Key distribution and update for secure inter-group multicast communication

Group communication has become an important component in wireless networks. In this paper, we focus on the environments in which multiple groups coexist in the system, and both intra and inter group multicast traffic must be protected by secret keys. We propose a mechanism that integrates polynomials with flat tables to achieve personal key share distribution and efficient key refreshment during group changes. The proposed mechanism distributes keys via true broadcast. The contributions of the research include: (1) By switching from asymmetric algorithms to symmetric encryption methods, the proposed mechanism avoids heavy computation, and improves the processing efficiency of multicast traffic and the power usage at the wireless nodes. The group managers do not have to generate public-private key pairs when the group member changes. (2) It becomes more difficult for an attacker to impersonate another node since personal key shares are adopted. The additional storage overhead at the wireless nodes and the increased broadcast traffic during key refreshment are justified. In addition, we describe techniques to improve the robustness of the proposed mechanism under the complicated scenarios such as collusive attacks and batch group member changes.

[1]  Gene Tsudik,et al.  Key Agreement in Dynamic Peer Groups , 2000, IEEE Trans. Parallel Distributed Syst..

[2]  Suvo Mittra,et al.  Iolus: a framework for scalable secure multicasting , 1997, SIGCOMM '97.

[3]  Guevara Noubir,et al.  Secure multicast groups on ad hoc networks , 2003, SASN '03.

[4]  Ran Canetti,et al.  Efficient Communication-Storage Tradeoffs for Multicast Encryption , 1999, EUROCRYPT.

[5]  Bob Briscoe,et al.  MARKS: Zero Side Effect Multicast Key Management Using Arbitrarily Revealed Key Sequences , 1999, Networked Group Communication.

[6]  Zhiyuan Li,et al.  Energy cost analysis of IPSec on handheld devices , 2004, Microprocess. Microsystems.

[7]  Srivaths Ravi,et al.  Analyzing the energy consumption of security protocols , 2003, ISLPED '03.

[8]  M. Eltoweissy,et al.  CKDS: an efficient combinatorial key distribution scheme for wireless ad-hoc networks , 2004, IEEE International Conference on Performance, Computing, and Communications, 2004.

[9]  Ashok Samal,et al.  Scalable secure one-to-many group communication using dual encryption , 2000, Comput. Commun..

[10]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[11]  Mohamed G. Gouda,et al.  Secure group communications using key graphs , 2000, TNET.

[12]  Lusheng Ji,et al.  Explicit Multicasting for Mobile Ad Hoc Networks , 2003, Mob. Networks Appl..

[13]  Randy H. Katz,et al.  Composable ad hoc location‐based services for heterogeneous mobile clients , 1999, Wirel. Networks.

[14]  Prasant Mohapatra,et al.  Efficient overlay multicast for mobile ad hoc networks , 2003, 2003 IEEE Wireless Communications and Networking, 2003. WCNC 2003..

[15]  Lusheng Ji,et al.  Differential destination multicast-a MANET multicast routing protocol for small groups , 2001, Proceedings IEEE INFOCOM 2001. Conference on Computer Communications. Twentieth Annual Joint Conference of the IEEE Computer and Communications Society (Cat. No.01CH37213).

[16]  Robin Kravets,et al.  Security-aware ad hoc routing for wireless networks , 2001, MobiHoc '01.

[17]  Sushil Jajodia,et al.  Kronos: a scalable group re-keying approach for secure multicast , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[18]  Mohamed Eltoweissy,et al.  Combinatorial optimization of multicast key management , 2003, 36th Annual Hawaii International Conference on System Sciences, 2003. Proceedings of the.

[19]  L. B. Milstein,et al.  Theory of Spread-Spectrum Communications - A Tutorial , 1982, IEEE Transactions on Communications.

[20]  L. Lazos,et al.  Location-Aware Secure Wireless Multicast in Ad-Hoc Networks under Heterogeneous Path-loss , 2003 .

[21]  Bharat K. Bhargava,et al.  Authorization Based on Evidence and Trust , 2002, DaWaK.

[22]  Xiao Chen,et al.  Multicasting techniques in mobile ad hoc networks , 2003 .

[23]  Alan T. Sherman,et al.  Key Establishment in Large Dynamic Groups Using One-Way Function Trees , 2003, IEEE Trans. Software Eng..

