Presentation is loading. Please wait.

Presentation is loading. Please wait.

Su Youn Lee, Su Mi Lee and Dong Hoon Lee 2007.1.24 Current Trends in Theory and Practice of Computer Science Baekseok College of Cultural Studies GSIS.

Published byDonovan Keene Modified over 9 years ago

Similar presentations

Presentation on theme: "Su Youn Lee, Su Mi Lee and Dong Hoon Lee 2007.1.24 Current Trends in Theory and Practice of Computer Science Baekseok College of Cultural Studies GSIS."— Presentation transcript:

1 Su Youn Lee, Su Mi Lee and Dong Hoon Lee 2007.1.24 Current Trends in Theory and Practice of Computer Science Baekseok College of Cultural Studies GSIS Korea University Efficient Group Key Agreement for Dynamic TETRA Networks

2  TETRA Networks  Efficient Group Key Agreement for Dynamic TETRA Networks (AGKA); - Background and Motivation - Set up, Join and Leave Algorithms Agenda

3 TETRA Networks

4 4 What is TETRA? Mobile Radio DECT GSM TETRA Mobile Data Mobile Telephony UMTS  TErrestrial Trunked RAdio (TETRA) is a new digital transmission standard developed by ETSI and it is becoming the system for public safety organisation

5 5  Architecture What is TETRA? PABX, PSTN, ISDN Intranet / Internet Other TETRA network Network Management Line Dispatcher IP gateway, Firewall SwMI

6 6 TETRA Security Mechanisms End-to-End Encryption Securing the communication across a network, independent of the switching infrastructure Air Interface Encryption Securing the link between a handset and the network Key Management Center Controlled emission of keys, enabling decentralized authorisation and enforcing the high security level.

7 7 TETRA Security Mechanisms  Authentication Authentication provides proof identity of all MS in TETRA network AuC securely send session authentication key to Switch1 and should storage secret key. - Secret key need never be exposed All MS and AuC operate mutual authentication using secret key K MS Authentication Switch 1 Switch 2 Session authentication keys Challenge and response from Switch Authentication Centre (AuC) SwMI k

8 8 Authentication process K Random Seed (RS) Mobile Station RS KS Rand DCK, XRES K RS Rand TA11 KS ( Session authentication key ) RES ≠ XRES RES DCK RES SwMI TA12 TA11

9 9 Air Interface Keys Derived Cipher Key (DCK) derived from authentication procedure. Common Cipher Key(CCK) generated by the SwMI and distributed to all MS. Group Cipher Key(GCK) linked to a specific closed MS group. Static Cipher Key(SCK) is a predetermined key

10 10 Key Management Mechanism MS1K1K1 DCK 1 MS2K2K2 DCK 2 MS3K3K3 DCK 3 MS4K4K4 DCK 4 K1K1 K2K2 K3K3 K4K4 MGCK=fn(GCK, CCK) CCK CCK’ MGCK’=fn(GCK, CCK’) SwMI Group call1 DCK 1 DCK 2 DCK 3 DCK 4 GCK=fn(K 1 ) GCK=fn(K 2 ) GCK=fn(K 3 )GCK=fn(K 4 ) CCK=fn(DCK 1 ) CCK=fn(DCK 2 ) CCK’=fn(DCK 3 )CCK’=fn(DCK 4 ) Group call2 GCK

11 11 Over the Air Re-Keying (OTAR) CCK SwMI MS GCK CCK MGCK DCK AI CCKGCK KSO (GSKO) DCK KSO (GSKO)

12 Efficient Group Key Agreement for Dynamic TETRA Networks (AGKA); - Background and Motivation

13 13 Background and Motivation  Group Key Agreement − MS communicating over a public, easily- monitored network − MS needs to establish a common secret key (session key) to secure communication − Group Key Agreement Protocol sk

14 14 adversary Background and Motivation  Authenticated Group Key Agreement (AGKA) −AGKA guarantees security against an active adversary who can modify, insert or remove messages −For providing authentication, we can construct AGKA based on PW or signature

15 15 Background and Motivation  In AGKA, there are two concerns with regard to efficiency : Communication and Computation efficiency −Communication Efficiency the number and length of messages few rounds −Computation Efficiency needs to complete the protocol depends on the cryptographic algorithms

16 16 Background and Motivation  AGKA for Dynamic TETRA networks −Provides Setup, Leave and Join Algorithms −In a Leave event, removing MS do not know new sk’ −Forward Secrecy

17 17 Background and Motivation  AGKA for Dynamic TETRA networks −In Join event, joining MS do not know previous sk −Backward Secrecy

18 An Efficient Group Key Agreement for Dynamic TETRA Networks (AGKA); - Set up, Join and Leave Algorithms

19 19 An Efficient AGKA  Setup MS1 KEK 1 MS2 KEK 2 MS3 KEK 3 MS4 KEK 4 KEK 1 KEK 2 KEK 3 KEK 4 SwMI

20 20 An Efficient AGKA  Setup : Group Key Computation Process KEK 1 KEK 2 KEK 3 KEK 4

21 21 An Efficient AGKA  Setup; −Security MS verifies signature of SwMI Assume that a signature scheme is secure All signature cannot be used twice Only MS who knows KEK can compute a group key An adversary can not get any information about a group key from Z i-1,i XOR Encryption Scheme

22 22 An Efficient AGKA  Join Algo. MS1KEK1 MS2KEK2 MS3KEK3 MS4KEK4 MS5KEK5 KEK 1 KEK 2 KEK 3 KEK 4 SwMI KEK 5 Joining MS 5

23 23 An Efficient AGKA  Join ; −Security Backward Secrecy Joining MS should not know a previous group key Our scheme provides Backward Secrecy All MS re-calculate T value using different session ID (I j ) per session Although MS 5 knows all T values in current session, MS 5 does not compute a previous group key.

