Network Security in Ring Multicast - PowerPoint PPT Presentation

Slide1 l.jpg
Download
1 / 1

  • 326 Views
  • Updated On :
  • Presentation posted in: Internet / Web

Refreshing member. Station. A. e. *. f. K [F; 0; from d; T 1 ]. TK. T 1 K. K. K. AB. K [G;1;from d; T B ,T C ]. N 1. N 1. 1. T=T A T B T C T D. D’’F, CD’’F. *. Ko [F;0;new;B’CD]. D’’, CD’’, ACD’’. *. *. a. d. e. a. d. a. K [F;0;from d;T D ]. Packet data.

Related searches for Network Security in Ring Multicast

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.

Download Presentation

Network Security in Ring Multicast

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Slide1 l.jpg

Refreshing member

Station

A

e

*

f

K [F; 0; from d; T1]

TK

T1K

K

K

AB

K [G;1;from d; TB,TC]

N1

N1

1

T=TATBTCTD

D’’F, CD’’F

*

Ko [F;0;new;B’CD]

D’’, CD’’,

ACD’’

*

*

a

d

e

a

d

a

K [F;0;from d;TD]

Packet data

Alternating bit

Transformation

ABC

a

d

N1

2

N1

*

*

K [H;0;from d;TC]

*

*

X

*

EA,

D’EA,

CD’EA

D’, CD’,

BCD’,

ABCD’

E, D’E,

CD’E,

BCD’E

ABCD

KN [G;1;-;-]

K [G;1;from d; TD,TA]

C’, BC’

*

Group 1:

e

f

d

a

AC’

M0

3

N1

K [F;0;from d;T1]

Ko

KN

EABC

*

*

d

a

Ko [F;0;new;B’C,AB’C]

DC

K [G;1;from d; TC,TA,TB]

M0

N1

4

*

*

AD”F

c

b

K [G;1;from d;T1]

*

c

Old key

New word Policy in Ring Multicast

b

New key

DC

*

New key specified

c

b

c

b

*

Member Addition Protocol

Member Exclusion Protocol

5

M0

Ko [F;0;new;B’,AB’,AB’D]

*

K [G;1;from d; TD,TA,TB]

Ko [F; 0; new; B’C,AB’C]

EAB,

D’EAB

T1K [G;1;-;-]

c

*

*

b

*

E,D’E, CD’E

BCD’E,

ABCD’E

Diffie - Hellman Algorithm

*

TK [H;0;-;-]

c

b

D, CD,

BCD

Packet data

Alternating bit

New subkeys

K [G;1;from d;T1]

*

*

d

d

e

e

*

a

a

*

f

f

  • A and B agree on a prime q and a number 1 <g <q.

  • A and B choose private keys, SA and SB.

  • A and B compute public keys, KA = gSAmod q

  • KB = gSA mod q

  • For A, K = (KB)SA mod p = gSASB mod q

  • For B, K = (KA)SB mod p = gSASB mod q

Secure Acknowledging Multicast (SAM)

*

*

F,EF,D’EF,

CD’EF

BCD’EF,

D’, CD’,

BCD’,

ABCD’

C’, BC’

AD,ACD

A

AC’

Notations:

ABCD’F

C, BC,

ABC

7

4

5

1

1

2

6

1

3

1

2

5

3

2

2

4

2

4

1

3

3

3

2

6

4

1

7

2

3

1

3

2

4

6

5

2

2

1

3

1

1

5

  • e joins the multicast ring;

  • d updates D to D’;

  • New key will be ABCD’E.

  • d leaves the multicast ring;

  • c updates C to C’;

  • New key will be ABC’.

*

*

*

  • Station 1 is source;

  • N1 is new message; M0 is prior packet;

  • X means transmission error;

  • DC means “Don’t Care”;

  • 1 resent N1 when seeing M0.

*

d

c

c

d

a

a

b

b

X

*

B, AB

AF,AEF,

AD’EF,

ACD’EF

ABD

*

  • a is source;

  • b, c, d are receivers;

  • Group key is ABCD;

  • Asterisk denotes receiver now

  • has common secret key.

ABCF,

ABCEF

Initial Key Establishment (IKE)

*

c

c

b

b

ABF,ABEF,

ABD’EF

*

Mass Join Protocol

Subgroup Exclusion Protocol

Group Division Protocol

Subgroup Exclusion

IKE

  • e, f join the group;

  • Chain e & f in sequence;

  • d updates D to D’;

  • New key is ABCD’EF.

  • b, e leave the group;

  • d updates D to D’’;

  • New key is ACD’’F.

  • Run the subgroup exclusion protocol to form Group 1;

  • Run IKE to form Group 2.

Group 2:

*

d

D’’F’’

D’’

F’’, E”F’’

*

f

e

E’’, D’’E’’

*

Key Refresh with Transformations

Key Refresh with New word Policy

Key Refresh with Transformation

Conclusions

Key format

Thank you for stopping by !

Key format

  • SAM scheme achieves secure and efficient key agreement in the context of dynamic ring multicast network, such as initial key establishment, member addition, member exclusion, mass join, subgroup exclusion and group division etc.

  • SAM provides both simple acknowledgement with new-word policy and simple key refresh via transformations.

  • Key refresh does not interrupt the data exchange and acknowledgement.

  • d initiates the key refresh;

  • Each member contributes its

  • own transformation;

  • F, G & H are packet data;

  • Key refresh doesn’t interrupt

  • data flow.

Any Questions ??

Contact us via email: John J. Metzner metzner@cse.psu.edu

Yuexin Liu yxl185@psu.edu

  • d refreshes the key;

  • F & G are packet data;

  • New key is T1K;

  • Key refresh doesn’t interrupt

  • data flow.

  • b refreshes the key;

  • F & G are packet data;

  • Key refresh doesn’t interrupt

  • data flow.

Network Security in Ring Multicast

John J. Metzner, Yuexin Liu

Dept. of Computer Science and Engineering, The Pennsylvania State University

Multicast Network

Advantages: Low network transmission overheads

High user scalability

Applications: Stock quote services, Internet radio,

Video conferencing, Pay per view TV

Concerns: Backward/Forward secrecy

Data confidentiality

Membership changes (Dynamic Groups)

Efficient key management scheme

(Key Agreement, Key Refresh etc.)


  • Login