1,P2),(P1,P3),(P1,P4), (P2,P3),(P2,P4),(P3,P4)} P1 P4 P3 P2 P1 P4 P3P2 P5 P6 P7

Key Exchange Model for Key Graphs Broadcasting network Several session keys in a single session

One-Round Two-Party Diffie- Hellman Key Exchange P1 P2

One-Round Concurrent Key Exchange using Two-Party Key Exchange P1 P4P3 P2 P1 requires three random values.

One-Round Concurrent Key Exchange using randomness re-use technique P1 P4P3 P2 P1 requires one random values.

Randomness Re-use under the DDH assumption Pairwise DDH assumption 1 Exp

Randomness Re-use under the DDH assumption Pairwise DDH assumption 2 Exp

PKA1 P1 P4 P3 P2 Round 1: KI in the standard model F is a pseudo random function

PKA2 P1 P4 P3 P2 Round 1: FS in the standard model

Security PKA1 and PKA2 –reduced to the DDH problem in the standard model

Discussion Key exchange for key graph is an extension of two-party key exchange. Key exchange for key graph can be used as a subprotocol of another protocol such as group key exchange protocols.

Thank You !

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.