Network Security in Ring Multicast

1. Refreshing member Station A e * f K [F; 0; from d; T1] TK T1K K K AB K [G;1;from d; TB,TC] N1 N1 1 T=TATBTCTD D’’F, CD’’F * Ko [F;0;new;B’CD] D’’, CD’’, ACD’’ * * a d e a d a K [F;0;from d;TD] Packet data Alternating bit Transformation ABC a d N1 2 N1 * * K [H;0;from d;TC] * * X * EA, D’EA, CD’EA D’, CD’, BCD’, ABCD’ E, D’E, CD’E, BCD’E ABCD KN [G;1;-;-] K [G;1;from d; TD,TA] C’, BC’ * Group 1: e f d a AC’ M0 3 N1 K [F;0;from d;T1] Ko KN EABC * * d a Ko [F;0;new;B’C,AB’C] DC K [G;1;from d; TC,TA,TB] M0 N1 4 * * AD”F c b K [G;1;from d;T1] * c Old key New word Policy in Ring Multicast b New key DC * New key specified c b c b * Member Addition Protocol Member Exclusion Protocol 5 M0 Ko [F;0;new;B’,AB’,AB’D] * K [G;1;from d; TD,TA,TB] Ko [F; 0; new; B’C,AB’C] EAB, D’EAB T1K [G;1;-;-] c * * b * E,D’E, CD’E BCD’E, ABCD’E Diffie - Hellman Algorithm * TK [H;0;-;-] c b D, CD, BCD Packet data Alternating bit New subkeys K [G;1;from d;T1] * * d d e e * a a * f f • A and B agree on a prime q and a number 1 <g <q. • A and B choose private keys, SA and SB. • A and B compute public keys, KA = gSAmod q • KB = gSA mod q • For A, K = (KB)SA mod p = gSASB mod q • For B, K = (KA)SB mod p = gSASB mod q Secure Acknowledging Multicast (SAM) * * F,EF,D’EF, CD’EF BCD’EF, D’, CD’, BCD’, ABCD’ C’, BC’ AD,ACD A AC’ Notations: ABCD’F C, BC, ABC 7 4 5 1 1 2 6 1 3 1 2 5 3 2 2 4 2 4 1 3 3 3 2 6 4 1 7 2 3 1 3 2 4 6 5 2 2 1 3 1 1 5 • e joins the multicast ring; • d updates D to D’; • New key will be ABCD’E. • d leaves the multicast ring; • c updates C to C’; • New key will be ABC’. * * * • Station 1 is source; • N1 is new message; M0 is prior packet; • X means transmission error; • DC means “Don’t Care”; • 1 resent N1 when seeing M0. * d c c d a a b b X * B, AB AF,AEF, AD’EF, ACD’EF ABD * • a is source; • b, c, d are receivers; • Group key is ABCD; • Asterisk denotes receiver now • has common secret key. ABCF, ABCEF Initial Key Establishment (IKE) * c c b b ABF,ABEF, ABD’EF * Mass Join Protocol Subgroup Exclusion Protocol Group Division Protocol Subgroup Exclusion IKE • e, f join the group; • Chain e & f in sequence; • d updates D to D’; • New key is ABCD’EF. • b, e leave the group; • d updates D to D’’; • New key is ACD’’F. • Run the subgroup exclusion protocol to form Group 1; • Run IKE to form Group 2. Group 2: * d D’’F’’ D’’ F’’, E”F’’ * f e E’’, D’’E’’ * Key Refresh with Transformations Key Refresh with New word Policy Key Refresh with Transformation Conclusions Key format Thank you for stopping by ! Key format • SAM scheme achieves secure and efficient key agreement in the context of dynamic ring multicast network, such as initial key establishment, member addition, member exclusion, mass join, subgroup exclusion and group division etc. • SAM provides both simple acknowledgement with new-word policy and simple key refresh via transformations. • Key refresh does not interrupt the data exchange and acknowledgement. • d initiates the key refresh; • Each member contributes its • own transformation; • F, G & H are packet data; • Key refresh doesn’t interrupt • data flow. Any Questions ?? Contact us via email: John J. Metzner metzner@cse.psu.edu Yuexin Liu yxl185@psu.edu • d refreshes the key; • F & G are packet data; • New key is T1K; • Key refresh doesn’t interrupt • data flow. • b refreshes the key; • F & G are packet data; • Key refresh doesn’t interrupt • data flow. Network Security in Ring Multicast John J. Metzner, Yuexin Liu Dept. of Computer Science and Engineering, The Pennsylvania State University Multicast Network Advantages: Low network transmission overheads High user scalability Applications: Stock quote services, Internet radio, Video conferencing, Pay per view TV Concerns: Backward/Forward secrecy Data confidentiality Membership changes (Dynamic Groups) Efficient key management scheme (Key Agreement, Key Refresh etc.)