1 / 45

بسم الله الرحمن الرحیم

بسم الله الرحمن الرحیم. به نام آنکه هستی نام از او یافت. Key Management in Group Communication. Mohammad Dakhilalian Electrical and Computer Faculty, Isfahan University of Technology (IUT). Topics. Introduction Key Management Key Management in Group Communication Centralized

monet
Download Presentation

بسم الله الرحمن الرحیم

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. بسم الله الرحمن الرحیم به نام آنکه هستی نام از او یافت

  2. Key Management in Group Communication Mohammad Dakhilalian Electrical and Computer Faculty, Isfahan University of Technology (IUT)

  3. Topics • Introduction • Key Management • Key Management in Group Communication • Centralized • Distributed • Decentralized

  4. Introduction • Group communication: a means for providing multi-point to multi-point communication, by organizing processes in groups. • Efficiency:using minimum resources and hence saving bandwidth.

  5. Examples • Video conference • Radar Tracking • VPN • On-line Chat • On-line playing • ...

  6. Introduction Dynamic Group Communication has an active membership section, • Join • Leave • Merge • Partition

  7. Is Security Important?

  8. C I A Is Security Important? • Confidentiality • Integrity • Availability Using Cryptography Algorithms as a trivial Solution.

  9. Topics • Introduction • Key Management • Key Management in Group Communication • Centralized • Distributed • Decentralized

  10. Key Management Architecture Secure Applications Authorization, Access control, Non-repudiation … Encryption, Authentication Key Management

  11. Key Management • Administration and use of the services of generation, registration, certification, distribution, installation and destruction of keying material. • The objective of key management is the secure administration and use of these management services and therefore the protection of keys is extremely important.

  12. Definitions • Key agreement • Key confirmation • Entity authentication • Key Distribution Centre (KDC) • Key Translation Centre (KTC) • Certification Authority (CA)

  13. Key Management Techniques Mechanisms using Symmetric Algorithms • Pre-shared key • Using KDC • Using KTC Mechanisms using Asymmetric Algorithms • Certificate based (or using a TTP) • ID (Identity) based

  14. Example (Pre-Shared key) A , NA A B B , {KB , NB , NA}KAB A , {KA , NA , NB}KAB K=g(KA ,KB)

  15. = KA KDC = KB A B Example (KDC) Generates KAB A,B,N, {A,T}KA {B,N,KAB}KA, {A,KAB}KB {A,T}KAB, {A,KAB}KB KAB KAB

  16. = KA KTC = KB A B Example (KTC) Translates KAB A,{KAB , B}KA {A,KAB}KB {A,KAB}KB KAB KAB

  17. A B Example (Certificate) B , N,CertB CertA , [{N, KAB}PKB]SKA PK : Public Key SK : Secret Key

  18. ReceivesPrivate Keyfor bob@b.com 2 Requests private key, authenticates 3 1 4 Bob decrypts withPrivate Key Alice encrypts with bob@b.com How ID Based works in practiceAlice sends a Message to Bob Key Server bob@b.com bob@b.com alice@a.com

  19. Topics • Introduction • Key Management • Key Management in Group Communication • Centralized • Distributed • Decentralized

  20. Key Management in SGC(Secure Group Communication) Establishment and maintenance of key (Group Key) between valid parties according to a security policy being enforced on the group.

  21. Simple Group Rekeying • The cost of using the simple scheme in large groups is very high. k = Group key KDC … {k}k1 {k}k8 {k}k2 k1 k2 k3 k4 k5 k6 k7 k8 u1 u2 u3 u4 u5 u6 u7 u8

  22. Group Key Management Criteria • Scalability • Robustness • Anonymity • Dynamic • Forward, Backward Secrecy • Collusion • Transmission Efficiency • Computational Efficiency

  23. Key Management Role • Providing member identification and authentication. • Access control. • Generation, distribution and installation of key material.

