Efficient and secure group key management based on EBS and attribute encryption

Exclusion Basis Systems (EBS) is a combinatorial optimization methodology for key management of group communication. The EBS approach proves to be very scalable for large networks and enables great flexibility in network management. But it is highly vulnerable to collusion attacks. In this paper, a novel secure group management scheme based on EBS and attribute encryption is proposed. Our proposed scheme provides group forward/backward secrecy, and it is resilience to colluding attacks. Moreover, compared to some previous approaches, performance evaluation shows that our scheme is more efficient in communication (O(m) for single leave), storage (O(k) for each group member), and computation (O(k) for each group member), where k and m are the number of the attributes that each member holds or not. As k and m could be relatively small even in large-scale systems, so as to our new scheme works well in large-scale applications.

[1]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption: An Expressive, Efficient, and Provably Secure Realization , 2011, Public Key Cryptography.

[2]  Kong Fan Collusion Problem of the EBS-Based Dynamic Key Management Scheme , 2009 .

[3]  Pieter H. Hartel,et al.  Efficient and Provable Secure Ciphertext-Policy Attribute-Based Encryption Schemes , 2008, ISPEC.

[4]  Mohamed Eltoweissy,et al.  Combinatorial Optimization of Group Key Management , 2003, Journal of Network and Systems Management.

[5]  Brent Waters,et al.  Fuzzy Identity-Based Encryption , 2005, EUROCRYPT.

[6]  Dilip D. Kandlur,et al.  Key management for secure lnternet multicast using Boolean function minimization techniques , 1999, IEEE INFOCOM '99. Conference on Computer Communications. Proceedings. Eighteenth Annual Joint Conference of the IEEE Computer and Communications Societies. The Future is Now (Cat. No.99CH36320).

[7]  Geng Yang,et al.  An Identity-Based Encryption Scheme for Broadcasting , 2007, 2007 IFIP International Conference on Network and Parallel Computing Workshops (NPC 2007).

[8]  Ling Cheung,et al.  Collusion-Resistant Group Key Management Using Attribute-Based Encryption , 2007, IACR Cryptol. ePrint Arch..

[9]  Eric J. Harder,et al.  Key Management for Multicast: Issues and Architectures , 1999, RFC.

[10]  Alan T. Sherman,et al.  Key Establishment in Large Dynamic Groups Using One-Way Function Trees , 2003, IEEE Trans. Software Eng..

[11]  Amit Sahai,et al.  Bounded Ciphertext Policy Attribute Based Encryption , 2008, ICALP.

[12]  Zhibin Zhou,et al.  BGKM: An Efficient Secure Broadcasting Group Key Management Scheme , 2008, IACR Cryptol. ePrint Arch..

[13]  Dawn Xiaodong Song,et al.  ELK, a new protocol for efficient large-group key distribution , 2001, Proceedings 2001 IEEE Symposium on Security and Privacy. S&P 2001.

[14]  Brent Waters,et al.  Attribute-based encryption for fine-grained access control of encrypted data , 2006, CCS '06.

[15]  Mohamed F. Younis,et al.  Location-Aware Combinatorial Key Management Scheme for Clustered Sensor Networks , 2006, IEEE Transactions on Parallel and Distributed Systems.

[16]  Chunguang Ma,et al.  A Location-aware and Secret-share Based Dynamic Key Management Scheme for Heterogeneous Sensor Networks , 2010, J. Networks.

[17]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[18]  Wenjing Lou,et al.  Attribute-based on-demand multicast group setup with membership anonymity , 2008, SecureComm.

[19]  Vijay Varadharajan,et al.  A New Security Scheme for Wireless Sensor Networks , 2008, IEEE GLOBECOM 2008 - 2008 IEEE Global Telecommunications Conference.

[20]  Mohamed Eltoweissy,et al.  Dynamic key management in sensor networks , 2006, IEEE Communications Magazine.

[21]  Chun-Wen Li,et al.  Collusion Problem of the EBS-Based Dynamic Key Management Scheme: Collusion Problem of the EBS-Based Dynamic Key Management Scheme , 2009 .