key management for secure communication n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
Key Management For Secure Communication PowerPoint Presentation
Download Presentation
Key Management For Secure Communication

Loading in 2 Seconds...

play fullscreen
1 / 31

Key Management For Secure Communication - PowerPoint PPT Presentation


  • 158 Views
  • Uploaded on

Key Management For Secure Communication. Presentation By: Garrett Lund Paper By: Sandro Rafaeli and David Hutchison. Overview. Background Information IP Multicast Assumptions Requirements Rekeying Methods Centralized Group Key Management Protocols Decentralized Architectures

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

Key Management For Secure Communication


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
    Presentation Transcript
    1. Key Management For Secure Communication Presentation By: Garrett Lund Paper By: SandroRafaeli and David Hutchison

    2. Overview • Background Information • IP Multicast • Assumptions • Requirements • Rekeying Methods • Centralized Group Key Management Protocols • Decentralized Architectures • Distributed • Ethics • Sources

    3. IP Multicast • Between Unicast and Broadcast • Network Switches and Routers are responsible for replication and distribution

    4. IP Multicast Applications

    5. IP Multicast Applications

    6. Encryption Review • Obviously some of these applications require limited access. • No public key, but a “group key”

    7. Assumptions • When a user joins, we have a way to get them their first key • When a user leaves there is a possibility of them continuing to acquire messages • Every user eventually gets the intended messages

    8. Membership Changes • Groups need to be dynamic, allowing (authorized) members to join the group and allowing administrators to expel members from the group • Backwards Secrecy • Forward Secrecy

    9. Rekeying • We need a way to get new keys to the users • Since multicast is being used for group transmission, it is assumed that multicast should be used for rekeying the group • Three Approaches • Centralized • Decentralized • Distributed

    10. Rekeying Requirements • Storage Requirements • Size of Rekey Messages • Backwards Secrecy • Forwards Secrecy • Collusion

    11. Overview • Background Information • IP Multicast • Assumptions • Requirements • Rekeying Methods • Centralized Group Key Management Protocols • Decentralized Architectures • Distributed • Ethics • Sources

    12. Centralized Approaches • We have a Key Distribution Center (KDC) • KDC is in charge of managing all of the group’s keys

    13. Simple • Assign a secret key to each member • Use a group key to send group messages • Each member can recover the group key from the appropriate segment of the rekey message using its secret key

    14. Simple Example Secret Key Rekey Message DSFDBSAF SDFREGEF DSFAGFAS FD@#DSG FDGFDPG GFDSFDH JHFTY546 GFD5FGS& GF5REYHH . . . User F Group Key GFDSFDH

    15. Simple Example Secret Key User F DFDS#@FDSA Group Key Secret Message

    16. Simple Problems • 1. The KDC has to encrypt the new key n times • 2. The message could potentially be huge • If n = 1 million and K is 56 bits • The message would be 10 MB long • 3. You have to develop a protocol so that each user knows which part of the message is appropriate for them to decrypt with their secret key

    17. Group Key Management Protocol (GKMP) • Have 2 group keys and no secret key • One Group Transmission Encryption Key (GTEK) • One Group Key Encryption Key (GKEK) • GKEK used to encrypt the GTEK when it changes • Since GKEK will never change, the system lacks forward secrecy, you cannot kick a member out since they will always know the GKEK

    18. Logical Key Hierarchy (LKH) • Use a balanced Binary Tree to store keys hierarchically

    19. LKH Example Corresponds to: k K14 K58 K12 K34 K56 K78 Rekey Message DSFDBSAF … SDFREGEF … DSFAGFAS … FD@#DSG … FDGFDPG … GFDSFDH … JHFTY546 k3 k34 k14 k We Want k34 Use k3 on 5th line We get k34 We Want k14 Use k34 on 2nd line We get k14 We Want k Use k14 on first line We get k User u3

    20. Logical Key Hierarchy (LKH)

    21. Other Centralized Approaches • One-Way Function Trees (OFT) • One-Way Function Chain Trees (OFCT) • Clustering • Centralized Flat Table (FT) • Efficient Large-Group Key (ELK)

    22. Centralized Approach Summary

    23. Decentralized Approaches • Split the group into subgroups

    24. Decentralized Approaches

    25. Distributed Models • Two methods • Every member contributes • Pick a member at random

    26. Distributed Example LKH

    27. Distributed Summary

    28. Ethics

    29. Sources • "IP Multicast Technical Overview." Cisco Systems, Inc. Web.<http://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6552/prod_white_paper0900aecd804d5fe6.pdf>. • Rafaeli, Sandro, and David Hutchison. "A Survey of Key Management for Secure Group Communication." ACM Digital Library. Lancaster University, Sept. 2003. Web. <http://portal.acm.org/citation.cfm?id=937506>. • Wikipedia