Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 5.3 Group Key Distribution Acknowledgment: Slides on.

Slides:



Advertisements
Similar presentations
Computer Science CSC 474Dr. Peng Ning1 CSC 474 Information Systems Security Topic 4.1 Firewalls.
Advertisements

Computer Science CSC 474Dr. Peng Ning1 CSC 474 Information Systems Security Topic 4.6 Kerberos.
Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 6. Security in Mobile Ad-Hoc Networks.
Efficient Kerberized Multicast Olga Kornievskaia University of Michigan Giovanni Di Crescenzo Telcordia Technologies.
Push Technology Humie Leung Annabelle Huo. Introduction Push technology is a set of technologies used to send information to a client without the client.
Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 4.2 BiBa.
Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 5.2 Tree-Based Group Diffie Hellman Protocol Acknowledgment:
A Survey of Key Management for Secure Group Communications Celia Li.
CSC 774 Advanced Network Security
A hierarchical key management scheme for secure group communications in mobile ad hoc networks Authors: Nen-Chung Wang and Shian-Zhang Fang Sources: The.
1 Efficient Self-Healing Group Key Distribution with Revocation Capability by Donggang Liu, Peng Ning, Kun Sun Presented by Haihui Huang
Group Protocols for Secure Wireless Ad hoc Networks Srikanth Nannapaneni Sreechandu Kamisetty Swethana pagadala Aparna kasturi.
CSC 774 Advanced Network Security
Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 3.3: Fair Exchange.
© 2007 Cisco Systems, Inc. All rights reserved. Valašské Meziříčí Connecting to the Network.
Presentation By: Garrett Lund Paper By: Sandro Rafaeli and David Hutchison.
Fall, Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style A Survey on Decentralized Group Key Management Schemes.
Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 5 Group Key Management.
Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Preparation for In-class Presentations.
Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 7. Wireless Sensor Network Security.
Computer Science 1 Efficient Self-healing Group Key Distribution With Revocation Capability Archana Rajagopal CSC 774 Presentation Based on Original Slides.
Optimal Communication Complexity of Generic Multicast Key Distribution Saurabh Panjwani UC San Diego (Joint Work with Daniele Micciancio)
Computer Science 6390 – Advanced Computer Networks Dr. Jorge A. Cobb How to provide Inter-domain multicast routing? PIM-SM MSDP MBGP.
Scribe: A Large-Scale and Decentralized Application-Level Multicast Infrastructure Miguel Castro, Peter Druschel, Anne-Marie Kermarrec, and Antony L. T.
Secure Multicast (II) Xun Kang. Content Batch Update of Key Trees Reliable Group Rekeying Tree-based Group Diffie-Hellman Recent progress in Wired and.
Secure Multicast Xun Kang. Content Why need secure Multicast? Secure Group Communications Using Key Graphs Batch Update of Key Trees Reliable Group Rekeying.
Secure Group Communications Using Key Graphs Chung Kei Wong, Member, IEEE, Mohamed Gouda Simon S. Lam, Fellow, IEEE Evgenia Gorelik Yuksel Ucar.
Copyright © B. C. Neuman, - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE Fall Security Systems Lecture notes Dr.
Scalable Secure Bidirectional Group Communication Yitao Duan and John Canny Berkeley Institute of Design Computer Science.
Multicast Security May 10, 2004 Sam Irvine Andy Nguyen.
Group Key Distribution Chih-Hao Huang
Multicast Security Issues and Solutions. Outline Explain multicast and its applications Show why security is needed Discuss current security implementations.
Multicast Communication Multicast is the delivery of a message to a group of receivers simultaneously in a single transmission from the source – The source.
Computer Science CSC 774 Adv. Net. SecurityDr. Peng Ning1 CSC 774 Advanced Network Security Topic 4. Broadcast Authentication.
Slide 1 Comparison of Inter-Area Rekeying Algorithms for Secure Mobile Group Communication C. Zhang*, B. DeCleene +, J. Kurose*, D. Towsley* * Dept. Computer.
Multimedia Broadcast/Multicast Service (MBMS)
Chapter 22 Network Layer: Delivery, Forwarding, and Routing
Computer Science 1 CSC 774 Advanced Network Security Secure Group Communications Using Key Graphs Presented by: Siddharth Bhai 9 th Nov 2005.
Key Distribution and Update for Secure Inter- group Multicast Communication Ki-Woong Park Computer Engineering Research Laboratory Korea Advanced Institute.
Hierarchical agent-based secure and reliable multicast in wireless mesh networks Yinan LI, Ing-Ray Chen Robert Weikel, Virginia Sistrunk, Hung-Yuan Chung.
Simple and Fault-Tolerant Key Agreement for Dynamic Collaborative Groups David Insel John Stephens Shawn Smith Shaun Jamieson.
Overlay Network Physical LayerR : router Overlay Layer N R R R R R N.
Secure Group Communication: Key Management by Robert Chirwa.
Fall, Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Collusion-Resistant Group Key Management Using Attribute-
Group Rekeying for Filtering False Data in Sensor Networks: A Predistribution and Local Collaboration-Based Approach Wensheng Zhang and Guohong Cao.
Improving MBMS Security in 3G Wenyuan Xu Rutgers University.
Analysis of e Multicast/Broadcast group privacy keying protocol Ju-Yi Kuo CS259 Final Project 3 / 16 / 2006.
A secure re-keying scheme Introduction Background Re-keying scheme User revocation User join Conclusion.
Computer Science CSC 774 Adv. Net. Security1 Presenter: Tong Zhou 11/21/2015 Practical Broadcast Authentication in Sensor Networks.
The School of Electrical Engineering and Computer Science (EECS) CS/ECE 419/478 Applied Cryptography ADVANCED KEY ESTABLISHMENT AND GROUP KEY MANAGEMENT.
Scalable and Reliable Key Distribution 1/ Ryuzou NISHI † † Institute of Systems & Information Technologies (ISIT)
1. Outline  Introduction  Different Mechanisms Broadcasting Multicasting Forward Pointers Home-based approach Distributed Hash Tables Hierarchical approaches.
Efficient Distribution of Key Chain Commitments for Broadcast Authentication in Distributed Sensor Networks Donggang Liu and Peng Ning Department of Computer.
Group Key Distribution Xiuzhen Cheng The George Washington University.
Efficient Group Key Management in Wireless LANs Celia Li and Uyen Trang Nguyen Computer Science and Engineering York University.
A Mechanism for Communication- Efficient Broadcast Encryption over Wireless Ad Hoc Networks Johns Hopkins University Department of Computer Science Reza.
Project Orda Secure Key Distribution Over Ad Hoc Networks Security in Ad Hoc Networks – Team A Lane Westlund, Roderic Campbell, Mark Allen, Dima Novikov,
Design and Implementation of Secure Layer over UPnP Networks Speaker: Chai-Wei Hsu Advisor: Dr. Chin-Laung Lei.
Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 5.3 Group Key Distribution Acknowledgment: Slides on.
Source: Computers & Security, Vol. 24, No. 5, pp , August 2005
Source: Computers & Security, vol.23, pp , 2004 Author: Heba K. Aslan
NSF Faculty Career Award
Announcements All Labs and Their Demo All HWs and Their Grading
Advanced Operating System
CSC 774 Advanced Network Security
Group Key Management Scheme for Simultaneous Multiple Groups with Overlapped Membership Andrew Moore 9/27/2011.
Design and Implementation of SUPnP Networks
Design and Implementation of a Secure UPnP Environment
Scalable Group Key Management with Partially Trusted Controllers
Combinatorial Optimization of Multicast Key Management
Presentation transcript:

Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 5.3 Group Key Distribution Acknowledgment: Slides on LKH were originally provided by Dr. Wensheng Zhang at Iowa State.

Computer Science Dr. Peng NingCSC 774 Adv. Net. Security2 Outline Overview of group key distribution A naïve solution Iolus: A Framework for Scalable Secure Multicasting Logical key hierarchy (LKH)

Computer Science Dr. Peng NingCSC 774 Adv. Net. Security3 Group Key Distribution Group session keys are determined by the group manager –Usually used for large groups. Group key manager Group members

Computer Science Dr. Peng NingCSC 774 Adv. Net. Security4 A Naïve Solution Use a separate secure unicast connection from the group manager to EACH group member. Requirement –Each client shares a unique key with the controller. Poor scalability: –n-1 secure unicast connections –n secret keys

Computer Science Dr. Peng NingCSC 774 Adv. Net. Security5 Problems Specific to Group Communication “1 affects n” problem –The actions of one member affects the entire group Group key manager Old members New member joins

Computer Science Dr. Peng NingCSC 774 Adv. Net. Security6 Problems Specific to Group Communication (Cont’d) “1 does not equal n” problem –Cannot deal with the group as a whole –Must consider the conflicting demands of members on an individual basis Group key manager Group members Member leaves Example: Cannot use the old group key to distribute the new group key.

