Computer Science 1 CSC 774 Advanced Network Security Secure Group Communications Using Key Graphs Presented by: Siddharth Bhai 9 th Nov 2005.

Slides:



Advertisements
Similar presentations
Efficient Kerberized Multicast Olga Kornievskaia University of Michigan Giovanni Di Crescenzo Telcordia Technologies.
Advertisements

Fast and Secure Universal Roaming Service for Mobile Internet Yeali S. Sun, Yu-Chun Pan, Meng-Chang Chen.
A Survey of Key Management for Secure Group Communications Celia Li.
CSC 774 Advanced Network Security
Computer Networking A Top-Down Approach Chapter 4.7.
1 Efficient Self-Healing Group Key Distribution with Revocation Capability by Donggang Liu, Peng Ning, Kun Sun Presented by Haihui Huang
Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 5.3 Group Key Distribution Acknowledgment: Slides on.
Group Protocols for Secure Wireless Ad hoc Networks Srikanth Nannapaneni Sreechandu Kamisetty Swethana pagadala Aparna kasturi.
1 Performance Char’ of Region- Based Group Key Management --- in Mobile Ad Hoc Networks --- by Ing-Ray Chen, Jin-Hee Cho and Ding-Chau Wang Presented by.
Internet Security Protocols
Access control for IP multicast T Petri Jokela
Yan (Lindsay) Sun and K. J. Ray Liu IEEE/ACM Transactions on Networking, Dec Presented by Seo Bon Keun, 2008.
Fall, Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style A Survey on Decentralized Group Key Management Schemes.
Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 5 Group Key Management.
A Distributed and Oblivious Heap Christian Scheideler and Stefan Schmid Dept. of Computer Science University of Paderborn.
KAIS T Distributed Collaborative Key Agreement and Authentication Protocols for Dynamic Peer Groups IEEE/ACM Trans. on Netw., Vol. 14, No. 2, April 2006.
Optimal Communication Complexity of Generic Multicast Key Distribution Saurabh Panjwani UC San Diego (Joint Work with Daniele Micciancio)
1.1 Distributed and Collaborative Key Agreement Protocols with Authentication and Implementation for Dynamic Peer Groups Patrick Pak-Ching LEE.
Secure Multicast (II) Xun Kang. Content Batch Update of Key Trees Reliable Group Rekeying Tree-based Group Diffie-Hellman Recent progress in Wired and.
Secure Multicast Xun Kang. Content Why need secure Multicast? Secure Group Communications Using Key Graphs Batch Update of Key Trees Reliable Group Rekeying.
Towards Scalable and Reliable Secure Multicast Presenter: Yang Richard Yang Network Research Lab Department of Computer Sciences The University of Texas.
Secure Group Communications Using Key Graphs Chung Kei Wong, Member, IEEE, Mohamed Gouda Simon S. Lam, Fellow, IEEE Evgenia Gorelik Yuksel Ucar.
Distributed Collaborative Key Agreement Protocols for Dynamic Peer Groups Patrick P. C. Lee, John C. S. Lui and David K. Y. Yau IEEE ICNP 2002.
1 IP Multicasting. 2 IP Multicasting: Motivation Problem: Want to deliver a packet from a source to multiple receivers Applications: –Streaming of Continuous.
Multicast Security May 10, 2004 Sam Irvine Andy Nguyen.
WIRELESS SENSOR NETWORK SECURITY USING GROUP KEY MANAGEMENT SCHEME Presented By: Mohammed Saleh CS 599a Fall06.
Group Key Distribution Chih-Hao Huang
Multicast Security Issues and Solutions. Outline Explain multicast and its applications Show why security is needed Discuss current security implementations.
Study of the Relationship between Peer to Peer Systems and IP Multicasting From IEEE Communication Magazine January 2003 學號 :M 姓名 : 邱 秀 純.
Multimedia Broadcast/Multicast Service (MBMS)
Version 4.0. Objectives Describe how networks impact our daily lives. Describe the role of data networking in the human network. Identify the key components.
Simple and Fault-Tolerant Key Agreement for Dynamic Collaborative Groups David Insel John Stephens Shawn Smith Shaun Jamieson.
Overlay Network Physical LayerR : router Overlay Layer N R R R R R N.
