A Secure Key Management Scheme for Heterogeneous Secure Vehicular Communication Systems

Intelligent transportation system （ITS） is proposed as the most effective way to improve road safety and traffic efficiency. However, the future of ITS for large scale transportation infrastructures deployment highly depends on the security level of vehicular communication systems （VCS）. Security applications in VCS are fulfilled through secured group broadcast. Therefore, secure key management schemes are considered as a critical research topic for network security. In this paper, we propose a framework for providing secure key management within heterogeneous network. The seeurity managers （SMs） play a key role in the framework by retrieving the vehicle departnre infi^rmation, encapsulating block to transport keys and then executing rekeying to vehicles within the same security domain. The first part of this framework is a novel Group Key Management （GKM） scheme basing on leaving probability （LP） of vehicles to depart current VCS region. Vehicle＇s LP factor is introduced into GKM scheme to achieve a more effieient rekeying scheme and less rekeying costs. The second component of the framework using the blockchain concept to simplify the distributed key management in heterogeneous VCS domains. Extensive simulations and analysis are provided to show the effectiveness and effieiency of the proposed framework： Our GKM results demonstrate that probability-based BR reduees rekeying eost compared to the benchmark scheme, while the blockchain deereases the time eost of key transmission over heterogeneous net-works.

Self-Organized Public-Key Management for Mobile Ad Hoc Networks Based on a Bidirectional Trust Model

In traditional networks , the authentication is performed by certificate authoritys（CA）,which can＇t be built in distributed mobile Ad Hoc Networks however. In this pa per, we propose a fully self-organized public key management based on bidirectional trust model without any centralized authority that allows users to generate their public-private key pairs, to issue certificates, and the trust relation spreads rationally according to the truly human relations. In contrast with the traditional self-organized public-key management, the average certificates paths get more short, the authentication passing rate gets more high and the most important is that the bidirectional trust based model satisfys the trust re quirement of hosts better.

Key Management Using Chebyshev Polynomials for Mobile Ad Hoc Networks

A dedicated key server cannot be instituted to manage keys for MANETs since they are dynamic and unstable. The Lagrange's polynomial and curve fitting are being used to implement hierarchical key management for Mobile Ad hoc Networks(MANETs). The polynomial interpolation by Lagrange and curve fitting requires high computational efforts for higher order polynomials and moreover they are susceptible to Runge's phenomenon. The Chebyshev polynomials are secure, accurate, and stable and there is no limit to the degree of the polynomials. The distributed key management is a big challenge in these time varying networks. In this work, the Chebyshev polynomials are used to perform key management and tested in various conditions. The secret key shares generation, symmetric key construction and key distribution by using Chebyshev polynomials are the main elements of this projected work. The significance property of Chebyshev polynomials is its recursive nature. The mobile nodes usually have less computational power and less memory, the key management by using Chebyshev polynomials reduces the burden of mobile nodes to implement the overall system.

Complex Threshold Key Management for Ad Hoc Network

A complex threshold key management framework has been proposed, which canaddress the challenges posed by the unique nature of Ad hoc network. Depending on the cooperation ofthe controller and participation nodes, this scheme should be efficient in the operationenvironmental alteration and toleianl faults of node, which take the advantages of the benefits ofboth key management approaches and alleviate their limitations. For the cooperation of thecontroller and participation nodes, a (t, n) threshold Elliptic curve sign-encryption scheme withthe specified receiver also has been proposed. Using this threshold sign-encryption scheme, the keymanagement distributes the trust between a controller and a set of participation nodes.

Review of Key Management Mechanisms in Wireless Sensor Networks

Recent advancements in wireless communication and microchip techniques have accelerated the development of wireless sensor networks (WSN). Key management in WSN is a critical and challenging problem because of the inner characteristics of sensor networks: deployed in hostile environments, limited resource and ad hoc nature. This paper investigates the constraints and special requirements of key management in sensor network environment, and some basic evaluation metrics are introduced. The key pre-distribution scheme is thought as the most suitable solution for key management problem in wireless sensor networks. It can be classified into four classes: pure probabilistic key pre-distribution, polynomial-based, Blom's matrix-based, and deterministic key pre-distribution schemes. In each class of methods, the related research papers are discussed based on the basic evaluation metrics. Finally, the possible research directions in key management are discussed.

