tree based scalable secure group communication
TRANSCRIPT
-
8/10/2019 Tree Based Scalable Secure Group Communication
1/4
Bonfring International Journal of Research in Communication Engineering, Vol. 1, Special Issue, December 2011 1
ISSN 2250110X | 2011 Bonfring
Abstract--- In order to establish a group communication,
a common key must be available with all the members of the
group. The group key can be used for encrypting databetween the group members or restricting access to the
resources intended for group members only. Each member in
a group has a unique key referred as member key, used for
decrypting data in a group. The group key is distributed by
group key server, which changes the group key time to time
called as group rekeying. It is mandatory that the group key
changes after a new user has joined and an existing user
departed periodically. The existing system analyse the
Bursty behaviour and operation. Burstiness is an important
behavior in Secure Group Communication (SGC).
Performing bursty operation, which may accumulate the
simultaneous leave and join as a single operation, thus
reduces the frequency of key distribution and reduces time
complexity. But in the existing system the aggregate
operation will occur only in rare condition so it may not
perform the key reduction in all cases as well as it perform
less scalability and security. To achieve better scalability,
security and key reduction a new group key management
protocol based on the Chinese Remainder Theorem and a
hierarchical tree is proposed, in which each node contains a
key and a modulus. The Keys and modulus are constructed as
a tree and maintained by the key server. The key server
shares the keys with each member on the path from its leaf to
the root. The keys on its path from the leaf to the root need to
be updated in the protocol, when a member joins or leavesthe group but all modulus must be kept fixed. To update the
keys on the tree, the key server generates a new key for each
update node and encrypts it with its children keys on its path
from the leaf to the root. Thus the new scalable protocol
increases the security, scalability issues when the group size
goes up to millions of members and reduces the key.
Keywords--- Re-Keying, Scalability, Group key
Management.
I.INTRODUCTION
HE advances in communication and networkingtechnologies have paved ways for people to share and
disseminate information. Along with the growing exchange
of information, the security of communications has drawn
increasing attention. An important aspect of communication
M. Rameeya, Assistant Professor, Department of Computer Science and
Engineering, Mepco Schlenk College of Engineering. E-mail:
S. Oswalt Manoj, Assistant Professor, Department of Computer Science
and Engineering, Sri Ramakrishna Institute of Technology. E-mail:
security is content confidentiality. Secure group
communication (SGC) is becoming more popular in the
Internet. Examples of such applications include videoconferencing, interactive group games, TV over internet, e-
learning, and public stock quote broadcasting. As an
important and mandatory building block for multicast
applications, multicast security has been extensively
researched in the past decades for protecting multicast
communications. The research on multicast security addresses
authentication, confidentiality, and access control, among
other areas, where group key management is a key
component. Even though Internet multicast capability
provides an efficient way for secure group communication
applications, the security of multicast applications is
guaranteed by cryptographic techniques. The most important
feature of SGC is group dynamics by which we mean that
members can join and/or leave a group at any time. To
achieve confidentiality in group communications, a key
known to all group members is used to encrypt the
communication content. This key is usually referred to as the
group key. In a group with dynamic membership, the group
key needs to be updated upon each users join to prevent the
new user from accessing the past communications. Similarly,
upon each users departure, the group key needs to be updated
to prevent the leaving user from accessing the future
communications. Thus group members need to agree upon
the same key management protocol for key establishment and
update.The biggest challenge caused by group dynamics is that
when member(s) join or leave a group, the group key(s) must
be changed in an efficient and scalable way to prevent the
joining/leaving member from decrypting the previous/future
messages.
In existing burstiness is an important behavior in SGC.
Performing bursty operation in one aggregate operation is
important for reduce the rekeying message. When the
frequency of membership changes is high, it becomes
necessary to reduce the cost of frequent key distributions. One
feasible way is to accumulate the joins and leaves for a certain
period of time, thus reducing the frequency of keydistributions. This can be considered as another kind of bursty
behavior. Performing a bursty operation in one aggregate
operation is important for reducing the number of rekeying
messages, reducing the frequency of key distributions. This
may maximizes key management efficiency in secure, but
relatively dynamic, group communication. This technique is
based on logical key hierarchy. The aggregation of key
updates can reduce the cost of key distribution operations.
However, they are still vulnerable to scalability issues when
the group size goes up to millions of members and the re-key
Tree Based Scalable Secure Group CommunicationM. Rameeya and S. Oswalt
T
-
8/10/2019 Tree Based Scalable Secure Group Communication
2/4
Bonfring International Journal of Research in Communication Engineering, Vol. 1, Special Issue, December 2011 2
ISSN 2250110X | 2011 Bonfring
messages require strong security protection such as signature.
