Blockchain-Based Key Management Scheme Using Rational Secret Sharing

Traditional blockchain key management schemes store private keys in the same location,which can easily lead to security issues such as a single point of failure.Therefore,decentralized threshold key management schemes have become a research focus for blockchain private key protection.The security of private keys for blockchain user wallet is highly related to user identity authentication and digital asset security.The threshold blockchain private key management schemes based on verifiable secret sharing have made some progress,but these schemes do not consider participants’self-interested behavior,and require trusted nodes to keep private key fragments,resulting in a narrow application scope and low deployment efficiency,which cannot meet the needs of personal wallet private key escrow and recovery in public blockchains.We design a private key management scheme based on rational secret sharing that considers the self-interest of participants in secret sharing protocols,and constrains the behavior of rational participants through reasonable mechanism design,making it more suitable in distributed scenarios such as the public blockchain.The proposed scheme achieves the escrow and recovery of personal wallet private keys without the participation of trusted nodes,and simulate its implementation on smart contracts.Compared to other existing threshold wallet solutions and keymanagement schemes based on password-protected secret sharing(PPSS),the proposed scheme has a wide range of applications,verifiable private key recovery,low communication overhead,higher computational efficiency when users perform one-time multi-key escrow,no need for trusted nodes,and personal rational constraints and anti-collusion attack capabilities.

A Key Management Scheme Using(p,q)-Lucas Polynomials in Wireless Sensor Network

Wireless Sensor Network(WSN)has witnessed an unpredictable growth for the last few decades.It has many applications in various critical sectors such as real-time monitoring of nuclear power plant,disaster management,environment,military area etc.However,due to the distributed and remote deployment of sensor nodes in such networks,they are highly vulnerable to different security threats.The sensor network always needs a proficient key management scheme to secure data because of resourceconstrained nodes.Existing polynomial based key management schemes are simple,but the computational complexity is a big issue.Lucas polynomials,Fibonacci polynomials,Chebychev polynomials are used in Engineering,Physics,Combinatory and Numerical analysis etc.In this paper,we propose a key management scheme using(p,q)-Lucas polynomial to improve the security of WSN.In(p,q)-Lucas polynomial,p represents a random base number while q represents a substitute value of x in the polynomial.The value of p is unique,and q is different according to communication between nodes.Analysis of the proposed method on several parameters such as computational overhead,efficiency and storage cost have been performed and compared with existing related schemes.The analysis demonstrates that the proposed(p,q)-Lucas polynomial based key management scheme outperforms over other polynomials in terms of the number of keys used and efficiency.

Self-Organized Public-Key Management for Mobile Ad Hoc Networks Based on a Bidirectional Trust Model

In traditional networks , the authentication is performed by certificate authoritys（CA）,which can＇t be built in distributed mobile Ad Hoc Networks however. In this pa per, we propose a fully self-organized public key management based on bidirectional trust model without any centralized authority that allows users to generate their public-private key pairs, to issue certificates, and the trust relation spreads rationally according to the truly human relations. In contrast with the traditional self-organized public-key management, the average certificates paths get more short, the authentication passing rate gets more high and the most important is that the bidirectional trust based model satisfys the trust re quirement of hosts better.

A Secure Key Management Scheme for Heterogeneous Secure Vehicular Communication Systems

Intelligent transportation system （ITS） is proposed as the most effective way to improve road safety and traffic efficiency. However, the future of ITS for large scale transportation infrastructures deployment highly depends on the security level of vehicular communication systems （VCS）. Security applications in VCS are fulfilled through secured group broadcast. Therefore, secure key management schemes are considered as a critical research topic for network security. In this paper, we propose a framework for providing secure key management within heterogeneous network. The seeurity managers （SMs） play a key role in the framework by retrieving the vehicle departnre infi^rmation, encapsulating block to transport keys and then executing rekeying to vehicles within the same security domain. The first part of this framework is a novel Group Key Management （GKM） scheme basing on leaving probability （LP） of vehicles to depart current VCS region. Vehicle＇s LP factor is introduced into GKM scheme to achieve a more effieient rekeying scheme and less rekeying costs. The second component of the framework using the blockchain concept to simplify the distributed key management in heterogeneous VCS domains. Extensive simulations and analysis are provided to show the effectiveness and effieiency of the proposed framework： Our GKM results demonstrate that probability-based BR reduees rekeying eost compared to the benchmark scheme, while the blockchain deereases the time eost of key transmission over heterogeneous net-works.