A MULTICAST KEY MANAGEMENT SCHEME BASED ON CHARACTERISTIC VALUES OF MEMBERS

A new collusion attack on Pour-like schemes is proposed in this paper. Then, we present a collusion-free centralized multicast key management scheme based on characteristic values of members. The re-keying method that other group members calculate new keys when a member is joining or leaving is also designed. It achieves forward secrecy and backward secrecy. Compared with typical existing centralized schemes, the storage of Group Key Controller (GKC) in our scheme halves the storage overhead of others, and communication overhead of GKC is 2 in case of joining re-keying. Especially, the leaving re-keying overhead is and the overall performance is excellent.

θ-improved limited tolerance relation model of incomplete information system for evaluation of water conservancy project management modernization

The modernization of water conservancy project management is a complicated engineering system involving a management system, a management method, management personnel, the exertion of social, economic, and ecological effects, and so on. However, indices for evaluating the modernization of water conservancy project management are usually unobtainable in practical applications. Conducting appropriate extension of the classical rough set theory and then applying it to an incomplete information system are the key to the application of the rough set theory Based on analysis of some extended rough set models in incomplete information systems, a rough set model based on the θ-improved limited tolerance relation is put forward. At the same time, upper approximation and lower approximation are defined under this improved relation. According to the evaluation index system and management practices, the threshold for θ is defined. An example study indicates the practicability and maneuverability of the model.

A Key Management Scheme Using(p,q)-Lucas Polynomials in Wireless Sensor Network

Wireless Sensor Network(WSN)has witnessed an unpredictable growth for the last few decades.It has many applications in various critical sectors such as real-time monitoring of nuclear power plant,disaster management,environment,military area etc.However,due to the distributed and remote deployment of sensor nodes in such networks,they are highly vulnerable to different security threats.The sensor network always needs a proficient key management scheme to secure data because of resourceconstrained nodes.Existing polynomial based key management schemes are simple,but the computational complexity is a big issue.Lucas polynomials,Fibonacci polynomials,Chebychev polynomials are used in Engineering,Physics,Combinatory and Numerical analysis etc.In this paper,we propose a key management scheme using(p,q)-Lucas polynomial to improve the security of WSN.In(p,q)-Lucas polynomial,p represents a random base number while q represents a substitute value of x in the polynomial.The value of p is unique,and q is different according to communication between nodes.Analysis of the proposed method on several parameters such as computational overhead,efficiency and storage cost have been performed and compared with existing related schemes.The analysis demonstrates that the proposed(p,q)-Lucas polynomial based key management scheme outperforms over other polynomials in terms of the number of keys used and efficiency.

Distribution of Random Session Key Based on Key-Insulated Public-Key Cryptosystems

Based on the characteristic of key-insulated public-key cryptosystem, wepropose a distributed landora session keys distribution protocol without a key distribution center.The session key is generated by different user and only used one time. So thekey is one-time key. Inaddition, the user who generates the next one-time key, is random selected by the current sessionkey. In the protocol of this paper, the characteristic of time in the key-insulated public-key, adistributed protocol, translates into the characteristic of spaee which every point has differentsecret key in the different period. At the same time, the system is fit for key management in AdHoe, and is a new scheme of key management in Ad Hoc.

Lightweight Key Management Scheme Using Fuzzy Extractor for Wireless Mobile Sensor Network

The mature design of wireless mobile sensor network makes it to be used in vast verities of applications including from home used to the security surveillance.All such types of applications based on wireless mobile sensor network are generally using real time data,most of them are interested in real time communication directly from cluster head of cluster instead of a base station in cluster network.This would be possible if an external user allows to directly access real time data from the cluster head in cluster wireless mobile sensor network instead of accessing data from base station.But this leads to a serious security breach and degrades the performance of any security protocol available in this domain.Most existing schemes for authentication and cluster key management for external users,exchange a number of messages between cluster head and base station to allow external to access real time data from the base station instead of cluster head.This increase communication cost and delay in such real time access information.To handle this critical issue in cluster wireless mobile sensor network,we propose a lightweight authentication and key management scheme using a fuzzy extractor.In this scheme,any external user can access data directly from the cluster head of any cluster without the involvement of the base station.The proposed scheme only uses the one-way hash functions and bitwise XOR operations,apart from the fuzzy extractor method for the user biometric verification at the login phase.The presented scheme supports scalability for an increasing number of nodes using polynomials.The proposed scheme increases the life-time of the network by decreasing the key pool size.

