Presentation is loading. Please wait.

Presentation is loading. Please wait.

Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 5.3 Group Key Distribution Acknowledgment: Slides on.

Published byTrevon Wyle Modified over 8 years ago

Similar presentations

Presentation on theme: "Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 5.3 Group Key Distribution Acknowledgment: Slides on."— Presentation transcript:

1 Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 5.3 Group Key Distribution Acknowledgment: Slides on LKH were originally provided by Dr. Wensheng Zhang at Iowa State.

2 Computer Science Dr. Peng NingCSC 774 Adv. Net. Security2 Outline Overview of group key distribution A naïve solution Iolus: A Framework for Scalable Secure Multicasting Logical key hierarchy (LKH)

3 Computer Science Dr. Peng NingCSC 774 Adv. Net. Security3 Group Key Distribution Group session keys are determined by the group manager –Usually used for large groups. Group key manager Group members

4 Computer Science Dr. Peng NingCSC 774 Adv. Net. Security4 A Naïve Solution Use a separate secure unicast connection from the group manager to EACH group member. Requirement –Each client shares a unique key with the controller. Poor scalability: –n-1 secure unicast connections –n secret keys

5 Computer Science Dr. Peng NingCSC 774 Adv. Net. Security5 Problems Specific to Group Communication “1 affects n” problem –The actions of one member affects the entire group Group key manager Old members New member joins

6 Computer Science Dr. Peng NingCSC 774 Adv. Net. Security6 Problems Specific to Group Communication (Cont’d) “1 does not equal n” problem –Cannot deal with the group as a whole –Must consider the conflicting demands of members on an individual basis Group key manager Group members Member leaves Example: Cannot use the old group key to distribute the new group key.

7 Computer Science Dr. Peng NingCSC 774 Adv. Net. Security7 Iolus Divide a large group into smaller groups Introduce entities that manage and connect the subgroups –Group security controllers (GSC) Control the entire group –Group security intermediaries (GSI) Control the subgroups on behalf of GSC –GSC and GSI are both referred to as group security agent (GSA) –With GSC as the root, GSAs form a hierarchy of subgroups A lower-level GSA is a member of the group headed by the higher- level GSA

8 Computer Science Dr. Peng NingCSC 774 Adv. Net. Security8 Iolus (Cont’d)

9 Computer Science Dr. Peng NingCSC 774 Adv. Net. Security9 Iolus (Cont’d) Joins –GSA generates K GSA-MBR –Store this key along with other information –Send K GSA-MBR to the new member in a secure channel –Generate a new group key K’ G –Send {K’ G }K G to the group –Send K’ G to the new member in a secure channel

10 Computer Science Dr. Peng NingCSC 774 Adv. Net. Security10 Iolus (Cont’d) Leaves –Generate a new group key K’ G –Send K’ G to each member MBR individually in the secure channel encrypted with K GSA-MBR

11 Computer Science Dr. Peng NingCSC 774 Adv. Net. Security11 Iolus (Cont’d) Data transmission –Data retransmitted within each subgroup

12 Computer Science Dr. Peng NingCSC 774 Adv. Net. Security12 Iolus (Cont’d) Iolus for group key management –Replace the data with the group key in data transmission

13 Computer Science Dr. Peng NingCSC 774 Adv. Net. Security13 Logical entities Group key members Group Controller N: number of members D: tree degree depth  1 ()lnN () d Key Tree Approaches Two types of keys –SEKs (Session Encryption Key) –KEKs (Key Encryption Key) A Group Controller constructs a tree based hierarchy of KEKs

14 Computer Science Dr. Peng NingCSC 774 Adv. Net. Security14 Logical Key Hierarchy (LKH) Keys are organized in a (logical) hierarchical tree –Group key is located at the root –Key encryption keys are the non-root, non-leave nodes –Members are located at the leaves Updates the group key and the key encryption key by means of the encryption of key-nodes Rekey with only O(logN) messages

15 Computer Science Dr. Peng NingCSC 774 Adv. Net. Security15 K 32 K 31 K 33 K 34 K 35 K 36 K 37 K 38 K 22 K 21 K 23 K 24 K 11 K 12 K0K0K0K0GKCs M1M1M1M1 M2M2M2M2 M4M4M4M4 M6M6M6M6 M5M5M5M5 M3M3M3M3 M7M7M7M7 M8M8M8M8 N secure channels LKH (Cont’d) Initialization