Secure Group Communication: Key Management by Robert Chirwa.
Lecture 17 Trees CSCI – 1900 Mathematics for Computer Science Fall 2014 Bill Pine.
Project guide Dr. G. Sudha Sadhasivam Asst Professor, Dept of CSE Presented by C. Geetha Jini (07MW03)
Fall, Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Collusion-Resistant Group Key Management Using Attribute-
Group Rekeying for Filtering False Data in Sensor Networks: A Predistribution and Local Collaboration-Based Approach Wensheng Zhang and Guohong Cao.
Improving MBMS Security in 3G Wenyuan Xu Rutgers University.
Adaptive Web Caching CS411 Dynamic Web-Based Systems Flying Pig Fei Teng/Long Zhao/Pallavi Shinde Computer Science Department.
1 Distributed and Collaborative Key Agreement Protocols with Authentication and Implementation for Dynamic Peer Groups Patrick P. C. Lee.
A secure re-keying scheme Introduction Background Re-keying scheme User revocation User join Conclusion.
Efficient Fault-Tolerant Certificate Revocation Rebecca Wright Patrick Lincoln Jonathan Millen AT&T Labs SRI International.
Multicast Security: A Taxonomy and Some Efficient Constructions By Cannetti et al, appeared in INFOCOMM 99. Presenter: Ankur Gupta.
Computer Science CSC 774 Adv. Net. Security1 Presenter: Tong Zhou 11/21/2015 Practical Broadcast Authentication in Sensor Networks.
The School of Electrical Engineering and Computer Science (EECS) CS/ECE 419/478 Applied Cryptography ADVANCED KEY ESTABLISHMENT AND GROUP KEY MANAGEMENT.
Self-Healing Group-Wise Key Distribution Schemes with Time-Limited Node Revocation for Wireless Sensor Networks Minghui Shi, Xuemin Shen, Yixin Jiang,
Group Key Distribution Xiuzhen Cheng The George Washington University.
Data Distribution. Outline Fundamental concepts –Name space –Description expressions –Interest expressions Static Data Distribution: HLA Declaration Management.
Efficient Group Key Management in Wireless LANs Celia Li and Uyen Trang Nguyen Computer Science and Engineering York University.
Data Structures Lakshmish Ramaswamy. Tree Hierarchical data structure Several real-world systems have hierarchical concepts –Physical and biological systems.
Security Kim Soo Jin. 2 Contents Background Introduction Secure multicast using clustering Spatial Clustering Simulation Experiment Conclusions.
Project Orda Secure Key Distribution Over Ad Hoc Networks Security in Ad Hoc Networks – Team A Lane Westlund, Roderic Campbell, Mark Allen, Dima Novikov,
Design and Implementation of Secure Layer over UPnP Networks Speaker: Chai-Wei Hsu Advisor: Dr. Chin-Laung Lei.
Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 5.3 Group Key Distribution Acknowledgment: Slides on.
Computer Science Authenticated Group Key Agreement and Friends Giuseppe Ateniese, Michael Stiener and Gene Tsudik Presented by Young Hee Park November.
M2 Encryption techniques Gladys Nzita-Mak. What is encryption? Encryption is the method of having information such as text being converted into a format.
1/18 Talking to Strangers: Authentication in Ad-Hoc Wireless Networks Dirk Balfanz 외 2 명 in Xerox Palo Alto Research Center Presentation: Lee Youn-ho.
Oct 2000C. Watters1 NAMES and ADDRESSES What’s in a name, anyway?
- Richard Bhuleskar “At the end of the day, the goals are simple: safety and security” – Jodi Rell.
Network Topologies for Scalable Multi-User Virtual Environments Lingrui Liang.
Zueyong Zhu† and J. William Atwood‡
Computer Communication & Networks
Dr. Rachel Ben-Eliyahu – Zohary
Qiong Zhang, Yuke Wang Jason P, Jue 2008
Announcements All Labs and Their Demo All HWs and Their Grading
Group Key Management Scheme for Simultaneous Multiple Groups with Overlapped Membership Andrew Moore 9/27/2011.
Scalable Group Key Management with Partially Trusted Controllers
Combinatorial Optimization of Multicast Key Management
Advanced Computer Networks
Presentation transcript:

