Several muhicast key management schemes such as those proposed by Wallner et al and Wong et al are based on a multilevel, logical hierarchy (or tree) of key-encrypting keys. When used in conjunction with a reliahle ...Several muhicast key management schemes such as those proposed by Wallner et al and Wong et al are based on a multilevel, logical hierarchy (or tree) of key-encrypting keys. When used in conjunction with a reliahle muhicast infrastructure, this approach results in a highly efficient key update mechanism in which the number of muhicast messages transmitted upon a membership update is proportional to the depth of the tree, which is logarithmic to the size of the secure muhicast group. But this is based on the hypothesis that the tree is maintained in a balanced manner. This paper proposes a scalable rekeying scheme---link-tree structure for implementing secure group communication. Theoretical calculation and experimentation show that this scheme has better performance than the tree structure and the star structure, and at the same time still keep the link-tree structure balanced.展开更多
By introducing XOR operation and one-way function chains to group key management schemes based on the keys tree, a new group key management scheme based on the keys tree, XOR operation and one-way function chains is p...By introducing XOR operation and one-way function chains to group key management schemes based on the keys tree, a new group key management scheme based on the keys tree, XOR operation and one-way function chains is proposed. Initialization, member adding and member evicting operations are introduced. The new scheme is compared with three other group key management schemes which are based on the keys tree: SKDC, LKH, and OFF. As far as transmission, computation and storage costs are concerned, the performance of the new group key management scheme is the best. The security problem of the new scheme is analyzed. This new scheme provides backward and forward security, i.e.. newly admitted group members cannot read previous multicast messages and evicted members cannot read future multicast messages, even with collusion by many arbitrarily evicted members.展开更多
The key exposure problem is a practical threat for many security applications. In wireless sensor networks (WSNs), keys could be compromised easily due to its limited hardware protections. A secure group key managemen...The key exposure problem is a practical threat for many security applications. In wireless sensor networks (WSNs), keys could be compromised easily due to its limited hardware protections. A secure group key management scheme is responsible for secure distributing group keys among valid nodes of the group. Based on the key-insulated encryption (KIE), we propose a group key management scheme (KIE-GKMS), which integrates the pair-wise key pre-distribution for WSN. The KIE-GKMS scheme updates group keys dynamically when adding or removing nodes. Moreover, the security analysis proves that the KIE-GKMS scheme not only obtains the semantic security, but also provides the forward and backward security. Finally, the theoretical analysis shows that the KIE-GKMS scheme has constant performance on both communication and storage costs in sensor nodes.展开更多
A new collusion attack on Pour-like schemes is proposed in this paper. Then, we present a collusion-free centralized multicast key management scheme based on characteristic values of members. The re-keying method that...A new collusion attack on Pour-like schemes is proposed in this paper. Then, we present a collusion-free centralized multicast key management scheme based on characteristic values of members. The re-keying method that other group members calculate new keys when a member is joining or leaving is also designed. It achieves forward secrecy and backward secrecy. Compared with typical existing centralized schemes, the storage of Group Key Controller (GKC) in our scheme halves the storage overhead of others, and communication overhead of GKC is 2 in case of joining re-keying. Especially, the leaving re-keying overhead is and the overall performance is excellent.展开更多
The recent growth of the World Wide Web has sparked new research into using the Internet for novel types of group communication, like multiparty videoconferencing and real-time streaming. Multicast has the potential t...The recent growth of the World Wide Web has sparked new research into using the Internet for novel types of group communication, like multiparty videoconferencing and real-time streaming. Multicast has the potential to be very useful, but it suffers from many problems like security. To achieve secure multicast communications with the dynamic aspect of group applications due to free membership joins and leaves in addition to member's mobility, key management is one of the most critical problems. So far, a lot of multicast key management schemes have been proposed and most of them are centralized, which have the problem of 'one point failure' and that the group controller is the bottleneck of the group. In order to solve these two problems, we propose a Key Management Scheme, using cluster-based End-System Multicast (ESM). The group management is between both 1) the main controller (MRP, Main Rendezvous Point) and the second controllers (CRP, Cluster RP), and 2) the second controllers (CRPs) and its members. So, ESM simplifies the implementation of group communication and is efficient ways to deliver a secure message to a group of recipients in a network as a practical alternative to overcome the difficulty of large scale deployment of traditional IP multicast. In this paper, we analyze different key management schemes and propose a new scheme, namely Advanced Transition/Cluster Key management Scheme (ATCKS) and find it has appropriate performance in security.展开更多
