Presentation is loading. Please wait.

Presentation is loading. Please wait.

KAIS T Distributed Collaborative Key Agreement and Authentication Protocols for Dynamic Peer Groups IEEE/ACM Trans. on Netw., Vol. 14, No. 2, April 2006.

Published byJoella Tyler Modified over 9 years ago

Similar presentations

Presentation on theme: "KAIS T Distributed Collaborative Key Agreement and Authentication Protocols for Dynamic Peer Groups IEEE/ACM Trans. on Netw., Vol. 14, No. 2, April 2006."— Presentation transcript:

1 KAIS T Distributed Collaborative Key Agreement and Authentication Protocols for Dynamic Peer Groups IEEE/ACM Trans. on Netw., Vol. 14, No. 2, April 2006 Patrick P. C. Lee, at el. Hyeongseop Shim NS Lab, Div. of CS November 6, 2007

2 2 / 21 Contents Introduction Tree-Based Group Diffie-Hellman (TGDH) Protocol Interval-Based Distributed Rekeying Algorithms Rebuild Algorithm Batch Algorithm Queue-Batch Algorithm Performance Evaluation Authenticated TGDH Conclusion

3 3 / 21 Introduction Emergence of group-oriented distributed applications Necessity to provide group communication privacy Distributed group key group key agreement Comparison with centralized group key management No centralized key server Increase in system reliability

4 4 / 21 TGDH Protocol (1/2) Key tree in tree-based group Diffie-Hellman protocol Blinded key BK v BK v = α Kv mod p Secret key K v K v = (BK 2v+1 ) K 2v+2 mod p = (BK 2v+2 ) K 2v+1 mod p = α K 2v+1 K 2v+2 mod p Secret key at a leaf node is selected randomly Every member M i can compute the keys along its key path to the root Sponsor Responsible for updating keys held by the new or departed member Rightmost member under the subtree rooted at the sibling of the join and leave nodes

5 5 / 21 TGDH Protocol (2/2) Rekeying operation Single leave Single join

6 6 / 21 Interval-Based Rekeying Algorithms (1/4) Overview Constant rekeying frequency regardless of the dynamic join and leave Delay of the update of the group key Tradeoff of weakening both backward and forward secrecy Proposed algorithms Rebuild algorithm Batch algorithm Queue-batch algorithm

7 7 / 21 Interval-Based Rekeying Algorithms (2/4) Rebuild algorithm Reconstructs the whole key tree with the remaining and joining members Resulting tree is a left-complete tree

8 8 / 21 Interval-Based Rekeying Algorithms (3/4) Batch algorithm L > J > 0 J > L > 0

9 9 / 21 Interval-Based Rekeying Algorithms (4/4) Queue-batch algorithm Reduces rekeying load by pre-processing the joining members Two phases Queue-subtree phase Queue-merge phase

10 10 / 21 Performance Evaluation (1/6) Mathematical analysis Two performance measures Number of exponentiation operations Number of renewed nodes Average numbers of exponentiation (J = 128 / 256 / 384) Average number of renewed nodes (J = 128 / 256 / 384)

11 11 / 21 Performance Evaluation (2/6) Experiment 1 Comparison between individual and interval-based rekeying

12 12 / 21 Performance Evaluation (3/6) Experiment 2 Average number of exponentiation (P J = 0.25 / 0.5 / 0.75) Average number of renewed nodes (P J = 0.25 / 0.5 / 0.75)

13 13 / 21 Performance Evaluation (4/6) Experiment 3 Instantaneous number of exponentiation (P J = P L = 0.25 / 0.5 / 0.75) Instantaneous number of renewed nodes (P J = P L = 0.25 / 0.5 / 0.75)

14 14 / 21 Performance Evaluation (5/6) Experiment 4 Performance of Queue-batch at different reset intervals (P J = 0.5) Reconstruction of the key tree using Rebuild every T R rekeying intervals Robustness in maintaining a relatively balanced tree

15 15 / 21 Performance Evaluation (6/6) Experiment 5 Average number of rounds (P J = 0.25 / 0.5 / 0.75) Period during which the group members compute the secret key as far up the key tree as they can

