Presentation is loading. Please wait.

Presentation is loading. Please wait.

Presentation By: Garrett Lund Paper By: Sandro Rafaeli and David Hutchison.

Published byUrsula French Modified over 9 years ago

Similar presentations

Presentation on theme: "Presentation By: Garrett Lund Paper By: Sandro Rafaeli and David Hutchison."— Presentation transcript:

1 Presentation By: Garrett Lund Paper By: Sandro Rafaeli and David Hutchison

2 Overview Background Information IP Multicast Assumptions Requirements Rekeying Methods Centralized Group Key Management Protocols Decentralized Architectures Distributed Ethics Sources

3 IP Multicast Between Unicast and Broadcast Network Switches and Routers are responsible for replication and distribution

4 IP Multicast Applications

5

6 Encryption Review Obviously some of these applications require limited access. No public key, but a “group key”

7 Assumptions When a user joins, we have a way to get them their first key When a user leaves there is a possibility of them continuing to acquire messages Every user eventually gets the intended messages

8 Membership Changes Groups need to be dynamic, allowing (authorized) members to join the group and allowing administrators to expel members from the group Backwards Secrecy Forward Secrecy

9 Rekeying We need a way to get new keys to the users Since multicast is being used for group transmission, it is assumed that multicast should be used for rekeying the group Three Approaches Centralized Decentralized Distributed

10 Rekeying Requirements Storage Requirements Size of Rekey Messages Backwards Secrecy Forwards Secrecy Collusion

11 Background Information IP Multicast Assumptions Requirements Rekeying Methods Centralized Group Key Management Protocols Decentralized Architectures Distributed Ethics Sources Overview

12 Centralized Approaches We have a Key Distribution Center (KDC) KDC is in charge of managing all of the group’s keys

13 Simple Assign a secret key to each member Use a group key to send group messages Each member can recover the group key from the appropriate segment of the rekey message using its secret key

14 Simple Example Rekey Message DSFDBSAF SDFREGEF DSFAGFAS FD@#DSG FDGFDPG GFDSFDH JHFTY546 GFD5FGS& GF5REYHH... User F GFDSFDH Secret Key Group Key

15 Simple Example User F Secret KeyGroup Key DFDS#@FDSA Secret Message

16 Simple Problems 1. The KDC has to encrypt the new key n times 2. The message could potentially be huge If n = 1 million and K is 56 bits The message would be 10 MB long 3. You have to develop a protocol so that each user knows which part of the message is appropriate for them to decrypt with their secret key

17 Group Key Management Protocol (GKMP) Have 2 group keys and no secret key One Group Transmission Encryption Key (GTEK) One Group Key Encryption Key (GKEK) GKEK used to encrypt the GTEK when it changes Since GKEK will never change, the system lacks forward secrecy, you cannot kick a member out since they will always know the GKEK

18 Logical Key Hierarchy (LKH) Use a balanced Binary Tree to store keys hierarchically

19 LKH Example Rekey Message DSFDBSAF … SDFREGEF … DSFAGFAS … FD@#DSG … FDGFDPG … GFDSFDH … JHFTY546 User u3 k3 We Want k34 Use k3 on 5 th line We get k34 Corresponds to: k K14 K58 K12 K34 K56 K78 k34 We Want k14 Use k34 on 2nd line We get k14 k14 We Want k Use k14 on first line We get k k

20 Logical Key Hierarchy (LKH)

21

22

23 Other Centralized Approaches One-Way Function Trees (OFT) One-Way Function Chain Trees (OFCT) Clustering Centralized Flat Table (FT) Efficient Large-Group Key (ELK)

24 Centralized Approach Summary

25 Decentralized Approaches Split the group into subgroups

26 Decentralized Approaches

27 Distributed Models Two methods Every member contributes Pick a member at random

28 Distributed Example LKH

29 Distributed Summary

30 Ethics

31 Sources "IP Multicast Technical Overview." Cisco Systems, Inc. Web..http://www.cisco.com/en/US/prod/collateral/io sswrel/ps6537/ps6552/prod_white_paper0900aecd804 d5fe6.pdf Rafaeli, Sandro, and David Hutchison. "A Survey of Key Management for Secure Group Communication." ACM Digital Library. Lancaster University, Sept. 2003. Web..http://portal.acm.org/citation.cfm?id=937506 Wikipedia

Download ppt "Presentation By: Garrett Lund Paper By: Sandro Rafaeli and David Hutchison."

Similar presentations

Multicast Key Management for IEEE 802.16n HR-Network Document Number: IEEE C802.16n-10/0012r1 Date Submitted: 2011-03-06 Source: Joseph Chee Ming Teo,

Multicast Key Management for IEEE n HR-Network Document Number: IEEE C802.16n-10/0012r1 Date Submitted: Source: Joseph Chee Ming Teo,
A Survey of Key Management for Secure Group Communications Celia Li.

