Decision Tree Based Key Management for Secure Group Communication

Group communication is widely used by most of the emerging network applications like telecommunication,video conferencing,simulation applications,distributed and other interactive systems.Secured group communication plays a vital role in case of providing the integrity,authenticity,confidentiality,and availability of the message delivered among the group members with respect to communicate securely between the inter group or else within the group.In secure group communications,the time cost associated with the key updating in the proceedings of the member join and departure is an important aspect of the quality of service,particularly in the large groups with highly active membership.Hence,the paper is aimed to achieve better cost and time efficiency through an improved DC multicast routing protocol which is used to expose the path between the nodes participating in the group communication.During this process,each node constructs an adaptive Ptolemy decision tree for the purpose of generating the contributory key.Each of the node is comprised of three keys which will be exchanged between the nodes for considering the group key for the purpose of secure and cost-efficient group communication.The rekeying process is performed when a member leaves or adds into the group.The performance metrics of novel approach is measured depending on the important factors such as computational and communicational cost,rekeying process and formation of the group.It is concluded from the study that the technique has reduced the computational and communicational cost of the secure group communication when compared to the other existing methods.

Integrating IPsec within OpenFlow Architecture for Secure Group Communication

Network security protocols such as IPsec have been used for many years to ensure robust end-to-end communication and are important in the context of SDN. Despite the widespread installation of IPsec to date, per-packet protection offered by the protocol is not very compatible with OpenFlow and tlow-like behavior. OpenFlow architecture cannot aggregate IPsee-ESP flows in transport mode or tunnel mode because layer-3 information is encrypted and therefore unreadable. In this paper, we propose using the Security Parameter Index （SPI） of IPsec within the OpenFlow architecture to identify and direct IPsec flows. This enables IPsec to conform to the packet-based behavior of OpenFlow architecture. In addition, by distinguishing between IPsec flows, the architecture is particularly suited to secure group communication.

A new group key management scheme based on keys tree, XOR operation and one-way function

By introducing XOR operation and one-way function chains to group key management schemes based on the keys tree, a new group key management scheme based on the keys tree, XOR operation and one-way function chains is proposed. Initialization, member adding and member evicting operations are introduced. The new scheme is compared with three other group key management schemes which are based on the keys tree： SKDC, LKH, and OFF. As far as transmission, computation and storage costs are concerned, the performance of the new group key management scheme is the best. The security problem of the new scheme is analyzed. This new scheme provides backward and forward security, i.e.. newly admitted group members cannot read previous multicast messages and evicted members cannot read future multicast messages, even with collusion by many arbitrarily evicted members.

HUFFMAN-BASED GROUP KEY ESTABLISHMENT SCHEME WITH LOCATION-AWARE

Time efficiency of key establishment and update is one of the major problems contributory key managements strive to address.To achieve better time efficiency in key establishment,we propose a Location-based Huffman(L-Huffman) scheme.First,users are separated into several small groups to minimize communication cost when they are distributed over large networks.Second,both user's computation difference and message transmission delay are taken into consideration when Huffman coding is employed to forming the optimal key tree.Third,the combined weights in Huffman tree are located in a higher place of the key tree to reduce the variance of the average key generation time and minimize the longest key generation time.Simulations demonstrate that L-Huffman has much better performance in wide area networks and is a little better in local area network than Huffman scheme.

A three-level authenticated conference key establishment protocol for UMTS networks

A conference key establishment protocol allows a group of conferees to agree on a secret key shared among them for secure group communication.This paper proposes a three-level conference key establishment protocol based on the Universal Mobile Telecommunications System (UMTS) framework to establish a group-level key,home location register (HLR) level keys,and visitor location register (VLR) level keys simultaneously for a group of conferees.The group-level key is used to secure the communications for all conferees,the HLR-level key is for those within the same HLR domain,and the VLR-level key is for those within the same VLR domain.The group-level key can be used for securing inter-domain group-oriented applications such as commercial remote conferencing systems.The HLRand VLR-level keys can be used for securing intra-domain subgroup applications (e.g.,location-based or context-aware services) and dynamic key updating.Since our proposed protocol exploits existing UMTS security functions and the exclusive-or operation,it is compatible with UMTS architecture.This means that it is fast and easy to implement on the existing UMTS architecture.Furthermore,the proposed protocol has low computational complexities and can provide cost effectiveness,load-amortization,scalability,user authentication,key establishment,key confirmation,key updating,and lawful interception.