Computer Science Dr. Peng NingCSC 774 Adv. Net. Security7 Iolus Divide a large group into smaller groups Introduce entities that manage and connect the subgroups –Group security controllers (GSC) Control the entire group –Group security intermediaries (GSI) Control the subgroups on behalf of GSC –GSC and GSI are both referred to as group security agent (GSA) –With GSC as the root, GSAs form a hierarchy of subgroups A lower-level GSA is a member of the group headed by the higher- level GSA

Computer Science Dr. Peng NingCSC 774 Adv. Net. Security8 Iolus (Cont’d)

Computer Science Dr. Peng NingCSC 774 Adv. Net. Security9 Iolus (Cont’d) Joins –GSA generates K GSA-MBR –Store this key along with other information –Send K GSA-MBR to the new member in a secure channel –Generate a new group key K’ G –Send {K’ G }K G to the group –Send K’ G to the new member in a secure channel

Computer Science Dr. Peng NingCSC 774 Adv. Net. Security10 Iolus (Cont’d) Leaves –Generate a new group key K’ G –Send K’ G to each member MBR individually in the secure channel encrypted with K GSA-MBR

Computer Science Dr. Peng NingCSC 774 Adv. Net. Security11 Iolus (Cont’d) Data transmission –Data retransmitted within each subgroup

Computer Science Dr. Peng NingCSC 774 Adv. Net. Security12 Iolus (Cont’d) Iolus for group key management –Replace the data with the group key in data transmission

Computer Science Dr. Peng NingCSC 774 Adv. Net. Security13 Logical entities Group key members Group Controller N: number of members D: tree degree depth  1 ()lnN () d Key Tree Approaches Two types of keys –SEKs (Session Encryption Key) –KEKs (Key Encryption Key) A Group Controller constructs a tree based hierarchy of KEKs

Computer Science Dr. Peng NingCSC 774 Adv. Net. Security14 Logical Key Hierarchy (LKH) Keys are organized in a (logical) hierarchical tree –Group key is located at the root –Key encryption keys are the non-root, non-leave nodes –Members are located at the leaves Updates the group key and the key encryption key by means of the encryption of key-nodes Rekey with only O(logN) messages

Computer Science Dr. Peng NingCSC 774 Adv. Net. Security15 K 32 K 31 K 33 K 34 K 35 K 36 K 37 K 38 K 22 K 21 K 23 K 24 K 11 K 12 K0K0K0K0GKCs M1M1M1M1 M2M2M2M2 M4M4M4M4 M6M6M6M6 M5M5M5M5 M3M3M3M3 M7M7M7M7 M8M8M8M8 N secure channels LKH (Cont’d) Initialization

Computer Science Dr. Peng NingCSC 774 Adv. Net. Security16 GKCs K 32 K 31 K 34 K 35 K 36 K 37 K 38 K 22 K 21 K 23 K 24 K 11 K 12 K0K0K0K0 M1M1M1M1 M2M2M2M2 M4M4M4M4 M6M6M6M6 M5M5M5M5 M3M3M3M3 M7M7M7M7 M8M8M8M8 ()lnN () d Rekeying Messages K’ 11 K’ 22 K’ 0 K 34 { K 11 ’} K 34 { K 0 ’} K 34 { K 22 ’} K 21 { K 11 ’} K 21 { K 0 ’} K 12 { K 0 ’} LKH (Cont’d) Member leave

Computer Science Dr. Peng NingCSC 774 Adv. Net. Security17 GKCs K 32 K 31 K 33 K 34 K 35 K 36 K 37 K 38 K 22 K 21 K 23 K 24 K 11 K 12 K0K0K0K0 M1M1M1M1 M2M2M2M2 M4M4M4M4 M6M6M6M6 M5M5M5M5 M3M3M3M3 M7M7M7M7 M8M8M8M8 ()lnN () d Rekeying messages K’ 21 K’ 11 K’ 0 K 21 { K 21 ’} K 11 { K 11 ’} K 0 { K 0 ’} K 31 { K 21 ’} K 31 { K 11 ’} K 31 { K 0 ’} LKH (Cont’d) Member join

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.