Efficient and secure keys management for wireless mobile communications

This paper presents an efficient algorithm for the secure group key management of mobile users. The most promising protocols to deal with group key management are those based on logical key hierarchy (LKH). The LKH model reduces to logarithmic size the resources needed: computation time, message exchanged, and memory space. In the framework of the LKH model, we present a new protocol LKH++ that outperforms the other proposed solutions in the literature. Such performance improvements are obtained exploiting both the properties of one-way hash functions and the information that the users already share in the LKH model. In particular, when a user eviction occurs in LKH++, each remaining user autonomously constructs a new key along the path from the evicted user to the root as a function of a specific logical child key. Therefore, the center can carry on the re-keying phase by distributing only a subset of the new keys and by reducing the number of communications to the users. When a join occurs, a minimal information is broadcast, while most of the communications are unicast toward just the joining user. The proposed LKH++ protocol establishes a group communication of n users requiring to unicast ((n-1)logn)/2 keys, while standard algorithms require to deliver nlogn keys. Such a solution allows the users to form promptly a new group if the wireless ad hoc network should be reconfigured. Moreover, the proposed extension to deal with mass leave and mass join allows a considerable savings in the messages sent by the center, as well as in the computations required by both the center and the users. Finally, the LKH++ protocol enhances the reliability of the key management due to the reduced number of communications needed in the re-keying phase.

[1]  Ronald L. Rivest,et al.  The MD5 Message-Digest Algorithm , 1992, RFC.

[2]  Mohamed G. Gouda,et al.  Secure group communications using key graphs , 1998, SIGCOMM '98.

[3]  Dawn Xiaodong Song,et al.  ELK, a new protocol for efficient large-group key distribution , 2001, Proceedings 2001 IEEE Symposium on Security and Privacy. S&P 2001.

[4]  Shimshon Berkovits,et al.  How To Broadcast A Secret , 1991, EUROCRYPT.

[5]  Bernhard Plattner,et al.  Efficient security for large and dynamic multicast groups , 1998, Proceedings Seventh IEEE International Workshop on Enabling Technologies: Infrastucture for Collaborative Enterprises (WET ICE '98) (Cat. No.98TB100253).

[6]  Alan T. Sherman,et al.  Key Management for Large Dynamic Groups: One-Way Function Trees and Amortized Initialization , 2000 .

[7]  Bernard P. Zajac Applied cryptography: Protocols, algorithms, and source code in C , 1994 .

[8]  David Hutchison,et al.  EHBT: An Efficient Protocol for Group Key Management , 2001, Networked Group Communication.

[9]  Alan T. Sherman,et al.  Key Establishment in Large Dynamic Groups Using One-Way Function Trees , 2003, IEEE Trans. Software Eng..

[10]  Avishai Wool,et al.  Key management for restricted multicast using broadcast encryption , 2000, TNET.

[11]  Bruce Schneier,et al.  Applied cryptography (2nd ed.): protocols, algorithms, and source code in C , 1995 .

[12]  Eric Harder,et al.  Logical Key Hierarchy Protocol , 1999 .

[13]  Eric J. Harder,et al.  Key Management for Multicast: Issues and Architectures , 1999, RFC.

[14]  R. Safavi-Naini,et al.  Cryptographic Hash Functions: a Survey , 1995 .

[15]  Ran Canetti,et al.  Efficient Communication-Storage Tradeoffs for Multicast Encryption , 1999, EUROCRYPT.

[16]  James H. Burrows,et al.  Secure Hash Standard , 1995 .

[17]  Xiaozhou Li,et al.  Reliable group rekeying: a performance analysis , 2001, SIGCOMM '01.

[18]  Nathalie Weiler,et al.  The VersaKey framework: versatile group key management , 1999, IEEE J. Sel. Areas Commun..

[19]  Hugh Harney,et al.  Group Key Management Protocol (GKMP) Architecture , 1997, RFC.

[20]  Tim Kindberg,et al.  An authorization infrastructure for nomadic computing , 2002, SACMAT '02.

[21]  Reihaneh Safavi-Naini,et al.  New constructions for multicast re-keying schemes using perfect hash families , 2000, CCS.

[22]  Li Gong,et al.  Multicast security and its extension to a mobile environment , 1995, Wirel. Networks.

[23]  Mihir Bellare,et al.  Increasing the Lifetime of a Key: A Comparative Analysis of the Security of Re-keying Techniques , 2000, ASIACRYPT.