Scalable and Secure Dynamic Key Management and Channel Aware Routing in Mobile Adhoc Networks

A MANET (Mobile Ad-hoc Network) is an infrastructure-less self configuring wireless networks of routers. Key management is at the center of providing network security via cryptographic mechanisms with a high-availability feature. Dynamic key is the efficient assistance for network scalability. Routing protocol used here is a form of reactive routing called CA-AOMDV and compared with Table driven routing called DSDV. Channel aware routing protocol quality of the channel which can be measured in terms of suitable metrics. This paper leads to an emphasis on Black hole attack and to develop a dynamic key framework using RSA algorithm

A Framework for Secure Group Key Management

The need for secure group communication is increasingly evident in a wide variety of governmental, commercial, and Internet communities. Secure group key management is concerned with the methods of issuing and distributing group keys, and the management of those keys over a period of time. To provide perfect secrecy, a central group key manager (GKM) has to perform group rekeying for every join or leave request. Fast rekeying is crucial to an application\u27s performance that has large group size, experiences frequent joins and leaves, or where the GKM is hosted by a group member. Examples of such applications are interactive military simulation, secure video and audio broadcasting, and secure peer-to-peer networks. Traditionally, the rekeying is performed periodically for the batch of requests accumulated during an inter-rekey period. The use of a logical key hierarchy (LKH) by a GKM has been introduced to provide scalable rekeying. If the GKM maintains a LKH of degree d and height h, such that the group size n ≤ dh, and the batch size is R requests, a rekeying requires the GKM to regenerate O(R × h) keys and to perform O(d × R × h) keys encryptions for the new keys distribution. The LKH approach provided a GKM rekeying cost that scales to the logarithm of the group size, however, the number of encryptions increases with increased LKH degree, LKH height, or the batch size. In this dissertation, we introduce a framework for scalable and efficient secure group key management that outperforms the original LKH approach. The framework has six components as follows. First, we present a software model for providing secure group key management that is independent of the application, the security mechanism, and the communication protocol. Second, we focus on a LKH-based GKM and introduce a secure key distribution technique, in which a rekeying requires the GKM to regenerate O( R × h) keys. Instead of encryption, we propose a novel XOR-based key distribution technique, namely XORBP, which performs an XOR operation between keys, and uses random byte patterns (BPs) to distribute the key material in the rekey message to guard against insider attacks. Our experiments show that the XORBP LKH approach substantially reduces a rekeying computation effort by more than 90%. Third, we propose two novel LKH batch rekeying protocols . The first protocol maintains a balanced LKH (B+-LKH) while the other maintains an unbalanced LKH (S-LKH). If a group experiences frequent leaves, keys are deleted form the LKH and maintaining a balanced LKH becomes crucial to the rekeying\u27s process performance. In our experiments, the use of a B+-LKH by a GKM, compared to a S-LKH, is shown to substantially reduce the number of LKH nodes (i.e., storage), and the number of regenerated keys per a rekeying by more than 50%. Moreover, the B +-LKH performance is shown to be bounded with increased group dynamics. Fourth, we introduce a generalized rekey policy that can be used to provide periodic rekeying as well as other versatile rekeying conditions. Fifth, to support distributed group key management, we identify four distributed group-rekeying protocols between a set of peer rekey agents. Finally, we discuss a group member and a GKM\u27s recovery after a short failure time

A practical key management and distribution system for IPTV conditional access

Conditional Access (CA) is widely used by pay-television operators to restrict access to content to authorised subscribers. Commercial CA solutions are available for structured broadcast and Internet Protocol Television (IPTV) environments, as well as Internet-based video-on-demand services, however these solutions are mostly proprietary, often inefficient for use on IP networks, and frequently depend on smartcards for maintaining security. An efficient, exible, and open conditional access system that can be implemented practically by operators with large numbers of subscribers would be beneficial to those operators and Set-Top-Box manufacturers in terms of cost savings for royalties and production costs. Furthermore, organisations such as the South African Broadcasting Corporation that are transitioning to Digital-Terrestrial-Television could use an open Conditional Access System (CAS) to restrict content to viewing within national borders and to ensure that only valid TV licence holders are able to access content. To this end, a system was developed that draws from the area of group key management. Users are grouped according to their subscription selections and these groups are authorised for each selection's constituent services. Group keys are updated with a key-tree based approach that includes a novel method for growing full trees that outperforms the standard method. The relations that are created between key trees are used to establish a hierarchy of keys which allows exible selection of services whilst maintaining their cryptographic protection. Conditions for security without dependence on smartcards are defined, and the system is expandable to multi-home viewing scenarios. A prototype implementation was used to assess the proposed system. Total memory consumption of the key-server, bandwidth usage for transmission of key updates, and client processing and storage of keys were all demonstrated to be highly scalable with number of subscribers and number of services