24 24 An Efficient AGKA  Leave Algo. MS1 KEK 1 MS2 KEK 2 MS4 KEK 4 KEK 1 KEK 2 KEK 4 SwMI KEK 3 Leaving MS 3

25 25 An Efficient AGKA  Leave ; −Security Forward Secrecy Leaving MS should not know a current group key Our scheme provides Forward Secrecy Leaving MS 3 knows all T values of previous session All MS re-calculate T value using new session ID (I l ) per session

26 26 An Efficient AGKA  Useful properties −Allows SwMI and MS to agree a group with low complexity −Needs only XOR operation dependent on a number of group MS −Construct a special AGKA scheme including join and leave algorithms

27 27 AGKA  AGKA protocol −Security Theorem # of send, execute queries :

28 28 Thank you !  Questions? Comments?  sylee@bcc.ac.kr.

Download ppt "Su Youn Lee, Su Mi Lee and Dong Hoon Lee 2007.1.24 Current Trends in Theory and Practice of Computer Science Baekseok College of Cultural Studies GSIS."

Similar presentations

TCC 2006 Research on Password-Authenticated Group Key Exchange Jeong Ok Kwon, Ik Rae Jeong, and Dong Hoon Lee (CIST, Korea Univ.) Kouchi Sakurai (Kyushu.

TCC 2006 Research on Password-Authenticated Group Key Exchange Jeong Ok Kwon, Ik Rae Jeong, and Dong Hoon Lee (CIST, Korea Univ.) Kouchi Sakurai (Kyushu.
Unlicensed Mobile Access (UMA) Dasun Weerasinghe School of Engineering and Mathematical Sciences City University London.

Unlicensed Mobile Access (UMA) Dasun Weerasinghe School of Engineering and Mathematical Sciences City University London.
Brian Murgatroyd UK Home Office

Brian Murgatroyd UK Home Office
A Survey of Key Management for Secure Group Communications Celia Li.

A Survey of Key Management for Secure Group Communications Celia Li.
Pairwise Key Agreement in Broadcasting Networks - 2005.11.11 - Ik Rae Jeong.

Pairwise Key Agreement in Broadcasting Networks Ik Rae Jeong.
A hierarchical key management scheme for secure group communications in mobile ad hoc networks Authors: Nen-Chung Wang and Shian-Zhang Fang Sources: The.

A hierarchical key management scheme for secure group communications in mobile ad hoc networks Authors: Nen-Chung Wang and Shian-Zhang Fang Sources: The.
An Improvement on Privacy and Authentication in GSM Young Jae Choi, Soon Ja Kim Computer Networks Lab. School of Electrical Engineering and Computer Science,

An Improvement on Privacy and Authentication in GSM Young Jae Choi, Soon Ja Kim Computer Networks Lab. School of Electrical Engineering and Computer Science,
GSM Security and Encryption

GSM Security and Encryption
Topics In Information Security Instant Ciphertext-Only Cryptanalysis of GSM Encrypted Communication Presented by Idan Sheetrit

Topics In Information Security Instant Ciphertext-Only Cryptanalysis of GSM Encrypted Communication Presented by Idan Sheetrit
Group Protocols for Secure Wireless Ad hoc Networks Srikanth Nannapaneni Sreechandu Kamisetty Swethana pagadala Aparna kasturi.

Group Protocols for Secure Wireless Ad hoc Networks Srikanth Nannapaneni Sreechandu Kamisetty Swethana pagadala Aparna kasturi.
Presentation By: Garrett Lund Paper By: Sandro Rafaeli and David Hutchison.

Presentation By: Garrett Lund Paper By: Sandro Rafaeli and David Hutchison.
Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 5 Group Key Management.

Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 5 Group Key Management.
TETRA Inter System Interface (ISI)

TETRA Inter System Interface (ISI)
UNIVERSAL MOBILE TELECOMMUNICATION SYSTEM(UMTS). EVOLUATION OF MOBILE COMMUNICATION 1 st Generation : Analog Cellular 2 nd Generation : Multiple Digital.

UNIVERSAL MOBILE TELECOMMUNICATION SYSTEM(UMTS). EVOLUATION OF MOBILE COMMUNICATION 1 st Generation : Analog Cellular 2 nd Generation : Multiple Digital.
Telefónica Móviles España GPRS (General Packet Radio Service)

Telefónica Móviles España GPRS (General Packet Radio Service)
Security Encryption and Management

Security Encryption and Management
One-Pass GPRS and IMS Authentication Procedure for UMTS

One-Pass GPRS and IMS Authentication Procedure for UMTS
CSCE 715 Ankur Jain 11/16/2010. Introduction Design Goals Framework SDT Protocol Achievements of Goals Overhead of SDT Conclusion.

CSCE 715 Ankur Jain 11/16/2010. Introduction Design Goals Framework SDT Protocol Achievements of Goals Overhead of SDT Conclusion.
TWC 2005 Frankfurt 1 INTRODUCTION TO TETRA SECURITY Brian Murgatroyd UK Police IT Organization.

TWC 2005 Frankfurt 1 INTRODUCTION TO TETRA SECURITY Brian Murgatroyd UK Police IT Organization.
Secure Multicast (II) Xun Kang. Content Batch Update of Key Trees Reliable Group Rekeying Tree-based Group Diffie-Hellman Recent progress in Wired and.

Secure Multicast (II) Xun Kang. Content Batch Update of Key Trees Reliable Group Rekeying Tree-based Group Diffie-Hellman Recent progress in Wired and.

Similar presentations

Ads by Google