A Framework for Secure Group Key Management

The need for secure group communication is increasingly evident in a wide variety of governmental, commercial, and Internet communities. Secure group key management is concerned with the methods of issuing and distributing group keys, and the management of those keys over a period of time. To provide perfect secrecy, a central group key manager (GKM) has to perform group rekeying for every join or leave request. Fast rekeying is crucial to an application\u27s performance that has large group size, experiences frequent joins and leaves, or where the GKM is hosted by a group member. Examples of such applications are interactive military simulation, secure video and audio broadcasting, and secure peer-to-peer networks. Traditionally, the rekeying is performed periodically for the batch of requests accumulated during an inter-rekey period. The use of a logical key hierarchy (LKH) by a GKM has been introduced to provide scalable rekeying. If the GKM maintains a LKH of degree d and height h, such that the group size n ≤ dh, and the batch size is R requests, a rekeying requires the GKM to regenerate O(R × h) keys and to perform O(d × R × h) keys encryptions for the new keys distribution. The LKH approach provided a GKM rekeying cost that scales to the logarithm of the group size, however, the number of encryptions increases with increased LKH degree, LKH height, or the batch size. In this dissertation, we introduce a framework for scalable and efficient secure group key management that outperforms the original LKH approach. The framework has six components as follows. First, we present a software model for providing secure group key management that is independent of the application, the security mechanism, and the communication protocol. Second, we focus on a LKH-based GKM and introduce a secure key distribution technique, in which a rekeying requires the GKM to regenerate O( R × h) keys. Instead of encryption, we propose a novel XOR-based key distribution technique, namely XORBP, which performs an XOR operation between keys, and uses random byte patterns (BPs) to distribute the key material in the rekey message to guard against insider attacks. Our experiments show that the XORBP LKH approach substantially reduces a rekeying computation effort by more than 90%. Third, we propose two novel LKH batch rekeying protocols . The first protocol maintains a balanced LKH (B+-LKH) while the other maintains an unbalanced LKH (S-LKH). If a group experiences frequent leaves, keys are deleted form the LKH and maintaining a balanced LKH becomes crucial to the rekeying\u27s process performance. In our experiments, the use of a B+-LKH by a GKM, compared to a S-LKH, is shown to substantially reduce the number of LKH nodes (i.e., storage), and the number of regenerated keys per a rekeying by more than 50%. Moreover, the B +-LKH performance is shown to be bounded with increased group dynamics. Fourth, we introduce a generalized rekey policy that can be used to provide periodic rekeying as well as other versatile rekeying conditions. Fifth, to support distributed group key management, we identify four distributed group-rekeying protocols between a set of peer rekey agents. Finally, we discuss a group member and a GKM\u27s recovery after a short failure time

Group Key Management in Wireless Ad-Hoc and Sensor Networks

A growing number of secure group applications in both civilian and military domains is being deployed in WAHNs. A Wireless Ad-hoc Network (WARN) is a collection of autonomous nodes or terminals that communicate with each other by forming a multi-hop radio network and maintaining connectivity in a decentralized manner. A Mobile Ad-hoc Network (MANET) is a special type of WARN with mobile users. MANET nodes have limited communication, computational capabilities, and power. Wireless Sensor Networks (WSNs) are sensor networks with massive numbers of small, inexpensive devices pervasive throughout electrical and mechanical systems and ubiquitous throughout the environment that monitor and control most aspects of our physical world. In a WAHNs and WSNs with un-trusted nodes, nodes may falsify information, collude to disclose system keys, or even passively refuse to collaborate. Moreover, mobile adversaries might invade more than one node and try to reveal all system secret keys. Due to these special characteristics, key management is essential in securing such networks. Current protocols for secure group communications used in fixed networks tend to be inappropriate. The main objective of this research is to propose, design and evaluate a suitable key management approach for secure group communications to support WAHNs and WSNs applications. Key management is usually divided into key analysis, key assignment, key generation and key distribution. In this thesis, we tried to introduce key management schemes to provide secure group communications in both WAHNs and WSNs. Starting with WAHNs, we developed a key management scheme. A novel architecture for secure group communications was proposed. Our proposed scheme handles key distribution through Combinatorial Key Distribution Scheme (CKDS). We followed with key generation using Threshold-based Key Generation in WAHNs (TKGS). For key assignment, we proposed Combinatorial Key Assignment Scheme (CKAS), which assigns closer key strings to co-located nodes. We claim that our architecture can readily be populated with components to support objectives such as fault tolerance, full-distribution and scalability to mitigate WAHNs constraints. In our architecture, group management is integrated with multicast at the application layer. For key management in WSNs, we started with DCK, a modified scheme suitable for WSNs. In summary, the DCK achieves the following: (1) cluster leader nodes carry the major part of the key management overhead; (2) DCK consumes less than 50% of the energy consumed by SHELL in key management; (3) localizing key refreshment and handling node capture enhances the security by minimizing the amount of information known by each node about other portions of the network; and (4) since DCK does not involve the use of other clusters to maintain local cluster data, it scales better from a storage point of view with the network size represented by the number of clusters. We went further and proposed the use of key polynomials with DCK to enhance the resilience of multiple node capturing. Comparing our schemes to static and dynamic key management, our scheme was found to enhance network resilience at a smaller polynomial degree t and accordingly with less storage per node