As the major problem in multicast security, the group key management has been the focus of research But few results are satisfactory. In this paper, the problems of group key management and access control for large dy...As the major problem in multicast security, the group key management has been the focus of research But few results are satisfactory. In this paper, the problems of group key management and access control for large dynamic multicast group have been researched and a solution based on SubGroup Secure Controllers (SGSCs) is presented, which solves many problems in IOLUS system and WGL scheme.展开更多
Wireless sensor networks (WSNs) and wireless mesh networks (WMNs) are popular research subjects. The interconnection of both network types enables next-generation applications and creates new optimization opportunitie...Wireless sensor networks (WSNs) and wireless mesh networks (WMNs) are popular research subjects. The interconnection of both network types enables next-generation applications and creates new optimization opportunities. Currently, plenty of protocols are available on the security of either wireless sensor networks or wireless mesh networks, an investigation in peer work underpins the fact that neither of these protocols is adapt to the interconnection of these network types. The internal cause relies on the fact that they differ in terms of complexity, scalability and network abstraction level. Therefore, in this article, we propose a unified security framework with three key management protocols, MPKM, MGKM, and TKM which are able to provide basic functionalities on the simplest devices and advanced functionalities on high performance nodes. We perform a detailed performance evaluation on our protocols against some important metrics such as scalability, key connectivity and compromise resilience, and we also compare our solution to the current keying protocols for WSNs and WMNs.展开更多
Group key distribution is faced with two important problems, i.e. reliability and scalability, to support security multicast for large and dynamic groups. With group member increasing, traditional reliable multicast p...Group key distribution is faced with two important problems, i.e. reliability and scalability, to support security multicast for large and dynamic groups. With group member increasing, traditional reliable multicast protocol can not deal with them fully. Gossip-based group key distribution idea for wide-area dissemination was provided. It is based on an gossip-based loss recovery control mechanism. It can provide a probabilistic reliable guarantee for a information dissemination to reach every group member, which can achieve scalability and reliability. To achieve full reliability, three layers protocol model in group key distribution was provided. One is best effect layer, which provides unreliable dissemination. Other is gossip-based loss recovery layer, which provides probabilistic reliable guarantee. Last is vsync-based layer, which provide deterministic loss recovery. We integrate probabilistic loss recovery method with deterministic one. The model possess scalability that probabilistic method has and full reliability prosthesis by vsync-based. To evaluate the effectiveness of gossip technique in scalable and reliable multicast protocols. We have compared gossip protocol with other reliable multicast protocols. Experimental result shows that gossip protocol has better scalability than other.展开更多
We present a provably secure authenticated tree based key agreement scheme for multicast. There is a wide variety of applications that can benefit from using our scheme, e. g. , pay-Tv, teleconferencing, software upda...We present a provably secure authenticated tree based key agreement scheme for multicast. There is a wide variety of applications that can benefit from using our scheme, e. g. , pay-Tv, teleconferencing, software updates. Compared with the previous published schemes, our scheme provides group member authentication without introducing additional mechanism. Future, we give the security proof of our scheme under the random oracle model.展开更多
Time efficiency of key establishment and update is one of the major problems contributory key managements strive to address.To achieve better time efficiency in key establishment,we propose a Location-based Huffman(L-...Time efficiency of key establishment and update is one of the major problems contributory key managements strive to address.To achieve better time efficiency in key establishment,we propose a Location-based Huffman(L-Huffman) scheme.First,users are separated into several small groups to minimize communication cost when they are distributed over large networks.Second,both user's computation difference and message transmission delay are taken into consideration when Huffman coding is employed to forming the optimal key tree.Third,the combined weights in Huffman tree are located in a higher place of the key tree to reduce the variance of the average key generation time and minimize the longest key generation time.Simulations demonstrate that L-Huffman has much better performance in wide area networks and is a little better in local area network than Huffman scheme.展开更多
基金Sponsored by the National Natural Science Foundation of China (Grant No.60203012) and Shanghai Rising-Star Program in Science and Technology (Grant No.02QD14027).
