High-performance secure group communication

Distributed applications increasingly rely on messaging systems to provide secure, uninterrupted service within acceptable throughput and latency parameters. This is difficult to guarantee in a complex network environment that is susceptible to a multitude of human or electronic threats, especially as network attacks have become more sophisticated and harder to contain. Security is a critical component of the survivability of such distributed messaging systems that operate in a dynamic network environment and communicate over insecure networks such as the Internet. This dissertation presents how security techniques can be integrated into group communication systems, a particular case of distributed messaging systems, while maintaining a reasonable level of performance. Many security services (data secrecy, data integrity, entity authentication, etc) can be bootstrapped if members of the group share a common secret, which makes key management a critical building block. We propose an architecture for secure group communication, relying on a group key management protocol that is efficient, robust to process crashes and network partitions and merges, and protects confidentiality of the data even when long-term keys of the participants are compromised. We show how different group communication semantics can be supported in the proposed architecture, discuss the accompanying trust issues and present experimental results that offer insights into its scalability and practicality.

[1]  Injong Rhee,et al.  Design and implementation of a distributed X-multiplexor , 1998, Proceedings. 18th International Conference on Distributed Computing Systems (Cat. No.98CB36183).

[2]  Injong Rhee,et al.  Design and Implementation of a Multicast Audio Confrencing Tool for Collaborative Computing Framework , 1998, Inf. Sci..

[3]  Robbert van Renesse,et al.  Horus: a flexible group communication system , 1996, CACM.

[4]  Louise E. Moser,et al.  The Totem single-ring ordering and membership protocol , 1995, TOCS.

[5]  Gustavo Alonso,et al.  Don't Be Lazy, Be Consistent: Postgres-R, A New Way to Implement Database Replication , 2000, VLDB.

[6]  Yair Amir,et al.  Transis: A Communication Sub-system for High Availability , 1992 .

[7]  Robbert van Renesse,et al.  Reliable Distributed Computing with the Isis Toolkit , 1994 .

[8]  Rachid Guerraoui,et al.  The Implementation of a CORBA Object Group Service , 1998, Theory Pract. Object Syst..

[9]  Helena Handschuh,et al.  x2 Cryptanalysis of the SEAL Encryption Algorithm , 1997, FSE.

[10]  Whitfield Diffie,et al.  A Secure Audio Teleconference System , 1988, CRYPTO.

[11]  Esti Yeger Lotem,et al.  The AS/400 cluster engine: A case study , 1999, Proceedings of the 1999 ICPP Workshops on Collaboration and Mobile Computing (CMC'99). Group Communications (IWGC). Internet '99 (IWI'99). Industrial Applications on Network Computing (INDAP). Multime.

[12]  Bernadette Charron-Bost,et al.  On the impossibility of group membership , 1996, PODC '96.

[13]  Idit Keidar,et al.  Efficient message ordering in dynamic networks , 1996, PODC '96.

[14]  Leslie Lamport,et al.  Time, clocks, and the ordering of events in a distributed system , 1978, CACM.

[15]  Roy Friedman,et al.  Fast replicated state machines over partitionable networks , 1997, Proceedings of SRDS'97: 16th IEEE Symposium on Reliable Distributed Systems.

[16]  Yongdae Kim,et al.  On the performance of group key agreement protocols , 2004, TSEC.

[17]  Idit Keidar,et al.  Group communication specifications: a comprehensive study , 2001, CSUR.

[18]  Brian Weis,et al.  The Group Domain of Interpretation , 2003, RFC.

[19]  Walter R. Bischofberger,et al.  Building Reliable Distributed Systems with CORBA , 1997, Theory Pract. Object Syst..

[20]  Fred B. Schneider,et al.  Implementing fault-tolerant services using the state machine approach: a tutorial , 1990, CSUR.

[21]  Helena Handschuh Cryptanalysis of the Seal Encryption Algorithm , 1996 .

[22]  Emmanuel Bresson,et al.  Provably Authenticated Group Diffie-Hellman Key Exchange - The Dynamic Case , 2001, ASIACRYPT.

[23]  Roy Friedman,et al.  Middleware support for distributed multimedia and collaborative computing , 1997, Electronic Imaging.

[24]  Alan T. Sherman,et al.  Key Establishment in Large Dynamic Groups Using One-Way Function Trees , 2003, IEEE Trans. Software Eng..

[25]  Yvo Desmedt,et al.  A Secure and Efficient Conference Key Distribution System (Extended Abstract) , 1994, EUROCRYPT.