Complex Threshold Key Management for Ad Hoc Network

A complex threshold key management framework has been proposed, which canaddress the challenges posed by the unique nature of Ad hoc network. Depending on the cooperation ofthe controller and participation nodes, this scheme should be efficient in the operationenvironmental alteration and toleianl faults of node, which take the advantages of the benefits ofboth key management approaches and alleviate their limitations. For the cooperation of thecontroller and participation nodes, a (t, n) threshold Elliptic curve sign-encryption scheme withthe specified receiver also has been proposed. Using this threshold sign-encryption scheme, the keymanagement distributes the trust between a controller and a set of participation nodes.

Key Management Using Chebyshev Polynomials for Mobile Ad Hoc Networks

A dedicated key server cannot be instituted to manage keys for MANETs since they are dynamic and unstable. The Lagrange's polynomial and curve fitting are being used to implement hierarchical key management for Mobile Ad hoc Networks(MANETs). The polynomial interpolation by Lagrange and curve fitting requires high computational efforts for higher order polynomials and moreover they are susceptible to Runge's phenomenon. The Chebyshev polynomials are secure, accurate, and stable and there is no limit to the degree of the polynomials. The distributed key management is a big challenge in these time varying networks. In this work, the Chebyshev polynomials are used to perform key management and tested in various conditions. The secret key shares generation, symmetric key construction and key distribution by using Chebyshev polynomials are the main elements of this projected work. The significance property of Chebyshev polynomials is its recursive nature. The mobile nodes usually have less computational power and less memory, the key management by using Chebyshev polynomials reduces the burden of mobile nodes to implement the overall system.

Review of Key Management Mechanisms in Wireless Sensor Networks

Recent advancements in wireless communication and microchip techniques have accelerated the development of wireless sensor networks (WSN). Key management in WSN is a critical and challenging problem because of the inner characteristics of sensor networks: deployed in hostile environments, limited resource and ad hoc nature. This paper investigates the constraints and special requirements of key management in sensor network environment, and some basic evaluation metrics are introduced. The key pre-distribution scheme is thought as the most suitable solution for key management problem in wireless sensor networks. It can be classified into four classes: pure probabilistic key pre-distribution, polynomial-based, Blom's matrix-based, and deterministic key pre-distribution schemes. In each class of methods, the related research papers are discussed based on the basic evaluation metrics. Finally, the possible research directions in key management are discussed.

An Efficient Key Management Protocol for Wireless Sensor Networks

Key management is a fundamental security service in wireless sensor networks. The communication security problems for these networks are exacerbated by the limited power and energy of the sensor devices. In this paper, we describe the design and implementation of an efficient key management scheme based on low energy adaptive clustering hierarchy（LEACH） for wireless sensor networks. The design of the protocol is motivated by the observation that many sensor nodes in the network play different roles. The paper presents different keys are set to the sensors for meeting different transmitting messages and variable security requirements. Simulation results show that our key management protocol based-on LEACH can achieve better performance. The energy consumption overhead introduced is remarkably low compared with the original Kerberos schemes.

A MULTICAST KEY MANAGEMENT SCHEME BASED ON CHARACTERISTIC VALUES OF MEMBERS

A new collusion attack on Pour-like schemes is proposed in this paper. Then, we present a collusion-free centralized multicast key management scheme based on characteristic values of members. The re-keying method that other group members calculate new keys when a member is joining or leaving is also designed. It achieves forward secrecy and backward secrecy. Compared with typical existing centralized schemes, the storage of Group Key Controller (GKC) in our scheme halves the storage overhead of others, and communication overhead of GKC is 2 in case of joining re-keying. Especially, the leaving re-keying overhead is and the overall performance is excellent.