16 16 / 21 Authenticated TGDH (1/5) Overview Provides key authentication for interval-based algorithms Basic idea To couple the session-based group key with the certified permanent private components of the group members Two types of keys Short-term secret and blinded keys Long-term private and public keys Satisfies Perfect forward secrecy Known-key security Key authentication

17 17 / 21 Authenticated TGDH (2/5) Notations Secret key K v Blinded key BK v Blinded key set BK v ’ Set of BK v ’s respectively encrypted by the long-term private key of every descendant of the sibling of the node v Set of descendants of node v, M v ith member, M i, holds Short-term secret key r Mi, and blinded key α r Mi mod p Long-term private key x Mi, and public key α x Mi mod p Two-party, two-pass AK protocol M1M1 M2M2 α r M1 α r M2 Compute (α x M2 ) r M1 * (α r M2 ) r M1 +x M1 = α r M1 r M2 +r M1 x M2 +r M2 x M1 Compute (α x M1 ) r M2 * (α r M1 ) r M2 +x M2 = α r M1 r M2 +r M1 x M2 +r M2 x M1

18 18 / 21 Authenticated TGDH (3/5) A-TGDH protocol Association of a node v with K v and BK v ’ Case 1) v is a nonleaf node with child nodes 2v+1 and 2v+2 Case 2) v is a leaf node associated with member M i

19 19 / 21 Authenticated TGDH (4/5) How A-TGDH works After rekeying, nodes 0, 1 and 2 are renewed 1. Secrete keys of nodes 1 and 2 are computed K 1 = α r M1 r M2 +r M1 x x2 +r M2 x M1 K 2 = α r M3 r M4 +r M3 x x4 +r M4 x M3 2. Sponsor M 1 broadcasts α K 1 x M3 and α K 1 x M4 Sponsor M 2 broadcasts α K 2 x M1 and α K 2 x M2 3. M 1 and M 2 can retrieve α K 2 from α K 2 x M1 and α K 2 x M2 M 3 and M 4 can retrieve α K 1 from α K 1 x M3 and α K 1 x M4 4. Members can compute K 0 = α K 1 K 2 +K 1 (x M3 +x M4 )+K 2 (x M1 +x M2 )

20 20 / 21 Authenticated TGDH (5/5) Comparison between nonauth and auth Queue-batch (P j = 0.25)

21 21 / 21 Conclusion Interval-based distributed rekeying algorithms Rebuild Batch algorithm Queue-batch algorithm Evaluation of interval-based algorithms Authenticated group key agreement protocol

Download ppt "KAIS T Distributed Collaborative Key Agreement and Authentication Protocols for Dynamic Peer Groups IEEE/ACM Trans. on Netw., Vol. 14, No. 2, April 2006."

Similar presentations

Fast and Secure Universal Roaming Service for Mobile Internet Yeali S. Sun, Yu-Chun Pan, Meng-Chang Chen.

Fast and Secure Universal Roaming Service for Mobile Internet Yeali S. Sun, Yu-Chun Pan, Meng-Chang Chen.
A Survey of Key Management for Secure Group Communications Celia Li.

A Survey of Key Management for Secure Group Communications Celia Li.
A hierarchical key management scheme for secure group communications in mobile ad hoc networks Authors: Nen-Chung Wang and Shian-Zhang Fang Sources: The.

A hierarchical key management scheme for secure group communications in mobile ad hoc networks Authors: Nen-Chung Wang and Shian-Zhang Fang Sources: The.
Group Protocols for Secure Wireless Ad hoc Networks Srikanth Nannapaneni Sreechandu Kamisetty Swethana pagadala Aparna kasturi.

Group Protocols for Secure Wireless Ad hoc Networks Srikanth Nannapaneni Sreechandu Kamisetty Swethana pagadala Aparna kasturi.
Distribution and Revocation of Cryptographic Keys in Sensor Networks Amrinder Singh Dept. of Computer Science Virginia Tech.

Distribution and Revocation of Cryptographic Keys in Sensor Networks Amrinder Singh Dept. of Computer Science Virginia Tech.
1 Performance Char’ of Region- Based Group Key Management --- in Mobile Ad Hoc Networks --- by Ing-Ray Chen, Jin-Hee Cho and Ding-Chau Wang Presented by.

