160 likes | 165 Views
A scalable and distributed multicast security protocol using a subgroup-key hierarchy. Source: Computers & Security , vol.23, pp.320-329, 2004 Author: Heba K. Aslan Speaker: Yu-Wei Su. Outline. Introduction Group Key Proposed Protocol Conclusions. Introduction. Unicast to Multicast
E N D
A scalable and distributed multicast security protocol using a subgroup-key hierarchy Source: Computers & Security, vol.23, pp.320-329, 2004 Author: Heba K. Aslan Speaker:Yu-Wei Su
Outline • Introduction • Group Key • Proposed Protocol • Conclusions
Introduction • Unicast to Multicast • Group communication under security • Scalable • Goal
Group Key • Join & Leave – backward secrecy & forward secrecy • Three classes of group key approaches
Group Key – Distributed approaches • Like Conference Key • Each group member contributes to generate the group key • Not scalable
C K1 K2 K3 K4 K5 K6 K7 U1 U2 U3 U4 Group Key – Centralized approaches • one central entity maintain the security of the group • Not scalable • LKH scheme Central entity Symmetric Key Group member
Centralized approaches – member join C • C and U5 exchange K8 • C generates K1-new, K3-new • C broadcast EK1(K1-new) • C broadcast EK3(K3-new) • C broadcast EK8(K1-new, K3-new) K1 K1-new K3-new K2 K3 K4 K5 K6 K7 K8 U1 U2 U3 U4 U5
Centralized approaches – member leave C • Delete K7 • C Generates K1-new, K3-new • C broadcast EK6(K1-new, K3-new) • C broadcast Ek2(K1-new) K1 K1-new K2 K3 K3-new K4 K5 K6 K7 U1 U2 U3 U4
Group Key –Distributed Subgroup approaches • Group Controller (GC) & Subgroup Controller (SC) • Iolus • scalable K3 GC SC3 subgroup 1 K1 K2 SC1 SC2 subgroup 3 subgroup 2
SC2 SC1 SC3 U1 U1 U1 U2 U2 U2 U3 U3 U3 U4 U4 U4 Proposed Protocol – concept KGC , KSC3 GC KGC , KSC1 KGC , KSC2 subgroup 1 subgroup 3 subgroup 2
Proposed Protocol – Subgroup Hierarchy SCi KSCi(h,d) h: heigh d: number Broadcast key KSCi(0,1) KSCi(0,1) ... KSCi(1,1) KSCi(1,2) KSCi(1,d) KSCi(h,1) U1
Proposed Protocol –Operations • Subgroup controller join • Message broadcast • Member join • Member leave
Subgroup controller join GC 1. GC and SC4 Exchange KSC4 KSC4 SC4 2. GC Generates a KGC-new KGC 3. broadcast EKGC(KGC-new) and EKSC4(KGC-new) KGC KGC SC3 SC1 SC2
SCi KSCi(0,1) U1 U2 U3 U4 Message broadcast GC • GC generates a session • Key Kmess KGC 2. GC broadcast EKGC(Kmess) 3. Every SC DKGC(Kmess), and then broadcast EKSCi(0,1)(Kmess) subgroup i
Member join & leave in a subgroup • Just like LKH, page.7, page.8
Conclusions • Achieving Multicast & Unicast • Scalable