[26]  Idit Keidar,et al.  A Highly Available Paradigm for Consistent Object Replication , 1994 .

[27]  Rachid Guerraoui,et al.  Software-Based Replication for Fault Tolerance , 1997, Computer.

[28]  Todd Montgomery,et al.  A High Performance Totally Ordered Multicast Protocol , 1994, Dagstuhl Seminar on Distributed Systems.

[29]  Ehab Al-Shaer,et al.  Reliability, scalability and robustness issues in IRI , 1997, Proceedings of IEEE 6th Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises.

[30]  Idit Keidar,et al.  A client-server oriented algorithm for virtually synchronous group membership in WANs , 2000, Proceedings 20th IEEE International Conference on Distributed Computing Systems.

[31]  Roy Friedman,et al.  Strong and weak virtual synchrony in Horus , 1996, Proceedings 15th Symposium on Reliable Distributed Systems.

[32]  Alberto Montresor,et al.  Middleware for dependable network services in partitionable distributed systems , 2001, OPSR.

[33]  Gustavo Alonso,et al.  A suite of database replication protocols based on group communication primitives , 1998, Proceedings. 18th International Conference on Distributed Computing Systems (Cat. No.98CB36183).

[34]  Kenneth P. Birman,et al.  Bimodal multicast , 1999, TOCS.

[35]  ZHANGLi-xia,et al.  A reliable multicast framework for light-weight sessions and application level framing , 1995 .

[36]  Alberto Montresor,et al.  System support for partition-aware network applications , 1998, Proceedings. 18th International Conference on Distributed Computing Systems (Cat. No.98CB36183).

[37]  André Schiper,et al.  From group communication to transactions in distributed systems , 1996, CACM.

[38]  Andrew S. Tanenbaum,et al.  An evaluation of the Amoeba group communication system , 1996, Proceedings of 16th International Conference on Distributed Computing Systems.

[39]  Rachid Guerraoui,et al.  Transaction Model vs. Virtual Synchrony Model: Bridging the Gap , 1994, Dagstuhl Seminar on Distributed Systems.

[40]  Louise E. Moser,et al.  The SecureRing protocols for securing group communication , 1998, Proceedings of the Thirty-First Hawaii International Conference on System Sciences.

[41]  Kenneth P. Birman,et al.  Exploiting virtual synchrony in distributed systems , 1987, SOSP '87.

[42]  Eric J. Harder,et al.  Key Management for Multicast: Issues and Architectures , 1999, RFC.

[43]  Michael K. Reiter,et al.  Secure agreement protocols: reliable and atomic group multicast in rampart , 1994, CCS '94.

[44]  John Lane Schultz Partitionable Virtual Synchrony Using Extended Virtual Synchrony , 2001 .

[45]  Nancy A. Lynch,et al.  Specifying and using a partitionable group communication service , 1997, PODC '97.

[46]  Yair Amir,et al.  Replication using group communication over a partitioned network (שכפול באמצעות תקשרת קבוצות מעל רשת דינמית.) , 1995 .

[47]  Danny Dolev,et al.  Ensemble Security , 1998 .

[48]  Danny Dolev,et al.  Optimized Rekey for Group Communication Systems , 2000, NDSS.

[49]  Hugh Harney,et al.  Group Key Management Protocol (GKMP) Specification , 1997, RFC.

[50]  Alfred Menezes,et al.  Handbook of Applied Cryptography , 2018 .

[51]  Eric Harder,et al.  Logical Key Hierarchy Protocol , 1999 .

[52]  Jon Crowcroft,et al.  Core Based Trees (CBT) An Architecture for Scalable Inter-Domain Multicast Routing , 1993, SIGCOMM 1993.

[53]  Gene Tsudik,et al.  Simple and fault-tolerant key agreement for dynamic collaborative groups , 2000, CCS.

[54]  Danny Dolev,et al.  Using AVL trees for fault-tolerant group key management , 2000, International Journal of Information Security.

[55]  N. Asokan,et al.  Optimistic fair exchange of digital signatures , 1998, IEEE Journal on Selected Areas in Communications.

[56]  Idit Keidar,et al.  A framework for highly available services based on group communication , 2001, Proceedings 21st International Conference on Distributed Computing Systems Workshops.

[57]  Atul Prakash,et al.  Antigone: A Flexible Framework for Secure Group Communication , 1999, USENIX Security Symposium.

[58]  Elaine B. Barker,et al.  The Keyed-Hash Message Authentication Code (HMAC) | NIST , 2002 .

[59]  Shlomi Dolev,et al.  Dynamic load balancing with group communication , 2006, Theor. Comput. Sci..

