Group key management based on semigroup actions

In this work we provide a suite of protocols for group key management based on general semigroup actions. Construction of the key is made in a distributed and collaborative way. Examples are provided that may in some cases enhance the security level and communication overheads of previous existing protocols. Security against passive attacks is considered and depends on the hardness of the semigroup action problem in any particular scenario.Comment: accepted for publication in Journal of algebra and its application

Distributed Key Management for Secure Role Based Messaging

Secure Role Based Messaging (SRBM) augments messaging systems with role oriented communication in a secure manner. Role occupants can sign and decrypt messages on behalf of roles. This paper identifies the requirements of SRBM and recognises the need for: distributed key shares, fast membership revocation, mandatory security controls and detection of identity spoofing. A shared RSA scheme is constructed. RSA keys are shared and distributed to role occupants and role gate keepers. Role occupants and role gate keepers must cooperate together to use the key shares to sign and decrypt the messages. Role occupant signatures can be verified by an audit service. A SRBM system architecture is developed to show the security related performance of the proposed scheme, which also demonstrates the implementation of fast membership revocation, mandatory security control and prevention of spoofing. It is shown that the proposed scheme has successfully coupled distributed security with mandatory security controls to realize secure role based messaging

Key management practices to reduce the risk of the occurrence of Rumex obtusifolius in productive grasslands

Rumex obtusifolius (broad-leaved dock) is a problematic weed that reduces yield and nutritional value of forage in grasslands of temperate regions worldwide. We conducted an on-farm study to identify management practices and environmental factors that influence the risk of the occurrence of R. obtusifolius in high densities in permanent, productive grasslands used for forage production. Following a common protocol, a paired case–control design was implemented in Switzerland (CH), Slovenia (SI), and United Kingdom (UK) to compare parcels with high densities of R. obtusifolius (cases, ≥1 plant m−2) with nearby parcels free of or with very low densities of the species (controls, ≤4 plants 100 m−2). A total of 40, 20, and 18 pairs were recorded in CH, SI, and UK respectively. Parameters measured included data about management practices and history, vegetation cover and composition, and soil nutrients and texture. Across countries, increased vegetation cover reduced the relative risk of R. obtusifolius occurrence. By contrast, increased soil phosphorus and potassium and high soil bulk density raised the relative risk. These effects were consistent across countries, as no interactions between country and any of the factors were observed. The two indicator species for case parcels, Plantago major and Poa annua, were typical species of disturbed areas and fertile soils, while indicators for control parcels were characteristic of grasslands under medium to high management intensity (e.g., Festuca rubra, Cynosorus cristatus, Anthoxantum odoratum). We conclude that the risk for grassland infestation with R. obtusifolius can be significantly affected by management practices. Prevention measures should target phosphorus and potassium fertilisation to the forage plants' requirements, minimise soil compaction, and maintain dense swards

Key Management Building Blocks for Wireless Sensor Networks

Cryptography is the means to ensure data confidentiality, integrity and authentication in wireless sensor networks (WSNs). To use cryptography effectively however, the cryptographic keys need to be managed properly. First of all, the necessary keys need to be distributed to the nodes before the nodes are deployed in the field, in such a way that any two or more nodes that need to communicate securely can establish a session key. Then, the session keys need to be refreshed from time to time to prevent birthday attacks. Finally, in case any of the nodes is found to be compromised, the key ring of the compromised node needs to be revoked and some or all of the compromised keys might need to be replaced. These processes, together with the policies and techniques needed to support them, are called key management. The facts that WSNs (1) are generally not tamper-resistant; (2) operate unattended; (3) communicate in an open medium; (4) have no fixed infrastructure and pre-configured topology; (5) have severe hardware and resource constraints, present unique challenges to key management. In this article, we explore techniques for meeting these challenges. What distinguishes our approach from a routine literature survey is that, instead of comparing various known schemes, we set out to identify the basic cryptographic principles, or building blocks that will allow practitioners to set up their own key management framework using these building blocks

An Identity Based Key Management Scheme in Wireless Sensor Networks

Pairwise key establishment is one of the fundamental security services in sensor networks which enables sensor nodes in a sensor network to communicate securely with each other using cryptographic techniques. It is not feasible to apply traditional public key management techniques in resource-constrained sensor nodes, and also because the sensor nodes are vulnerable to physical capture. In this paper, we introduce a new scheme called the identity based key pre-distribution using a pseudo random function (IBPRF), which has better trade-off between communication overhead, network connectivity and resilience against node capture compared to the other key pre-distribution schemes. Our scheme can be easily adapted in mobile sensor networks. This scheme supports the addition of new sensor nodes after the initial deployment and also works for any deployment topology. In addition, we propose an improved version of our scheme to support large sensor networks.Comment: 7 pages, Published in Proceedings of 4th Asian International Mobile Computing Conference (AMOC 2006), Kolkata, India, pp. 70-76, January 4-7, 200