An Efficient Key Management Protocol for Wireless Sensor Networks

Key management is a fundamental security service in wireless sensor networks. The communication security problems for these networks are exacerbated by the limited power and energy of the sensor devices. In this paper, we describe the design and implementation of an efficient key management scheme based on low energy adaptive clustering hierarchy（LEACH） for wireless sensor networks. The design of the protocol is motivated by the observation that many sensor nodes in the network play different roles. The paper presents different keys are set to the sensors for meeting different transmitting messages and variable security requirements. Simulation results show that our key management protocol based-on LEACH can achieve better performance. The energy consumption overhead introduced is remarkably low compared with the original Kerberos schemes.

Key Management Protocol of the IEEE 802.16e

IEEE 802.16e, as an amendment and corrigendum to the IEEE 802.16-2004, published on 28 February 2006, and intended to update and expand IEEE 802.16-2004 to allow for mobile subscriber stations. This paper summarizes the key management protocol belonging to security part of the IEEE 802.16e, which includes security negotiation, authorization, key derivation, handshake, and key transportation. While these building blocks are well designed, we point out some unwelcome features for these building blocks. We also give out suggestions to diminish the proposed problems.

The Mechanism about Key and Credential on Trusted Computing Platform and the Application Study

Trusted Computing technology is quickly developing in recent years. This technology manages to improve the computer security and archive a trusted computing environment. The core of trusted computing technology is cryptology. In this paper, we analyze the key and credential mechanism which is two basic aspects in the cryptology application of trusted computing. We give an example application to illustrate that the TPM enabled key and credential mechanism can improve the security of computer system.

Blockchain-Based Key Management Scheme Using Rational Secret Sharing

Traditional blockchain key management schemes store private keys in the same location,which can easily lead to security issues such as a single point of failure.Therefore,decentralized threshold key management schemes have become a research focus for blockchain private key protection.The security of private keys for blockchain user wallet is highly related to user identity authentication and digital asset security.The threshold blockchain private key management schemes based on verifiable secret sharing have made some progress,but these schemes do not consider participants’self-interested behavior,and require trusted nodes to keep private key fragments,resulting in a narrow application scope and low deployment efficiency,which cannot meet the needs of personal wallet private key escrow and recovery in public blockchains.We design a private key management scheme based on rational secret sharing that considers the self-interest of participants in secret sharing protocols,and constrains the behavior of rational participants through reasonable mechanism design,making it more suitable in distributed scenarios such as the public blockchain.The proposed scheme achieves the escrow and recovery of personal wallet private keys without the participation of trusted nodes,and simulate its implementation on smart contracts.Compared to other existing threshold wallet solutions and keymanagement schemes based on password-protected secret sharing(PPSS),the proposed scheme has a wide range of applications,verifiable private key recovery,low communication overhead,higher computational efficiency when users perform one-time multi-key escrow,no need for trusted nodes,and personal rational constraints and anti-collusion attack capabilities.

Performance study on Gossip-based group key distribution protocal

Group key distribution is faced with two important problems, i.e. reliability and scalability, to support security multicast for large and dynamic groups. With group member increasing, traditional reliable multicast protocol can not deal with them fully. Gossip-based group key distribution idea for wide-area dissemination was provided. It is based on an gossip-based loss recovery control mechanism. It can provide a probabilistic reliable guarantee for a information dissemination to reach every group member, which can achieve scalability and reliability. To achieve full reliability, three layers protocol model in group key distribution was provided. One is best effect layer, which provides unreliable dissemination. Other is gossip-based loss recovery layer, which provides probabilistic reliable guarantee. Last is vsync-based layer, which provide deterministic loss recovery. We integrate probabilistic loss recovery method with deterministic one. The model possess scalability that probabilistic method has and full reliability prosthesis by vsync-based. To evaluate the effectiveness of gossip technique in scalable and reliable multicast protocols. We have compared gossip protocol with other reliable multicast protocols. Experimental result shows that gossip protocol has better scalability than other.