文摘Several muhicast key management schemes such as those proposed by Wallner et al and Wong et al are based on a multilevel, logical hierarchy (or tree) of key-encrypting keys. When used in conjunction with a reliahle muhicast infrastructure, this approach results in a highly efficient key update mechanism in which the number of muhicast messages transmitted upon a membership update is proportional to the depth of the tree, which is logarithmic to the size of the secure muhicast group. But this is based on the hypothesis that the tree is maintained in a balanced manner. This paper proposes a scalable rekeying scheme---link-tree structure for implementing secure group communication. Theoretical calculation and experimentation show that this scheme has better performance than the tree structure and the star structure, and at the same time still keep the link-tree structure balanced.
文摘By introducing XOR operation and one-way function chains to group key management schemes based on the keys tree, a new group key management scheme based on the keys tree, XOR operation and one-way function chains is proposed. Initialization, member adding and member evicting operations are introduced. The new scheme is compared with three other group key management schemes which are based on the keys tree: SKDC, LKH, and OFF. As far as transmission, computation and storage costs are concerned, the performance of the new group key management scheme is the best. The security problem of the new scheme is analyzed. This new scheme provides backward and forward security, i.e.. newly admitted group members cannot read previous multicast messages and evicted members cannot read future multicast messages, even with collusion by many arbitrarily evicted members.
基金Project(61100201) supported by National Natural Science Foundation of ChinaProject(12ZZ019) supported by Technology Innovation Research Program,Shang Municipal Education Commission,China+1 种基金Project(LYM11053) supported by the Foundation for Distinguished Young Talents in Higher Education of Guangdong Province,ChinaProject(NCET-12-0358) supported by New Century Excellent Talentsin University,Ministry of Education,China
文摘The key exposure problem is a practical threat for many security applications. In wireless sensor networks (WSNs), keys could be compromised easily due to its limited hardware protections. A secure group key management scheme is responsible for secure distributing group keys among valid nodes of the group. Based on the key-insulated encryption (KIE), we propose a group key management scheme (KIE-GKMS), which integrates the pair-wise key pre-distribution for WSN. The KIE-GKMS scheme updates group keys dynamically when adding or removing nodes. Moreover, the security analysis proves that the KIE-GKMS scheme not only obtains the semantic security, but also provides the forward and backward security. Finally, the theoretical analysis shows that the KIE-GKMS scheme has constant performance on both communication and storage costs in sensor nodes.
文摘A new collusion attack on Pour-like schemes is proposed in this paper. Then, we present a collusion-free centralized multicast key management scheme based on characteristic values of members. The re-keying method that other group members calculate new keys when a member is joining or leaving is also designed. It achieves forward secrecy and backward secrecy. Compared with typical existing centralized schemes, the storage of Group Key Controller (GKC) in our scheme halves the storage overhead of others, and communication overhead of GKC is 2 in case of joining re-keying. Especially, the leaving re-keying overhead is and the overall performance is excellent.
