1 / 26

Pairwise Key Agreement in Broadcasting Networks

Explore key exchange schemes for secure communication in broadcasting networks, with focus on key independence and forward secrecy. Learn about session identifiers, key graphs, and concurrent key exchange strategies. 8 Relevant

idola
Download Presentation

Pairwise Key Agreement in Broadcasting Networks

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Pairwise Key Agreement in Broadcasting Networks - 2005.11.11 - Ik Rae Jeong

  2. Contents • Security Notions of Key Exchange • Type of Networks • Key Agreement for Key Graphs

  3. Security Notions of Key Exchange • IA (Implicit Authentication) • Only a designated party can calculate the same session key. Dishonest parties can not get any information about the session key. • KI (Key Independence) • security against Denning-Sacco attacks (known key attacks) • for the cases when other session keys are revealed • FS (Forward Secrecy) • for the cases when long-term secrets are revealed

  4. Types of Network • half-duplex • full-duplex Alice Bob 4 Rounds Alice Bob 2 Rounds

  5. Types of Network • Broadcasting Network P3 P1 P2 P4 Round 1 Round 2

  6. DH (half-duplex) Bob Alice 2 Rounds

  7. DH (full-duplex) Bob Alice 1 Round

  8. Session Identifier • The unique string per session • Used to define matching session in the definition of security of key exchange • In the full-duplex channel: the message concatenation by the ordering of owners

  9. III. Key Agreement for Key Graphs • We have constructed more efficient key exchange schemes which provides pairwise key exchange between parties via randomness re-use technique.

  10. Sequential Key Exchangebetween Parties P2 P1 P4 P3

  11. Concurrent Key Exchangebetween Parties P2 P1 P4 P3

  12. Motivation • How do we efficiently do concurrent execution of the two-party key exchange scheme ?

  13. Our Results • An efficient one-round key exchange scheme providing key independence in the standard model • A two-round key exchange scheme providing forward secrecy in the standard model

  14. P2 P1 P4 P3 P2 P1 P4 P3 Key Graphfor Session keys (1) G={V,E} V={P1,P2,P3,P4} E={(P1,P2),(P1,P3),(P1,P4)} G={V,E} V={P1,P2,P3,P4} E={(P1,P2),(P2,P3),(P3,P4), (P4,P1)}

  15. P1 P2 P3 P4 P6 P5 P7 P2 P1 P4 P3 Key Graphfor Session keys (2) G={V,E} V={P1,P2,P3,P4} E={(P1,P2),(P1,P3), (P2,P4), (P2,P5), (P3,P6), (P3,P7)} G={V,E} V={P1,P2,P3,P4} E={(P1,P2),(P1,P3),(P1,P4), (P2,P3),(P2,P4),(P3,P4)}

  16. Key Exchange Model for Key Graphs • Broadcasting network • Several session keys in a single session

  17. One-Round Two-Party Diffie-Hellman Key Exchange P2 P1

  18. One-Round Concurrent Key Exchange using Two-Party Key Exchange P2 P1 P4 P3 P1 requires three random values.

  19. One-Round Concurrent Key Exchange using randomness re-use technique P2 P1 P4 P3 P1 requires one random values.

  20. Randomness Re-useunder the DDH assumption • Pairwise DDH assumption 1 Exp

  21. Randomness Re-useunder the DDH assumption • Pairwise DDH assumption 2 Exp

  22. F is a pseudo random function PKA1 KI in the standard model P3 P1 P2 P4 Round 1:

  23. PKA2 FS in the standard model P3 P1 P2 P4 Round 1:

  24. Security • PKA1 and PKA2 • reduced to the DDH problem in the standard model

  25. Discussion • Key exchange for key graph is an extension of two-party key exchange. • Key exchange for key graph can be used as a subprotocol of another protocol such as group key exchange protocols.

  26. Thank You !

More Related