Figure 1: A Tree with Nodes Containing Key and
Modulus.
In this paper, we propose a new group key based on the
Chinese Remainder Theorem and a hierarchical tree graph in
which each node contains a key and a modulus. The protocol
is designed to minimize re-key messages, bandwidth usage,
encryption, and signature operations. In the new protocol, the
keys and moduli are constructed as a tree and maintained by
the key server. The tree graph is similar to the tree graph in
the logical key hierarchy protocol but each node of the tree in
the new protocol is assigned two values: a key and a modulus.
The key server shares the keys with each member on the path
from its leaf to the root. The keys on its path from the leaf to
the root need to be updated in the protocol when a member
joins or leaves the group but all moduli must be kept fixed.
II.
RELATED WORK
One feasible way is to accumulate the joins and leaves
(Chang et al., 1999) for a certain period of time, thus
reducing the frequency of key distributions. There has been
extensive research focusing on group dynamics in
SGC(Burmester & Desmedt, 1999), (Caronni et al., 1998),
(Ingemarsson et al., 1982),(Iolus, 1997), (Molva & Pannetrat,
1999), (Noubir, 1998).The Local Key Hierarchy(LKH)
protocol(wong et al, 2000) they reduce the re-key message.
However most of them place the emphasis on single join and
single leave, i.e., reducing the number of rekeying messages
when a member joins/leaves. A key tree scheme (Caronni et
al, 1998),(Noubir ,1998) processing multiple joins and leaves
in aggregation is possible and will reduce the number of
rekeying messages.The best time to join a group is when a
member leaves, as the new member just need to replace the
position previously occupied by the leaving member, and all
tha keys held by the latter are updated(zou et al,
2002).Rekeying operation, allowing member to share the
keys(wong et al,2000). key-tree key management protocol
(Caronni et al., 1998), (Noubir ,1998 ),(Wong et al., 1998)
for secure group communication to situations with bursty user
arrival and departure patterns, especially when multiple joins
and multiple leaves occur at the same time.
The typical
schemes for SGC with the emphasis on key tree scheme
(Caronni et al., 1998), (Noubir ,1998),(Wong et al., 1998) .
In other schemes (Burmester & Desmedt, 1995), (Dondeti,
1999),(Tang et al., 1982),(Steer et al, 1990),(Steiner et al.,
1996) the group key is generated by uniform contributions
from all group members. Based on the structural organization
of group members, most schemes do not split members
whereas some schemes (Dondeti et al., 1999),(Dondeti,
1999),(Mittra, 1997) divide group members into distinct
subgroups, resulting in two levels of key management and
increasing the scalability. To achieve confidentiality in group
communications, a key known to all group members is used
to encrypt the communication content (Judge & Ammar ,
2002),(Canetti et al., 1999).
III.
BURSTY BEHAVIOUR
A. Existing Schemes for Secure Group Communication
We summarize and classify secure group communication
schemes in this section. Based on the number of senders,
SGC applications can be divided into two categories:
broadcast communication, i.e., one-to-many communication
and conference communication, i.e., many-to-many
communication. Schemes are suitable for both kinds of
applications. Based on how the group key is formed, some
schemes require a Group Controller (GC) which generates
group key and distributes the key to group members. In other
schemes, the group key is generated by uniform contributions
from all group members. The bursty operation is based on the
tree based key management in which when the frequency of
membership changes is high, it become necessary to reduce
the cost of frequent key distributions. One feasible way is to
accumulate the join and leave for a certain period of time,
thus reducing the rekeying process.
Based on the structural organization of group members,
most schemes do not split members whereas some schemes
divide group members into distinct subgroups, resulting in
two levels of key management and increasing the scalability.
In the later case, the subgroup manager may be a member of
the group or not and may be trusted or not. Based on the kind
of security, the SGC schemes may be classified as
unconditionally secure or computationally secure.
The members of the group are placed at leaf nodes of
the tree. The nodes in the tree are assigned keys. The key at
the root is the traffic encryption key (TEK) Every member is
assigned the keys along the path from its leaf to the root. In
the new protocol, the keys and moduli are constructed as a
tree and maintained by the key server. The nodes in the
different level of the tree are assigned with the different
moduli but each a pair of siblings at the same tree depth are
assigned with the same two moduli under the different
-
8/10/2019 Tree Based Scalable Secure Group Communication
3/4
Bonfring International Journal of Research in Communication Engineering, Vol. 1, Special Issue, December 2011 3
ISSN 2250110X | 2011 Bonfring
parents.