文摘The recent growth of the World Wide Web has sparked new research into using the Internet for novel types of group communication, like multiparty videoconferencing and real-time streaming. Multicast has the potential to be very useful, but it suffers from many problems like security. To achieve secure multicast communications with the dynamic aspect of group applications due to free membership joins and leaves in addition to member's mobility, key management is one of the most critical problems. So far, a lot of multicast key management schemes have been proposed and most of them are centralized, which have the problem of 'one point failure' and that the group controller is the bottleneck of the group. In order to solve these two problems, we propose a Key Management Scheme, using cluster-based End-System Multicast (ESM). The group management is between both 1) the main controller (MRP, Main Rendezvous Point) and the second controllers (CRP, Cluster RP), and 2) the second controllers (CRPs) and its members. So, ESM simplifies the implementation of group communication and is efficient ways to deliver a secure message to a group of recipients in a network as a practical alternative to overcome the difficulty of large scale deployment of traditional IP multicast. In this paper, we analyze different key management schemes and propose a new scheme, namely Advanced Transition/Cluster Key management Scheme (ATCKS) and find it has appropriate performance in security.
文摘As the major problem in multicast security, the group key management has been the focus of research But few results are satisfactory. In this paper, the problems of group key management and access control for large dynamic multicast group have been researched and a solution based on SubGroup Secure Controllers (SGSCs) is presented, which solves many problems in IOLUS system and WGL scheme.
文摘Wireless sensor networks (WSNs) and wireless mesh networks (WMNs) are popular research subjects. The interconnection of both network types enables next-generation applications and creates new optimization opportunities. Currently, plenty of protocols are available on the security of either wireless sensor networks or wireless mesh networks, an investigation in peer work underpins the fact that neither of these protocols is adapt to the interconnection of these network types. The internal cause relies on the fact that they differ in terms of complexity, scalability and network abstraction level. Therefore, in this article, we propose a unified security framework with three key management protocols, MPKM, MGKM, and TKM which are able to provide basic functionalities on the simplest devices and advanced functionalities on high performance nodes. We perform a detailed performance evaluation on our protocols against some important metrics such as scalability, key connectivity and compromise resilience, and we also compare our solution to the current keying protocols for WSNs and WMNs.
文摘Group key distribution is faced with two important problems, i.e. reliability and scalability, to support security multicast for large and dynamic groups. With group member increasing, traditional reliable multicast protocol can not deal with them fully. Gossip-based group key distribution idea for wide-area dissemination was provided. It is based on an gossip-based loss recovery control mechanism. It can provide a probabilistic reliable guarantee for a information dissemination to reach every group member, which can achieve scalability and reliability. To achieve full reliability, three layers protocol model in group key distribution was provided. One is best effect layer, which provides unreliable dissemination. Other is gossip-based loss recovery layer, which provides probabilistic reliable guarantee. Last is vsync-based layer, which provide deterministic loss recovery. We integrate probabilistic loss recovery method with deterministic one. The model possess scalability that probabilistic method has and full reliability prosthesis by vsync-based. To evaluate the effectiveness of gossip technique in scalable and reliable multicast protocols. We have compared gossip protocol with other reliable multicast protocols. Experimental result shows that gossip protocol has better scalability than other.
基金Supported by the National Natural Science Foun-dation of China (90304007) the National Basic Research Programof China(973 Program2004CB318004)
文摘We present a provably secure authenticated tree based key agreement scheme for multicast. There is a wide variety of applications that can benefit from using our scheme, e. g. , pay-Tv, teleconferencing, software updates. Compared with the previous published schemes, our scheme provides group member authentication without introducing additional mechanism. Future, we give the security proof of our scheme under the random oracle model.
基金Supported by National Basic Research and Development Program of China (2007CB307102)
文摘Time efficiency of key establishment and update is one of the major problems contributory key managements strive to address.To achieve better time efficiency in key establishment,we propose a Location-based Huffman(L-Huffman) scheme.First,users are separated into several small groups to minimize communication cost when they are distributed over large networks.Second,both user's computation difference and message transmission delay are taken into consideration when Huffman coding is employed to forming the optimal key tree.Third,the combined weights in Huffman tree are located in a higher place of the key tree to reduce the variance of the average key generation time and minimize the longest key generation time.Simulations demonstrate that L-Huffman has much better performance in wide area networks and is a little better in local area network than Huffman scheme.