Group Rekeying Schemes for Secure Group Communication in Wireless Sensor Networks

Wireless sensor networks are promising solutions for many applications. However, wireless sensor nodes suffer from many constraints such as low computation capability, small memory, limited energy resources, and so on. Grouping is an important technique to localize computation and reduce communication overhead in wireless sensor networks. In this paper, we use grouping to refer to the process of combining a set of sensor nodes with similar properties. We propose two centralized group rekeying (CGK) schemes for secure group communication in sensor networks. The lifetime of a group is divided into three phases, i.e., group formation, group maintenance, and group dissolution. We demonstrate how to set up the group and establish the group key in each phase. Our analysis shows that the proposed two schemes are computationally efficient and secure

Group Rekeying Schemes for Secure Group Communication in Wireless Sensor Networks

Wireless sensor networks are promising solutions for many applications. However, wireless sensor nodes suffer from many constraints such as low computation capability, small memory, limited energy resources, and so on. Grouping is an important technique to localize computation and reduce communication overhead in wireless sensor networks. In this paper, we use grouping to refer to the process of combining a set of sensor nodes with similar properties. We propose two centralized group rekeying (CGK) schemes for secure group communication in sensor networks. The lifetime of a group is divided into three phases, i.e., group formation, group maintenance, and group dissolution. We demonstrate how to set up the group and establish the group key in each phase. Our analysis shows that the proposed two schemes are computationally efficient and secure

Architecture for satellite services over cryptographically heterogeneous networks with application into smart grid

The rapid growth in the demand for Future Internet services with many emerging group applications has driven the development of satellite, which is the preferred delivery mechanism due to its wide area coverage, multicasting capability and speed to deliver affordable future services. Nevertheless, security has been one of the obstacles for both satellite services as well as smart grid group applications, especially with logical/geographical/cryptographic domains spanning heterogeneous networks and regions. In this paper, adaptive security architecture is implemented to protect satellite services for smart grid group applications. The focus is on key management and policy provisioning. Leveraging Group Domain of Interpretation (GDOI) as the standard for smart grid centralized key/policy management architecture, a single Domain of Interpretation (DOI) is deployed and evaluated critically in terms of the added protocol signaling overhead on the satellite system for a fixed-network scenario. This also partially realizes the growing trend towards the use of TCP/IP technology for smart grid applications

Scalable and Fault Tolerant Group Key Management

To address the group key management problem for modern networks this research proposes a lightweight group key management protocol with a gossip-based dissemination routine. Experiments show that by slightly increasing workload for the key update mechanism, this protocol is superior to currently available tree-based protocols with respect to reliability and fault tolerance, while remaining scalable to large groups. Java simulations show that the protocol efficiently distributes keys to large groups in the midst of up to 35 percent node failure rates. In addition, it eliminates the need for logical key hierarchy while preserving an overall reduction in rekey messages to rekey a group. The protocol provides a simple “pull” mechanism to ensure perfect rekeys in spite of the primary rekey mechanism’s probabilistic guarantees, without burdening key distribution facilities. Parameters for overlay management and gossip are improved to minimize rekey message traffic while remaining tolerant to node failure