The key server shares the keys with each member on the
path from its leaf to the root. The keys on its path from the
leaf to the root need to be updated in the protocol when a
member joins or leave the group but all moduli must be kept
fixed. To update the key, the key server generates a new key
and encrypts it with its children key on its path from the leaf
to the root.
IV.REKEYING STRATEGIES
A user who wants to join /leave a secure group sends a
join/ leave request to the key server, denoted by s. For a join
request from user u, we assume that group access control is
performed by server using an access control list provided by
the initiator of the secure group. A join request initiates an
authentication exchange between u and s. If user is not
authorized to join the group, server s sends a join-denied
reply to u. If the join request is granted, then a key is
distributed as a result of the authentication exchange by the
individual key ku of u. Key exchange between server s and
user u, and secure distribution of key kuto be shared by u and
s.
After each join or leave, a new secure group is formed.
Server s has to update the group's key graph by replacing the
keys of some existing k-nodes, deleting some k-nodes (in the
case of a leave), and adding some -nodes (in the case of a
join). It then securely sends rekey messages containing new
group/subgroup keys to users of the new secure group.
V.TREE BASED SCALABILITY OF SGC
Our new scalable group key management protocol is based
on the following: the Chinese Remainder Theorem and ahierarchical graph in which each node contains a key and a
modulus. The protocol is designed to minimize re-key
messages, bandwidth usage, encryption, and signature
operations. Chinese Remainder Theorem: Let m1, m2,
...mn be n positive integers where they are pairwise
relatively prime (i.e. gcd(mi,mj)=1 for ij , 1i, jn),
R1,R2, ...Rnbe any positive integers, and M=m1m2...mn.
Then the set of linear congruous equations XR1mod m1,
...XRnmod mnhave a unique solution as:
X= MyMRn
i
iii mod1
whereMi=M/mi and yi=M 1
i mod mi .
In the new protocol, the keys and moduli are constructed
as a tree and maintained by the key server. The tree graph is
similar to the tree graph in the LKH protocol but each node of
the tree in the new protocol is assigned two values: a key and
a modulus. Figure 1 depicts the key and modulus graph,
where TEK is a traffic encryption key, kijis a key encryption
key, and mijis a modulus.
A.
Moduli Maintenance
The key server needs to store 2log2n moduli and each
member needs to store log2n moduli but theydo not need to
keep the moduli secret. The sibling nodes in the tree graph
are assigned with two different moduli (i.e., mi1 and mi2
where i is the depth of the tree) and the nodes in the different
level of the tree are assigned with the different modulibut
each a pair of siblings at the same tree depth are assigned
with the same two moduli under the different parents .Thismeans there are only 2log2n different moduli in the tree
graph, i.e. mij(1ilog2n, j=1, 2) where i is the depth of the
node in the tree, and the nodes (except the root) on a path
from a leaf to the root and its direct children exactlycover all
moduli. In addition, all different moduli in the tree graph
should be pair wise relatively prime i.e., gcd(mij,mst)=1 and
each modulus should be bigger than thekey encryption value,
i.e mij>Eilk
(kst) where mij and kil belong to the same node
and kstbelongs to its parent node.
B.
Key Maintenance
The key server needs to store 2n-1 keys, and each member
needs to store log2n+1 keys. The key server shares the keys
with each member on the path from its leaf to the root. The
keys on its path from the leaf to the root need to be updated in
the protocol when a member joins or leaves the group but all
moduli must be kept fixed.
To update the keys on the tree graph, the key server
generates a new key for each update node and encrypts it with
its children keys on its path from the leaf to the root. For
instance, the key server needs to generate new keys {TEK,
kil} to update {TEK, kil} for the arrival of member to the
group.
The key server then calculates a lock L as follows and
multicasts the lock with the indices of keys to all valid
members.
L=1log
1
mod2 z
zt
sjsjst
n
s
MyMk
Where,
z=12/
2/
2
2
log
log
sn
sn
d
dif
snd 2log2/ is odd
,2
,1j if t 1 mod2, otherwise
M=2
1
log
1
,2
j
sj
n
s
m M ,/ sjsj mM y sjsjsj mM mod1
Each member decrypt the updated traffic encryption key
and related key encryption keys based on their own moduli
and keys.
-
8/10/2019 Tree Based Scalable Secure Group Communication
4/4