  24. Different Approaches to Group Key Management. Different Approaches to Group Key Management • Centralized • Distributed • Decentralized

  25. Centralized group key management The efficiency of protocols can be measured by: • Storage requirements. • Size of messages. • Backwards and forward secrecy. • Collusion

  26. KDC Broadcast {knew }kold k1 k2 k3 k4 k5 k6 k7 k8 u1 u2 u3 u4 u5 u6 u7 u8 Example The solution has no forward secrecy

  27. Example LKH(Logical key Hierarchy) k k14 k58 k12 k34 k56 k78 k1 k2 k3 k4 k5 k6 k7 k8 u1 u2 u3 u4 u5 u6 u7 u8

  28. LKH Join {k’}k’14 {k’}k58 k k’ {k’14}k12 {k’14}k’34 k’14 k13 k58 {k’34}k3 {k’34}k4 k12 k34 k56 k78 k’34 k4 k4 k1 k2 k5 k6 k7 k8 k3 u1 u2 u5 u6 u7 u8 u3 u4

  29. LKH Leave {k’}k14 {k’}k’58 k’ k {k’56}k’56 {k’78}k78 k’58 k14 k58 {k’56}k6 k12 k34 k56 k’56 k78 k5 k1 k2 k3 k4 k6 k7 k8 u1 u2 u3 u4 u5 u6 u7 u8

  30. Example OFT(One way Function Tree)Join k k’ k13 k’14 k58 k’34 k12 k34 k56 k78 k4 k1 k2 k5 k6 k7 k8 k3 u1 u2 u5 u6 u7 u8 u3 u4

  31. OFT Leave k k’ k14 k58 k’14 k’4 k12 k34 k56 k78 k3 k3 k1 k2 k4 k5 k6 k7 k8 u3 u1 u2 u4 u5 u6 u7 u8

  32. Topics • Introduction • Key Management • Key Management in Group Communication • Centralized • Distributed • Decentralized

  33. Distributed group key management The efficiency of protocols can be measured by: • Number of rounds • Number of messages. • Processing during setup.

  34. Broadcast Example (CLIQUES):(Group Diffie-Helman Key Exchange) u4 K= gk1k2k3k4 k4 gk2k3k4 , gk1k3k4 ,gk1k2k4 gk1k2 ,gk1k3 , gk2k3 ,gk1k2k3 K= gk1k2k3k4 K= gk1k2k3k4 K= gk1k2k3k4 gk1 , gk2 ,gk1k2 gk1 k1 k2 k3 u3 u1 u2

  35. Example(STR): k k14 k5 k13 k4 u5 k12 k3 u4 k1 k2 u3 u1 u2 Blinding function

  36. STR- Join k’ k5 k k’14 sponsor k13 k4 k’4 u5 k12 k3 u4 k1 k2 u3 u1 u2

  37. STR -Leave k k’ k14 k’14 k5 k13 k4 u5 k’12 k12 k3 k3 u4 sponsor k1 k’2 k2 u3 u1 u2

  38. TGDH join k k’ k58 k’58 k14 sponsor k’78 k56 k’7 k7 k12 k34 k5 k6 k1 k2 k3 k4 k8 u5 u6 u7 u8 u1 u2 u3 u4

  39. TGDH leave k k’ k14 k58 k’58 k12 k34 k56 k78 sponsor k6 k1 k2 k3 k4 k5 k6 k7 k8 k’5 u1 u2 u3 u4 u5 u6 u7 u8

  40. Topics • Introduction • Key Management • Key Management in Group Communication • Centralized • Distributed • Decentralized

  41. Decentralized group key management The efficiency of protocols can be measured by: • Key independence. • Decentralized controller. • Local rekeying. • Rekeying per membership. • Type of communication. • Keys versus Data path

  42. IOLUS hierarchy k4 k3 GSA3 GSA4 k1 k6 GSA1 GSA6 k2 k5 GSA2 GSA5

  43. Intra-Domain Group Key Management Elements All-KD-group k DKD k AKD 1 k AKD 2 k AKD 3 m m m m m m m m m k1 k2 k3 Local area group Local area group Local area group

  44. Summary • Definition of Group Communication (GC) and Secure GC(SGC) • Key Management with emphasis on Key Agreement • Type of Key Management Approach in Group Communication and their examples (LKH,OFT,CLIQUES,STR,TGDH,IOLUS,IGKMP)

  45. با تشکر از تمامی شرکت کنندگان در جلسه

More Related