Lightweight Key Management Scheme Using Fuzzy Extractor for Wireless Mobile Sensor Network

The mature design of wireless mobile sensor network makes it to be used in vast verities of applications including from home used to the security surveillance.All such types of applications based on wireless mobile sensor network are generally using real time data,most of them are interested in real time communication directly from cluster head of cluster instead of a base station in cluster network.This would be possible if an external user allows to directly access real time data from the cluster head in cluster wireless mobile sensor network instead of accessing data from base station.But this leads to a serious security breach and degrades the performance of any security protocol available in this domain.Most existing schemes for authentication and cluster key management for external users,exchange a number of messages between cluster head and base station to allow external to access real time data from the base station instead of cluster head.This increase communication cost and delay in such real time access information.To handle this critical issue in cluster wireless mobile sensor network,we propose a lightweight authentication and key management scheme using a fuzzy extractor.In this scheme,any external user can access data directly from the cluster head of any cluster without the involvement of the base station.The proposed scheme only uses the one-way hash functions and bitwise XOR operations,apart from the fuzzy extractor method for the user biometric verification at the login phase.The presented scheme supports scalability for an increasing number of nodes using polynomials.The proposed scheme increases the life-time of the network by decreasing the key pool size.

Key Management Protocol of the IEEE 802.16e

IEEE 802.16e, as an amendment and corrigendum to the IEEE 802.16-2004, published on 28 February 2006, and intended to update and expand IEEE 802.16-2004 to allow for mobile subscriber stations. This paper summarizes the key management protocol belonging to security part of the IEEE 802.16e, which includes security negotiation, authorization, key derivation, handshake, and key transportation. While these building blocks are well designed, we point out some unwelcome features for these building blocks. We also give out suggestions to diminish the proposed problems.

A Secure and Efficient Handover Authentication and Key Management Protocol for 5G Networks

As a major component of thefifth-generation(5G)wireless networks,network densification greatly increases the network capacity by adding more cell sites into the network.However,the densified network increases the handover frequency of fast-moving mobile users,like vehicles.Thus,seamless handover with security provision is highly desirable in 5G networks.The third generation partnership project(3GPP)has been working on standardization of the handover procedure in 5G networks to meet the stringent efficiency and security requirement.However,the existing handover authentication process in 5G networks has securityflaws,i.e.vulnerable to replay and de-synchronization attacks,and cannot provide perfect forward secrecy.In this paper,we propose a secure and efficient handover authentication and key management protocol utilizing the Chinese remainder theory.The proposed scheme preserves the majority part of the original 5G system architecture defined by 3GPP,thus can be easily implemented in practice.Formal security analysis based on BAN-logic shows that the proposed scheme achieves secure mutual authentication and can remedy some security flaws in original 5G handover process.Performance analysis shows that the proposed protocol has lower communication overhead and computation overhead compared with other handover authentication schemes.

Efficient User Authentication and Key Management for Peer-to-Peer Live Streaming Systems

Recent development of the peer-to-peer （P2P） live streaming technique has brought unprecedented new momentum to the Internet with the characters of effective, scalable, and low cost. However, before these applications can be successfully deployed as commercial applications, efficient access control mechanisms are needed. This work based on earlier research of the secure streaming architecture in Trust- Stream, analyzes how to ensure that only authorized users can access the original media in the P2P live streaming system by adopting a user authentication and key management scheme. The major features of this system include （1） the management server issues each authorized user a unique public key certificate, （2） the one-way hash chain extends the certificate＇s lifetime, （3） the original media is encrypted by the session key and delivered to the communication group, and （4） the session key is periodically updated and distributed with the media. Finally, analyses and test results show that scheme provides a secure, scalable, reliable, and efficient access control solution for P2P live streaming systems.

Key Management for Outsourced Data Security

This paper analyzes the efficiency and security of bi- linear-map-based schemes and brings about an AAA based publicly auditable scheme for cloud computing, which is much more efficient. In this scheme, a trust model including four entities is designed to provide both integrity and confidentiality protection. The proposed scheme can be proved to achieve the security goals that no cheating cloud server can pass the auditing without storing users＇ data intact. The efficiency of the proposal is evaluated by analyzing the fulfillment of the design goals, including the computation cost, communication cost and storage cost of our scheme. This light weight publicly auditable Proof-of-storage scheme achieves security goals perfectly, and has an excellent efficiency performance superior to the current bilinear-map-based publicly auditable Proof-of-storage scheme.