A key Management Scheme for Access Control to GNSS Services

Conditional access is a challenging problem in GNSS scenarios. Most key management schemes present in literature can not cope with all GNSS related issues, such as extremely low bandwidth, stateless receivers and the absence of an aiding channel. After assessing existing techniques, a novel key management scheme called RevHash has been devised with particular emphasis on guaranteeing revocation capabilities to the system, in order for it to be robust against anomalies and attacks

Securing Multi-Layer Communications: A Signal Processing Approach

Security is becoming a major concern in this information era. The development in wireless communications, networking technology, personal computing devices, and software engineering has led to numerous emerging applications whose security requirements are beyond the framework of conventional cryptography. The primary motivation of this dissertation research is to develop new approaches to the security problems in secure communication systems, without unduly increasing the complexity and cost of the entire system. Signal processing techniques have been widely applied in communication systems. In this dissertation, we investigate the potential, the mechanism, and the performance of incorporating signal processing techniques into various layers along the chain of secure information processing. For example, for application-layer data confidentiality, we have proposed atomic encryption operations for multimedia data that can preserve standard compliance and are friendly to communications and delegate processing. For multimedia authentication, we have discovered the potential key disclosure problem for popular image hashing schemes, and proposed mitigation solutions. In physical-layer wireless communications, we have discovered the threat of signal garbling attack from compromised relay nodes in the emerging cooperative communication paradigm, and proposed a countermeasure to trace and pinpoint the adversarial relay. For the design and deployment of secure sensor communications, we have proposed two sensor location adjustment algorithms for mobility-assisted sensor deployment that can jointly optimize sensing coverage and secure communication connectivity. Furthermore, for general scenarios of group key management, we have proposed a time-efficient key management scheme that can improve the scalability of contributory key management from O(log n) to O(log(log n)) using scheduling and optimization techniques. This dissertation demonstrates that signal processing techniques, along with optimization, scheduling, and beneficial techniques from other related fields of study, can be successfully integrated into security solutions in practical communication systems. The fusion of different technical disciplines can take place at every layer of a secure communication system to strengthen communication security and improve performance-security tradeoff

Low-cost group rekeying for unattended wireless sensor networks

Wireless sensor networks (WSNs) are made up of large groups of nodes that perform distributed monitoring services. Since sensor measurements are often sensitive data acquired in hostile environments, securing WSN becomes mandatory. However, WSNs consists of low-end devices and frequently preclude the presence of a centralized security manager. Therefore, achieving security is even more challenging. State-of-the-art proposals rely on: (1) attended and centralized security systems; or (2) establishing initial keys without taking into account how to efficiently manage rekeying. In this paper we present a scalable group key management proposal for unattended WSNs that is designed to reduce the rekeying cost when the group membership changes.Peer ReviewedPostprint (published version

Smart Wireless Sensor Networks

The recent development of communication and sensor technology results in the growth of a new attractive and challenging area - wireless sensor networks (WSNs). A wireless sensor network which consists of a large number of sensor nodes is deployed in environmental fields to serve various applications. Facilitated with the ability of wireless communication and intelligent computation, these nodes become smart sensors which do not only perceive ambient physical parameters but also be able to process information, cooperate with each other and self-organize into the network. These new features assist the sensor nodes as well as the network to operate more efficiently in terms of both data acquisition and energy consumption. Special purposes of the applications require design and operation of WSNs different from conventional networks such as the internet. The network design must take into account of the objectives of specific applications. The nature of deployed environment must be considered. The limited of sensor nodes� resources such as memory, computational ability, communication bandwidth and energy source are the challenges in network design. A smart wireless sensor network must be able to deal with these constraints as well as to guarantee the connectivity, coverage, reliability and security of network's operation for a maximized lifetime. This book discusses various aspects of designing such smart wireless sensor networks. Main topics includes: design methodologies, network protocols and algorithms, quality of service management, coverage optimization, time synchronization and security techniques for sensor networks

Security in Distributed, Grid, Mobile, and Pervasive Computing

This book addresses the increasing demand to guarantee privacy, integrity, and availability of resources in networks and distributed systems. It first reviews security issues and challenges in content distribution networks, describes key agreement protocols based on the Diffie-Hellman key exchange and key management protocols for complex distributed systems like the Internet, and discusses securing design patterns for distributed systems. The next section focuses on security in mobile computing and wireless networks. After a section on grid computing security, the book presents an overview of security solutions for pervasive healthcare systems and surveys wireless sensor network security