[60]  Nancy A. Lynch,et al.  Multicast Group Communication as a Base for a Load-Balancing Replicated Data Service , 1998, DISC.

[61]  Yongdae Kim,et al.  Exploring robustness in group key agreement , 2001, Proceedings 21st International Conference on Distributed Computing Systems.

[62]  Willy Zwaenepoel,et al.  Distributed process groups in the V Kernel , 1985, TOCS.

[63]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[64]  Tony Ballardie,et al.  Scalable Multicast Key Distribution , 1996, RFC.

[65]  Wen-Guey Tzeng,et al.  Round-Efficient Conference Key Agreement Protocols with Provable Security , 2000, ASIACRYPT.

[66]  Emmanuel Bresson,et al.  Provably authenticated group Diffie-Hellman key exchange , 2001, CCS '01.

[67]  Gene Tsudik,et al.  Communication-Efficient Group Key Agreement , 2001, SEC.

[68]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[69]  Yair Amir,et al.  Practical Cluster Applications of Group Communication , 2000 .

[70]  Vaidy S. Sunderam,et al.  Group Communication Support for Distributed Multimedia and CSCW Systems. , 1997, ICDCS 1997.

[71]  Li Gong,et al.  Enclaves: Enabling Secure Collaboration Over the Internet , 1996, IEEE J. Sel. Areas Commun..

[72]  Gene Tsudik,et al.  Key Agreement in Dynamic Peer Groups , 2000, IEEE Trans. Parallel Distributed Syst..

[73]  Farnam Jahanian,et al.  Experiences with group communication middleware , 2000, Proceeding International Conference on Dependable Systems and Networks. DSN 2000.

[74]  Dan Boneh,et al.  TWENTY YEARS OF ATTACKS ON THE RSA CRYPTOSYSTEM , 1999 .

[75]  Danny Dolev,et al.  The architecture and performance of security protocols in the ensemble group communication system , 2000, ACM Trans. Inf. Syst. Secur..

[76]  Keith Marzullo,et al.  The Bancomat problem: an example of resource allocation in a partitionable asynchronous system , 2003, Theoretical Computer Science.

[77]  Louise E. Moser,et al.  Extended virtual synchrony , 1994, 14th International Conference on Distributed Computing Systems.

[78]  Hugo Krawczyk,et al.  Keying Hash Functions for Message Authentication , 1996, CRYPTO.

[79]  Idit Keidar,et al.  Scalable group membership services for novel applications , 1997, Networks in Distributed Computing.

[80]  Shivakant Mishra,et al.  Design and implementation of an availability management service , 1999, Proceedings. 19th IEEE International Conference on Distributed Computing Systems. Workshops on Electronic Commerce and Web-based Applications. Middleware.

[81]  Nathalie Weiler,et al.  The VersaKey framework: versatile group key management , 1999, IEEE J. Sel. Areas Commun..

[82]  Gene Tsudik,et al.  The design of a group key agreement API , 2000, Proceedings DARPA Information Survivability Conference and Exposition. DISCEX'00.

[83]  Ehab Al-Shaer,et al.  HiFi: a new monitoring architecture for distributed systems management , 1999, Proceedings. 19th IEEE International Conference on Distributed Computing Systems (Cat. No.99CB37003).

[84]  Yair Amir,et al.  N-way fail-over infrastructure for reliable servers and routers , 2003, 2003 International Conference on Dependable Systems and Networks, 2003. Proceedings..

[85]  Gene Tsudik,et al.  Tree-based group key agreement , 2004, TSEC.

[86]  Danny Dolev,et al.  Group communication as an infrastructure for distributed system management , 1996, Proceedings of Third International Workshop on Services in Distributed and Networked Environments.

[87]  Philip R. Zimmermann,et al.  The official PGP user's guide , 1996 .

[88]  Matti A. Hiltunen,et al.  Enhancing survivability of security services using redundancy , 2001, 2001 International Conference on Dependable Systems and Networks.

[89]  Idit Keidar,et al.  The Caelum (cid:3) Toolkit for CSCW: The Sky is the Limit y , 1997 .

[90]  Priya Narasimhan,et al.  Consistent Object Replication in the external System , 1998, Theory Pract. Object Syst..

[91]  Alan T. Sherman,et al.  Key Management for Large Dynamic Groups: One-Way Function Trees and Amortized Initialization , 2000 .

[92]  Idit Keidar,et al.  Fault tolerant video on demand services , 1999, Proceedings. 19th IEEE International Conference on Distributed Computing Systems (Cat. No.99CB37003).