[24]  Klara Nahrstedt,et al.  Effective location-guided tree construction algorithms for small group multicast in MANET , 2002, Proceedings.Twenty-First Annual Joint Conference of the IEEE Computer and Communications Societies.

[25]  Radha Poovendran,et al.  Energy-aware secure multicast communication in ad-hoc networks using geographic location information , 2003, 2003 IEEE International Conference on Acoustics, Speech, and Signal Processing, 2003. Proceedings. (ICASSP '03)..

[26]  Eric J. Harder,et al.  Key Management for Multicast: Issues and Architectures , 1999, RFC.

[27]  Hugh Harney,et al.  Group Key Management Protocol (GKMP) Architecture , 1997, RFC.

[28]  Neil Immerman,et al.  Leader election algorithms for wireless ad hoc networks , 2003, Proceedings DARPA Information Survivability Conference and Exposition.

[29]  Samuel T. Redwine,et al.  A logic for the exclusion basis system , 2004, 37th Annual Hawaii International Conference on System Sciences, 2004. Proceedings of the.

[30]  Dawn Xiaodong Song,et al.  ELK, a new protocol for efficient large-group key distribution , 2001, Proceedings 2001 IEEE Symposium on Security and Privacy. S&P 2001.

[31]  Nathalie Weiler,et al.  The VersaKey framework: versatile group key management , 1999, IEEE J. Sel. Areas Commun..

[32]  T. Aura,et al.  Robust Membership Management for Ad-hoc Groups , 2000 .

[33]  Shouhuai Xu,et al.  GKMPAN: An Efficient Group Rekeying Scheme for Secure Multicast in Ad-Hoc Networks , 2006 .

[34]  T. Hardjono,et al.  Secure group communications for wireless networks , 2001, 2001 MILCOM Proceedings Communications for Network-Centric Operations: Creating the Information Force (Cat. No.01CH37277).

[35]  Danilo Bruschi,et al.  Secure Multicast in Wireless Networks of Mobile Hosts: Protocols and Issues , 2002, Mob. Networks Appl..

[36]  Bharat Bhargava,et al.  Formalization of dynamic trust and uncertain evidence for user authorization , 2005 .

[37]  Moni Naor,et al.  Multicast security: a taxonomy and some efficient constructions , 1999, IEEE INFOCOM '99. Conference on Computer Communications. Proceedings. Eighteenth Annual Joint Conference of the IEEE Computer and Communications Societies. The Future is Now (Cat. No.99CH36320).

[38]  Roberto Di Pietro,et al.  LKHW: a directed diffusion-based secure multicast scheme for wireless sensor networks , 2003, 2003 International Conference on Parallel Processing Workshops, 2003. Proceedings..

[39]  Matthew K. Franklin,et al.  Self-healing key distribution with revocation , 2002, Proceedings 2002 IEEE Symposium on Security and Privacy.

[40]  Lusheng Ji,et al.  A layered architecture for location-based services in wireless ad hoc networks , 2002, Proceedings, IEEE Aerospace Conference.

[41]  David Hutchison,et al.  Decentralised group key management , 2002 .

[42]  Dilip D. Kandlur,et al.  Key management for secure lnternet multicast using Boolean function minimization techniques , 1999, IEEE INFOCOM '99. Conference on Computer Communications. Proceedings. Eighteenth Annual Joint Conference of the IEEE Computer and Communications Societies. The Future is Now (Cat. No.99CH36320).

[43]  Donggang Liu,et al.  Efficient self-healing group key distribution with revocation capability , 2003, CCS '03.

[44]  Refik Molva,et al.  Scalable multicast security in dynamic groups , 1999, CCS '99.

[45]  Jessica Staddon,et al.  Sliding-window self-healing key distribution , 2003, SSRS '03.

[46]  Di Yuan,et al.  Resource optimization of spatial TDMA in ad hoc radio networks: a column generation approach , 2003, IEEE INFOCOM 2003. Twenty-second Annual Joint Conference of the IEEE Computer and Communications Societies (IEEE Cat. No.03CH37428).

[47]  Michalis Faloutsos,et al.  Denial of service attacks at the MAC layer in wireless ad hoc networks , 2002, MILCOM 2002. Proceedings.

[48]  Bob Briscoe MARKS: Multicast Key Management using Arbitrarily Revealed Key Sequences , 1999 .

[49]  Donggang Liu,et al.  Establishing pairwise keys in distributed sensor networks , 2005, TSEC.