A Survey of Key Management for Secure Group Communications Celia Li.
A hierarchical key management scheme for secure group communications in mobile ad hoc networks Authors: Nen-Chung Wang and Shian-Zhang Fang Sources: The.

A hierarchical key management scheme for secure group communications in mobile ad hoc networks Authors: Nen-Chung Wang and Shian-Zhang Fang Sources: The.
1 Efficient Self-Healing Group Key Distribution with Revocation Capability by Donggang Liu, Peng Ning, Kun Sun Presented by Haihui Huang

1 Efficient Self-Healing Group Key Distribution with Revocation Capability by Donggang Liu, Peng Ning, Kun Sun Presented by Haihui Huang
Classifying Network Addressing

Classifying Network Addressing
Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 5.3 Group Key Distribution Acknowledgment: Slides on.

Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 5.3 Group Key Distribution Acknowledgment: Slides on.
Self-Healing in Wireless Networks. The self-healing property is expected in many aspects in wireless networks: – Encryption algorithms – Key distribution.

Self-Healing in Wireless Networks. The self-healing property is expected in many aspects in wireless networks: – Encryption algorithms – Key distribution.
Group Protocols for Secure Wireless Ad hoc Networks Srikanth Nannapaneni Sreechandu Kamisetty Swethana pagadala Aparna kasturi.

Group Protocols for Secure Wireless Ad hoc Networks Srikanth Nannapaneni Sreechandu Kamisetty Swethana pagadala Aparna kasturi.
1 © 2004, Cisco Systems, Inc. All rights reserved. Chapter 3 Ethernet Technologies/ Ethernet Switching/ TCP/IP Protocol Suite and IP Addressing.

1 © 2004, Cisco Systems, Inc. All rights reserved. Chapter 3 Ethernet Technologies/ Ethernet Switching/ TCP/IP Protocol Suite and IP Addressing.
Su Youn Lee, Su Mi Lee and Dong Hoon Lee 2007.1.24 Current Trends in Theory and Practice of Computer Science Baekseok College of Cultural Studies GSIS.

Su Youn Lee, Su Mi Lee and Dong Hoon Lee Current Trends in Theory and Practice of Computer Science Baekseok College of Cultural Studies GSIS.
PortLand: A Scalable Fault-Tolerant Layer 2 Data Center Network Fabric. Presented by: Vinuthna Nalluri Shiva Srivastava.

PortLand: A Scalable Fault-Tolerant Layer 2 Data Center Network Fabric. Presented by: Vinuthna Nalluri Shiva Srivastava.
© 2007 Cisco Systems, Inc. All rights reserved. Valašské Meziříčí 25.4.2015 1 Connecting to the Network.

© 2007 Cisco Systems, Inc. All rights reserved. Valašské Meziříčí Connecting to the Network.
Robust Group Key Management with Revocation and Collusion Resistance for SCADA in Smart Grid Rong Jiang 2013.07.31.

Robust Group Key Management with Revocation and Collusion Resistance for SCADA in Smart Grid Rong Jiang
Yan (Lindsay) Sun and K. J. Ray Liu IEEE/ACM Transactions on Networking, Dec. 2007. Presented by Seo Bon Keun, 2008.

Yan (Lindsay) Sun and K. J. Ray Liu IEEE/ACM Transactions on Networking, Dec Presented by Seo Bon Keun, 2008.
Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style A Survey on Decentralized Group Key Management Schemes.

Fall, Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style A Survey on Decentralized Group Key Management Schemes.
Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 5 Group Key Management.

Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 5 Group Key Management.
KAIS T Scalable Key Management for Secure Multicast Communication in the Mobile Environment Jiannong Cao, Lin Liao, Guojun Wang Pervasive and Mobile Computing.

KAIS T Scalable Key Management for Secure Multicast Communication in the Mobile Environment Jiannong Cao, Lin Liao, Guojun Wang Pervasive and Mobile Computing.
Secure Multicast (II) Xun Kang. Content Batch Update of Key Trees Reliable Group Rekeying Tree-based Group Diffie-Hellman Recent progress in Wired and.

Secure Multicast (II) Xun Kang. Content Batch Update of Key Trees Reliable Group Rekeying Tree-based Group Diffie-Hellman Recent progress in Wired and.
Secure Multicast Xun Kang. Content Why need secure Multicast? Secure Group Communications Using Key Graphs Batch Update of Key Trees Reliable Group Rekeying.

Secure Multicast Xun Kang. Content Why need secure Multicast? Secure Group Communications Using Key Graphs Batch Update of Key Trees Reliable Group Rekeying.
ITIS 6200/8200. time-stamping services Difficult to verify the creation date and accurate contents of a digital file Required properties of time-stamping.

ITIS 6200/8200. time-stamping services Difficult to verify the creation date and accurate contents of a digital file Required properties of time-stamping.

Similar presentations

Ads by Google