16 Computer Science Dr. Peng NingCSC 774 Adv. Net. Security16 GKCs K 32 K 31 K 34 K 35 K 36 K 37 K 38 K 22 K 21 K 23 K 24 K 11 K 12 K0K0K0K0 M1M1M1M1 M2M2M2M2 M4M4M4M4 M6M6M6M6 M5M5M5M5 M3M3M3M3 M7M7M7M7 M8M8M8M8 ()lnN () d Rekeying Messages K’ 11 K’ 22 K’ 0 K 34 { K 11 ’} K 34 { K 0 ’} K 34 { K 22 ’} K 21 { K 11 ’} K 21 { K 0 ’} K 12 { K 0 ’} LKH (Cont’d) Member leave

17 Computer Science Dr. Peng NingCSC 774 Adv. Net. Security17 GKCs K 32 K 31 K 33 K 34 K 35 K 36 K 37 K 38 K 22 K 21 K 23 K 24 K 11 K 12 K0K0K0K0 M1M1M1M1 M2M2M2M2 M4M4M4M4 M6M6M6M6 M5M5M5M5 M3M3M3M3 M7M7M7M7 M8M8M8M8 ()lnN () d Rekeying messages K’ 21 K’ 11 K’ 0 K 21 { K 21 ’} K 11 { K 11 ’} K 0 { K 0 ’} K 31 { K 21 ’} K 31 { K 11 ’} K 31 { K 0 ’} LKH (Cont’d) Member join

Download ppt "Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 5.3 Group Key Distribution Acknowledgment: Slides on."

Similar presentations

Computer Science CSC 474Dr. Peng Ning1 CSC 474 Information Systems Security Topic 4.1 Firewalls.

Computer Science CSC 474Dr. Peng Ning1 CSC 474 Information Systems Security Topic 4.1 Firewalls.
Computer Science CSC 474Dr. Peng Ning1 CSC 474 Information Systems Security Topic 4.6 Kerberos.

Computer Science CSC 474Dr. Peng Ning1 CSC 474 Information Systems Security Topic 4.6 Kerberos.
Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 6. Security in Mobile Ad-Hoc Networks.

Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 6. Security in Mobile Ad-Hoc Networks.
Efficient Kerberized Multicast Olga Kornievskaia University of Michigan Giovanni Di Crescenzo Telcordia Technologies.

Efficient Kerberized Multicast Olga Kornievskaia University of Michigan Giovanni Di Crescenzo Telcordia Technologies.
Push Technology Humie Leung Annabelle Huo. Introduction Push technology is a set of technologies used to send information to a client without the client.

Push Technology Humie Leung Annabelle Huo. Introduction Push technology is a set of technologies used to send information to a client without the client.
Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 4.2 BiBa.

Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 4.2 BiBa.
Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 5.2 Tree-Based Group Diffie Hellman Protocol Acknowledgment:

Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 5.2 Tree-Based Group Diffie Hellman Protocol Acknowledgment:
A Survey of Key Management for Secure Group Communications Celia Li.

A Survey of Key Management for Secure Group Communications Celia Li.
CSC 774 Advanced Network Security

CSC 774 Advanced Network Security
A hierarchical key management scheme for secure group communications in mobile ad hoc networks Authors: Nen-Chung Wang and Shian-Zhang Fang Sources: The.

A hierarchical key management scheme for secure group communications in mobile ad hoc networks Authors: Nen-Chung Wang and Shian-Zhang Fang Sources: The.
1 Efficient Self-Healing Group Key Distribution with Revocation Capability by Donggang Liu, Peng Ning, Kun Sun Presented by Haihui Huang

1 Efficient Self-Healing Group Key Distribution with Revocation Capability by Donggang Liu, Peng Ning, Kun Sun Presented by Haihui Huang
Group Protocols for Secure Wireless Ad hoc Networks Srikanth Nannapaneni Sreechandu Kamisetty Swethana pagadala Aparna kasturi.

Group Protocols for Secure Wireless Ad hoc Networks Srikanth Nannapaneni Sreechandu Kamisetty Swethana pagadala Aparna kasturi.
CSC 774 Advanced Network Security

CSC 774 Advanced Network Security
Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 3.3: Fair Exchange.

Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 3.3: Fair Exchange.
© 2007 Cisco Systems, Inc. All rights reserved. Valašské Meziříčí 25.4.2015 1 Connecting to the Network.

© 2007 Cisco Systems, Inc. All rights reserved. Valašské Meziříčí Connecting to the Network.
Presentation By: Garrett Lund Paper By: Sandro Rafaeli and David Hutchison.

Presentation By: Garrett Lund Paper By: Sandro Rafaeli and David Hutchison.
Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style A Survey on Decentralized Group Key Management Schemes.

Fall, Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style A Survey on Decentralized Group Key Management Schemes.
Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 5 Group Key Management.

Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 5 Group Key Management.
Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Preparation for In-class Presentations.

Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Preparation for In-class Presentations.
Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 7. Wireless Sensor Network Security.

Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 7. Wireless Sensor Network Security.

Similar presentations

Ads by Google