Computer Science 1 CSC 774 Advanced Network Security Secure Group Communications Using Key Graphs Presented by: Siddharth Bhai 9 th Nov 2005

Computer Science 2 Imagine… A 24 x 7 x 365 business –Internet: the content distribution medium Convenient for everyone Everyone.. Including the eavesdroppers! –Pay-per-view revenue model –Dynamic content –Several users Teleconference Collaborative work

Computer Science 3 Roadmap The problem Existing techniques Key graphs Rekeying strategies Iolus v/s the key-graph approach Conclusions and future work

Computer Science 4 The Problem Securing group communications  Authenticity  Confidentiality  Integrity Scalability Joins/leaves

Computer Science 5 Existing Techniques Group Key Agreement –Diffie Hellman –Group-based Diffie-Hellman –Tree-based GDH Group Key Distribution –Naïve solution: 1 group key 1 unicast key per user –Iolus

Computer Science 6 “Secure group” (U, K, R) –U is a finite and non-empty set of users –K is a finite and non-empty set of keys –R is a binary relation between U and K User ‘u’ has key ‘k’ if and only if (u,k) is in R Group server –Knows U & K –Maintains user-key relation R –Generates and securely distributes keys in K to users in the group

Computer Science 7 Key Graphs A Directed Acyclic graph U-nodes 1 or more outgoing edges 1 incoming edge K-nodes 1 or more incoming edges –Root u1 u4 u3 u2 k1234 k234 k12 k4 k3 k2 k1

Computer Science 8 Key Graphs (contd..) A key graph specifies a secure group Group key is the root k-node Join/ Leave Special classes: –Star Naïve solution –Tree Logical Key hierarchy –Complete Every non-empty subset of users share a unique key!

Computer Science 9 Rekeying Strategies Depends on class of key graph Strategies for join and leave Key star: naïve solution Key tree –User-oriented rekeying –Key-oriented rekeying –Group-oriented rekeying

Computer Science 10 Key Tree u1 u4 u3 u2 k 45 k 123 k4 k3 k2 k1 k5 k u5 u1 u4 u3 u2 k 456 k 123 k4 k3 k2 k1 k5 k u5 k6 u6 U6 leaves U6 joins

Computer Science 11 Join: user-oriented rekeying Concept: –For each user, the server constructs a rekey message that contains precisely the new keys needed by the user How? –For each key node (x) whose key has been changed (k to k’), server constructs a rekey message by encrypting the new keys of k-node x and all its ancestors by the old key k. –For the new user, one rekey message

Computer Science 12 Join: user-oriented rekeying (contd..) What will be the rekey messages? u1 u4 u3 u2 k 45 k 123 k4 k3 k2 k1 k5 k u5 u1 u4 u3 u2 k 456 k 123 k4 k3 k2 k1 k5 k u5 k6 u6 U6 joins

Computer Science 13 Join: user-oriented rekeying (contd..) What will be the rekey messages?  S {u1,u2,u3}: {k }k  S {u4, u5}:{k , k 456 }k 45  S {u6}:{k , k 456 }k 6 No. of rekey messages = height of the tree Encryption cost for server = [h(h+1)/2] - 1

Computer Science 14 Join: key-oriented rekeying Concept: –Each new key is encrypted individually (except keys for joining user) How? –For each key node (x) whose key has been changed (k to k’), server constructs 2 rekey messages –1 st : Encrypt new key k’ with old key k, send this to all users who hold k –2 nd : Encrypt k’ with individual key of joining user

Computer Science 15 Join: key-oriented rekeying (contd..) What will be the rekey messages? u1 u4 u3 u2 k 45 k 123 k4 k3 k2 k1 k5 k u5 u1 u4 u3 u2 k 456 k 123 k4 k3 k2 k1 k5 k u5 k6 u6 U6 joins

Computer Science 16 Join: key-oriented rekeying (contd..) What will be the rekey messages?  S {u1,u2,u3, u4, u5}: {k }k  S {u6}:{k }k 6  S {u4,u5}:{k 456 }k 45  S {u6}:{k 456 }k 6 No. of rekey messages = height of the tree Encryption cost for server = 2 (h-1)

Computer Science 17 Join: group-oriented rekeying Concept: –A single rekey message containing all the keys, multicasted to the entire group –1 message for the joining user Why? –No need for subgroup multicast –Fewer rekey messages server’s per-rekey message overheads are reduced

Computer Science 18 Join: group-oriented rekeying (contd..) What will be the rekey messages? u1 u4 u3 u2 k 45 k 123 k4 k3 k2 k1 k5 k u5 u1 u4 u3 u2 k 456 k 123 k4 k3 k2 k1 k5 k u5 k6 u6 U6 joins

Computer Science 19 Join: group-oriented rekeying (contd..) What will be the rekey messages?  S {u1,u2,u3, u4, u5}: {k }k 12345,, {k 456 }k 45  S {u6}:{k , k 456 }k 6 No. of rekey messages = 2 Encryption cost for server = 2 (h-1)

Computer Science 20 IOLUS v/s key-graph Key-Graph Hierarchy of multiple keys Each user – multiple keys More work is done when a join/leave takes place Single trusted entity: the key server Iolus Hierarchy of multiple GSAs Each user – one key (for it’s subgroup) More work is done when a message is to be sent to the entire group Multiple trusted entities: GSC, several GSAs..

Computer Science 21 Conclusion and Possible Future Work Performance on the server-side: –Best: Group-oriented rekeying –Worst: User-oriented rekeying Performance on the client-side: –Best: user-oriented rekeying –Worst: group-oriented rekeying Why do we need key graphs at all? –Isn’t a key-tree good enough? Future work

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.