Comprehensive evaluation of key management hierarchies for outsourced data

Key management is an essential component of a cryptographic access control system with a large number of resources.It manages the secret keys assigned to the system entities in such a way that only authorized users can access a resource.Read access control allows read access of a resource by the authorized users and disallows others.An important objective of a key management is to reduce the secret key storage with each authorized user.To this end,there exist two prominent types of key management hierarchy with single key storage per user used for read access control in data outsourcing scenario:user-based and resource-based.In this work,we analyze the two types of hierarchy with respect to static hierarchy characteristics and dynamic operations such as adding or revoking user authorization.Our analysis shows that the resource-based hierarchies can be a better candidate which is not given equal emphasis in the literature.A new heuristic for minimizing the key management hierarchy is introduced that makes it practical in use even for a large number of users and resources.The performance evaluation of dynamic operations such as adding or revoking a user’s read subscription is shown experimentally to support our analytical results.

Comprehensive evaluation of key management hierarchies for outsourced data

Key management is an essential component of a cryptographic access control system with a large number of resources.It manages the secret keys assigned to the system entities in such a way that only authorized users can access a resource.Read access control allows read access of a resource by the authorized users and disallows others.An important objective of a key management is to reduce the secret key storage with each authorized user.To this end,there exist two prominent types of key management hierarchy with single key storage per user used for read access control in data outsourcing scenario:user-based and resource-based.In this work,we analyze the two types of hierarchy with respect to static hierarchy characteristics and dynamic operations such as adding or revoking user authorization.Our analysis shows that the resource-based hierarchies can be a better candidate which is not given equal emphasis in the literature.A new heuristic for minimizing the key management hierarchy is introduced that makes it practical in use even for a large number of users and resources.The performance evaluation of dynamic operations such as adding or revoking a user’s read subscription is shown experimentally to support our analytical results.

Triangle-based key management scheme for wireless sensor networks

For security services in wireless sensor networks,key management is a fundamental building block.In this article,we propose a triangle-based key predistribution approach and show that it can improve the effectiveness of key management in wireless sensor networks.This is achieved by using the bivariate polynomial in a triangle deployment system based on deployment information about expected locations of the sensor nodes.The analysis indicates that this scheme can achieve higher probability of both direct key establishment and indirect key establishment.On the other hand,the security analysis shows that its security against node capture would increase with a decrease of the sensor node deployment density and size of the deployment model and an increase of the polynomial degree.

The Mechanism about Key and Credential on Trusted Computing Platform and the Application Study

Trusted Computing technology is quickly developing in recent years. This technology manages to improve the computer security and archive a trusted computing environment. The core of trusted computing technology is cryptology. In this paper, we analyze the key and credential mechanism which is two basic aspects in the cryptology application of trusted computing. We give an example application to illustrate that the TPM enabled key and credential mechanism can improve the security of computer system.

Performance study on Gossip-based group key distribution protocal

Group key distribution is faced with two important problems, i.e. reliability and scalability, to support security multicast for large and dynamic groups. With group member increasing, traditional reliable multicast protocol can not deal with them fully. Gossip-based group key distribution idea for wide-area dissemination was provided. It is based on an gossip-based loss recovery control mechanism. It can provide a probabilistic reliable guarantee for a information dissemination to reach every group member, which can achieve scalability and reliability. To achieve full reliability, three layers protocol model in group key distribution was provided. One is best effect layer, which provides unreliable dissemination. Other is gossip-based loss recovery layer, which provides probabilistic reliable guarantee. Last is vsync-based layer, which provide deterministic loss recovery. We integrate probabilistic loss recovery method with deterministic one. The model possess scalability that probabilistic method has and full reliability prosthesis by vsync-based. To evaluate the effectiveness of gossip technique in scalable and reliable multicast protocols. We have compared gossip protocol with other reliable multicast protocols. Experimental result shows that gossip protocol has better scalability than other.

Distribution of Random Session Key Based on Key-Insulated Public-Key Cryptosystems

Based on the characteristic of key-insulated public-key cryptosystem, wepropose a distributed landora session keys distribution protocol without a key distribution center.The session key is generated by different user and only used one time. So thekey is one-time key. Inaddition, the user who generates the next one-time key, is random selected by the current sessionkey. In the protocol of this paper, the characteristic of time in the key-insulated public-key, adistributed protocol, translates into the characteristic of spaee which every point has differentsecret key in the different period. At the same time, the system is fit for key management in AdHoe, and is a new scheme of key management in Ad Hoc.