1 Performance Char’ of Region- Based Group Key Management --- in Mobile Ad Hoc Networks --- by Ing-Ray Chen, Jin-Hee Cho and Ding-Chau Wang Presented by.
Fall, 2011 - Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style A Survey on Decentralized Group Key Management Schemes.

Fall, Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style A Survey on Decentralized Group Key Management Schemes.
Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 5 Group Key Management.

Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 5 Group Key Management.
SplitStream: High- Bandwidth Multicast in Cooperative Environments Monica Tudora.

SplitStream: High- Bandwidth Multicast in Cooperative Environments Monica Tudora.
URSA: Providing Ubiquitous and Robust Security Support for MANET

URSA: Providing Ubiquitous and Robust Security Support for MANET
An Improvement on Authenticated Key Agreement Scheme Authors: Chin-Chen Chang and Shih-Yi Lin Source: 2007 International Conference on Intelligent Pervasive.

An Improvement on Authenticated Key Agreement Scheme Authors: Chin-Chen Chang and Shih-Yi Lin Source: 2007 International Conference on Intelligent Pervasive.
KAIS T Scalable Key Management for Secure Multicast Communication in the Mobile Environment Jiannong Cao, Lin Liao, Guojun Wang Pervasive and Mobile Computing.

KAIS T Scalable Key Management for Secure Multicast Communication in the Mobile Environment Jiannong Cao, Lin Liao, Guojun Wang Pervasive and Mobile Computing.
Secure and Efficient Key Management in Mobile Ad Hoc Networks Bing Wu, Jie Wu, Eduardo B. Fernandez, Mohammad Ilyas, Spyros Magliveras Department of Computer.

Secure and Efficient Key Management in Mobile Ad Hoc Networks Bing Wu, Jie Wu, Eduardo B. Fernandez, Mohammad Ilyas, Spyros Magliveras Department of Computer.
1.1 Distributed and Collaborative Key Agreement Protocols with Authentication and Implementation for Dynamic Peer Groups Patrick Pak-Ching LEE.

1.1 Distributed and Collaborative Key Agreement Protocols with Authentication and Implementation for Dynamic Peer Groups Patrick Pak-Ching LEE.
Secure Multicast (II) Xun Kang. Content Batch Update of Key Trees Reliable Group Rekeying Tree-based Group Diffie-Hellman Recent progress in Wired and.

Secure Multicast (II) Xun Kang. Content Batch Update of Key Trees Reliable Group Rekeying Tree-based Group Diffie-Hellman Recent progress in Wired and.
1 Authenticated key agreement without using one-way hash functions Harn, L.; Lin, H.-Y. Electronics Letters, Volume: 37 Issue: 10, 10 May 2001 Presented.

1 Authenticated key agreement without using one-way hash functions Harn, L.; Lin, H.-Y. Electronics Letters, Volume: 37 Issue: 10, 10 May 2001 Presented.
1 Dynamic Key-Updating: Privacy- Preserving Authentication for RFID Systems Li Lu, Lei Hu State Key Laboratory of Information Security, Graduate School.

1 Dynamic Key-Updating: Privacy- Preserving Authentication for RFID Systems Li Lu, Lei Hu State Key Laboratory of Information Security, Graduate School.
Secure Multicast Xun Kang. Content Why need secure Multicast? Secure Group Communications Using Key Graphs Batch Update of Key Trees Reliable Group Rekeying.

Secure Multicast Xun Kang. Content Why need secure Multicast? Secure Group Communications Using Key Graphs Batch Update of Key Trees Reliable Group Rekeying.
1 Security analysis of an enhanced authentication key exchange protocol Authors : H.Y. Liu, G.B. Horng, F.Y. Hung Presented by F.Y. Hung Date : 2005/5/20.

1 Security analysis of an enhanced authentication key exchange protocol Authors : H.Y. Liu, G.B. Horng, F.Y. Hung Presented by F.Y. Hung Date : 2005/5/20.
Cryptography1 CPSC 3730 Cryptography Chapter 10 Key Management.

Cryptography1 CPSC 3730 Cryptography Chapter 10 Key Management.

Similar presentations

Ads by Google