A Complex Encryption System Design Implemented by AES

With the rapid development of internet technology and the increasing popularity of e-commerce, data encryption technology plays a very important role in data security. Information security has two aspects: security protocol and cryptographic algorithm and the latter is the foundation and core technology of information security. Advanced Encryption Standard (AES) encryption algorithm is one of the most commonly used algorithms in symmetric encryption algorithms. Such algorithms face issues when used in the context of key management and security functions. This paper focuses on the systematic analysis of these issues and summarizes AES algorithm implementation, comprehensive application and algorithm comparison with other existing methods. To analyze the performance of the proposed algorithm and to make full use of the advantages of AES encryption algorithm, one needs to reduce round key and improve the key schedule, as well as organically integrate with RSA algorithm. Java language is used to implement the algorithm due to its large library, then to show the efficiency of the proposed method we compare different parameters, such as encryption/decryption speed, entropies and memory consumption...) with a classic algorithm. Based on the results of the comparison between AES and the hybrid AES algorithm, the proposed algorithm shows good performance and high security. It therefore can be used for key management and security functions, particularly for sharing sensitive files through insecure channel. This analysis provides a reference useful for selecting different encryption algorithms according to different business needs.

Hybrid Authentication Using Node Trustworthy to Detect Vulnerable Nodes

An ad-hoc sensor network(ASN)is a group of sensing nodes that transmit data over a wireless link to a target node,direct or indirect,through a series of nodes.ASN becomes a high-risk group for several security exploits due to the sensor node’s limited resources.Internal threats are more challenging to protect against than external attacks.The nodes are grouped,and calculate each node’s trust level.The trust level is the result of combining internal and external trust degrees.Cluster heads(CH)are chosen based on the anticipated trust levels.The communications are then digitally signed by the source,encoded using a key pair given by a trustworthy CH,decoded by the recipient,and supervised by verifications.It authenticates the technique by identifying the presence of both the transmitter and the recipient.Our approach looks for a trustworthy neighboring node that meets the trust threshold condition to authenticate the key produced.The companion node reaffirms the node’s reliability by getting the public-key certification.The seeking sensor node and the certification issuer node must have a close and trusting relationship.The results of the proposed hybrid authentication using a node trustworthy(HANT)system are modeled and tested,and the suggested approach outperforms conventional trust-based approaches in throughput,latency,lifetime,and vulnerability methods.

Smart Grid Communication Under Elliptic Curve Cryptography

Smart Grids(SGs)are introduced as a solution for standard power dis-tribution.The significant capabilities of smart grids help to monitor consumer behaviors and power systems.However,the delay-sensitive network faces numer-ous challenges in which security and privacy gain more attention.Threats to trans-mitted messages,control over smart grid information and user privacy are the major concerns in smart grid security.Providing secure communication between the service provider and the user is the only possible solution for these security issues.So,this research work presents an efficient mutual authentication and key agreement protocol for smart grid communication using elliptic curve crypto-graphy which is robust against security threats.A trust authority module is intro-duced in the security model apart from the user and service provider for authentication.The proposed approach performance is verified based on different security features,communication costs,and computation costs.The comparative analysis of experimental results demonstrates that the proposed authentication model attains better performance than existing state of art of techniques.

Efficient User Authentication and Key Management for Peer-to-Peer Live Streaming Systems

Recent development of the peer-to-peer （P2P） live streaming technique has brought unprecedented new momentum to the Internet with the characters of effective, scalable, and low cost. However, before these applications can be successfully deployed as commercial applications, efficient access control mechanisms are needed. This work based on earlier research of the secure streaming architecture in Trust- Stream, analyzes how to ensure that only authorized users can access the original media in the P2P live streaming system by adopting a user authentication and key management scheme. The major features of this system include （1） the management server issues each authorized user a unique public key certificate, （2） the one-way hash chain extends the certificate＇s lifetime, （3） the original media is encrypted by the session key and delivered to the communication group, and （4） the session key is periodically updated and distributed with the media. Finally, analyses and test results show that scheme provides a secure, scalable, reliable, and efficient access control solution for P2P live streaming systems.

针对动态群组及应用的扩展非对称群密钥协商协议(英文)

Group Key Agreement(GKA)is a cryptographic primitive allowing two or more entities to negotiate a shared session key over public networks.In existing GKA models,it is an open problem to construct a one-round multi-party GKA protocol.Wu et al.recently proposed the concept of asymmetric group key agreement(ASGKA)and realized a one-round ASGKA protocol,which affirmatively answers the above open problem in a relaxed way.However,the ASGKA protocol only applies to static groups.To fill this gap,this paper proposes an extended ASGKA protocol based on the Wu et al.protocol.The extension allows any member to join and leave at any point,provided that the resulting group size is not greater than n.To validate the proposal,extensive experiments are performed and the experimental results show that our protocol is more effective than a plain realization of the Wu et al.protocol for dynamic groups.The extended protocol is also more efficient than the up-to-date dynamic GKA protocol in terms of communication and computation.