1. IEEE 802.21 MEDIA INDEPENDENT HANDOVER DCN: 21-12-0095-00-MuGM
Title: Group management by MKB
Date Submitted: June, 17, 2012
Presented at IEEE session #51 in San Diego
Authors or Source(s):
 Yoshikazu Hanatani, Toru Kambayashi (Toshiba)
Abstract: In multicast communication, we can realize a group management by Media Key Block (MKB). This presentation shows the overview and a toy example.
21-07-xxxx

2. IEEE 802.21 presentation release statements
This document has been prepared to assist the IEEE Working Group. It is offered as a basis for discussion and is not binding on the contributing individual(s) or organization(s). The material in this document is subject to change in form and content after further study. The contributor(s) reserve(s) the right to add, amend or withdraw material contained herein.
The contributor grants a free, irrevocable license to the IEEE to incorporate material contained in this contribution, and any modifications thereof, in the creation of an IEEE Standards publication; to copyright in the IEEE’s name any IEEE Standards publication even though it may include portions of this contribution; and at the IEEE’s sole discretion to permit others to reproduce in whole or in part the resulting IEEE Standards publication. The contributor also acknowledges and accepts that this contribution may be made public by IEEE
The contributor is familiar with IEEE patent policy, as stated in Section 6 of the IEEE-SA Standards Board bylaws < and in Understanding Patent Issues During IEEE Standards Development
IEEE presentation release statements
This document has been prepared to assist the IEEE Working Group. It is offered as a basis for discussion and is not binding on the contributing individual(s) or organization(s). The material in this document is subject to change in form and content after further study. The contributor(s) reserve(s) the right to add, amend or withdraw material contained herein.
The contributor grants a free, irrevocable license to the IEEE to incorporate material contained in this contribution, and any modifications thereof, in the creation of an IEEE Standards publication; to copyright in the IEEE’s name any IEEE Standards publication even though it may include portions of this contribution; and at the IEEE’s sole discretion to permit others to reproduce in whole or in part the resulting IEEE Standards publication. The contributor also acknowledges and accepts that this contribution may be made public by IEEE
The contributor is familiar with IEEE patent policy, as outlined in Section 6.3 of the IEEE-SA Standards Board Operations Manual < and in Understanding Patent Issues During IEEE Standards Development
21-07-xxxx

3. Aggenda Overview of a solution by MKB Toy example
Setup of device keys and structure of MKB for our solution
Reference
21-07-xxxx

4. Group Management by MKB: Overview
1. Choose target nodes.
2. Generate and distribute MKB.
KDC
Key Distribution Center gk
3. Target nodes can obtain gk.
4. Non-target nodes cannot obtain gk.
MKB ✔ ✔ ✔ N1 N2 N3
Nm-1 Nm
MKB
MKB
MKB
MKB
MKB gk
error gk gk
error
21-07-xxxx

5. Group Management by MKB: Assumptions
All device keys dk1,…,dkm
KDC
MKB
Device key
dk1
dk2
dk3
dkm-1
dkm N1 N2 N3
Nm-1 Nm
MKB
MKB
MKB
MKB
MKB gk
error gk gk
error
21-07-xxxx

6. Toy example (1/3) The number of controlled nodes is 4.
1. KDC generates a binary tree which has 4 leafs.
2. KDC generates 7 keys, and assigns each key to each node of the binary tree.
3. KDC decides each device key according to the path from the root to each leaf. k1 k2 k3 k4 k5 k6 k7
dk1 = (k1, k2, k4)
dk3 = (k1, k3, k6)
dk2 = (k1, k2, k5)
dk4 = (k1, k3, k78)
21-07-xxxx

7. Toy example (2/3) k1 ✔ Want to send gk to N1,N2, N3, and N4 k2 k3 KDC
N N N3 N4
MKB=Enc(k1, gk) ✔ ✔ ✔ ✔ N1 N2 N3 N4
dk1 = (k1, k2, k4)
dk2 = (k1, k2, k5)
dk3 = (k1, k3, k6)
dk4 = (k1, k3, k7)
21-07-xxxx

8. Toy example (3/3) k1 Want to send gk to N1,N2, and N4 k2 k3 ✔ KDC k4 ✔
N N N3 N4
MKB=Enc(k2, gk) || Enc(k7, gk) ✔ ✔ ✔ N1 N2 N3 N4
dk1 = (k1, k2, k4)
dk2 = (k1, k2, k5)
dk3 = (k1, k3, k6)
dk4 = (k1, k3, k7)
21-07-xxxx

9. Setup of Device keys k1 k2 k3
1. Make all device keys with the binary tree.
KDC
K2n-1
K2n-1+1
K2n-1
2. Deliver the dkm using MIH Enc. Nm
3. Install dkm as own device key.
21-07-xxxx

10. Structure of MKB Header MKB
Represents target node of MKB. Ex. List of node IDs etc N1 || N2 || N4 Header is used for detecting the device key which each node should use.
Ciphertexts of a symmetric key encryption (e.g. AES).
Ex. MKB=Enc(k2, gk) || Enc(k7, gk)
The ciphertexts guarantee that non-target nodes cannot obtain a group key from MKB.
21-07-xxxx

11. References
 Amos Fiat and Moni Naor. Broadcast Encryption. Proceedings of CRYPTO, 1993.
21-07-xxxx