Chien-Ming Chen,Tsu-Yang Wu,Bing-Zhe He,Hung-Min Sun

DOI: https://doi.org/10.1109/cmcsn.2012.69

2012-01-01

Abstract:Time-bound hierarchical key management mechanisms are widely discussed in several environments and applications. Obviously, the collusion attacks are the serious problems in the time-bound hierarchical key management schemes. In the collusion attacks, two or more users assigned to some classes in distinct time periods collude to compute a key to which they are not entitled. Two kinds of countermeasures, such as adopting tamper-resistant devices and utilizing public parameters have been proposed to withstand the collusion attacks. In this paper, we proposed a new time-bound hierarchical key management scheme which can effectively defeat the collusion attacks without adopting a tamper-resistant device. Compared with the previous schemes, our design requires less public parameters.

Ruixue Sun,Zhiguo Shi,Rongxing Lu,Jian Qiao,Xuemin (Sherman) Shen

DOI: https://doi.org/10.1109/WCSP.2012.6542795

2012-01-01

Abstract:The 60 GHz ultra-high-speed Wireless Personal Area Network (WPAN) has received considerable attention in recent years. Information security, which ensures secure communication within the network, is of particular importance. In this paper, we propose an efficient lightweight key management scheme for 60 GHz WPAN, which deploys secure encryption algorithms and one-way hash function to achieve efficient key exchange and updating managements. Detailed security analysis has shown its security provisions. In addition, performance evaluation is also provided to demonstrate its efficiency in terms of session key distribution and group key updating.

Jiqiang Liu,Sheng Zhong

2009-01-01

Abstract:In a complex information system, users and data are usually organized in a hierarchy structure for access control. Users in superior classes should be allowed to derive the secret keys belonging to subordinate classes. In this Paper, We propose a new time bound hierarchy key assignment scheme to achieve this goal. Compared with the existing similar schemes, our scheme is more secure and needs less computational time. Furthermore, our scheme does not need tamper-resistant device, Which makes our scheme much more practical.

Bing-Zhe He,Chien-Ming Chen,Tsu-Yang Wu,Hung-Min Sun

DOI: https://doi.org/10.1155/2014/569397

IF: 1.43

2014-01-01

Mathematical Problems in Engineering

Abstract:The time-bound hierarchical key assignment scheme provides a cryptographic solution for the access control problem in distributed systems (e.g., Pay-TV and cloud computing applications). Most time-bound hierarchical key assignment schemes can be divided into two types: adopting tamper-resistant devices and utilizing public values. Despite the fact that adopting tamper-resistant devices can easily resist to collusion attacks, utilizing public values is much cheaper and more suitable for cloud environment. In this paper, we proposed a new time-bound hierarchical key assignment scheme, which can effectively defeat the collusion attack. Besides, the proposed scheme utilizes public values instead of tamper-resistant devices, which will restrict user's convenience. Compared with the previous works, our scheme requires fewer public values and has better performance.

Qiuhua Wang,Huifang Chen,Lei Xie,Kuang Wang

DOI: https://doi.org/10.1002/sec.429

IF: 1.968

2012-01-01

Security and Communication Networks

Abstract:The self-healing group key distribution scheme with revocation can deal with the problem of distributing session keys for secure group communication over an unreliable wireless network, with the capability to resist packet loss and collusion attack. However, existing access-polynomial-based self-healing key management schemes have some problems, such as the small number of active group members, much redundancy in the key updating broadcast packet, and limited collusion attack resistance capability. In order to increase the number of active group members and improve the performance of self-healing group key distribution schemes, we propose a self-healing group key distribution scheme based on the access polynomial and one-way hash key chain for resource-constrained wireless networks in this paper. In our proposed scheme, by binding the time at which the user joins the group with the capability of recovering previous group session keys, some novel methods to construct the personal secret, the access polynomial, and the session key updating broadcast packet are presented. Compared with existing schemes under same conditions, analysis and simulation results show that our proposed scheme not only supports much more group members and sessions, but also provides a stronger security, considering that it can deal with more colluding users. Moreover, our proposed scheme is especially suitable to resource-constrained wireless networks in a very bad environment. Copyright © 2012 John Wiley & Sons, Ltd.

XIE Qi,CHEN De-ren,YU Xiu-yuan

IF: 2.034

2010-01-01

Systems Engineering

Abstract:In 2009, Park, et al. proposed an efficient remote user authentication protocol. They claimed that their protocol was the first password and smart card based remote user authentication scheme which can resist the off-line password guessing attack, and had many advantages over existing solutions such as no password tables and timestamp, low communication and computational costs. However, this paper shows that their protocol cannot resist the forgery attack and off-line password guessing attack. To overcome the security weaknesses, two improved schemes based on either nonce or timestamp without affecting the merits of the Park, et al. scheme are proposed. Technical discussions are provided to show that the improved protocol is secure, efficient and practical.

Jianqing Fu,Jian Chen,Rong Fan,XiaoPing Chen,Lingdi Ping

DOI: https://doi.org/10.1109/wcse.2009.731

2009-01-01

Abstract:With the widespread use of mobile devices, authentication and privacy of identification become important issues. We analyzed the security flaws and shortcomings of a delegation-based authentication protocol which was proposed by Caimu Tang, et al., and provided an improved protocol. We use elliptic-curve cryptography and hash chain to ensure the safety of system in our scheme. The research results reveal that the improved protocol can not only corrects the security flaws but also improve the efficiency of key management and reduce the computational load.

Mengyao Zhu,Ming Zhang,Xiaoling Chen,Ding Zhang,ZhiJie Huang

DOI: https://doi.org/10.1007/978-3-540-74377-4_88

2007-01-01

Abstract:A variety of subscriptions in Conditional Access System (CAS) of DTV broadcasting network bring complexity to the key distribution scheme. In this paper, an innovation of hierarchical key distribution scheme for CAS in DTV broadcasting is proposed to reduce the computation of encryption and the number of messages for key refreshment. Compared with the conventional key distribution schemes, no encrypted message is distributed for key refreshment when a subscriber leaves. Further more, our hierarchical tree of key can provide a lot more dynamic management, from which broadcasters can improve efficiency in managing program channels.

Hoang Nam Nguyen,Hiroaki Morino

DOI: https://doi.org/10.1007/11596042_93

2005-01-01

Abstract:Providing secure communications is a crucial task for the success of future ubiquitous mobile communication systems. Using public key infrastructure (PKI) is considered as a good solution to fulfill the task. However, as mobile ad hoc networks (MANET) inherit unique characteristics such as dynamic topology, non-infrastructure architecture, centralized PKI architectures are not suitable for dynamic MANET. The use of distributed PKI models is more appropriate but requires additional modifications to adapt with network changes. In this paper, we introduce a novel key management scheme for MANET, which exploits advantages of threshold cryptography. The major innovative aspect of this scheme is the use of temporal substitute certificate authorities (SCA), which form a PKI model of multi SCA groups. Performance results obtained by computer simulation show that the proposed key management scheme can reduce the latency of authentication, certificate update delay and the signaling load.

王松,俞能海,郝卓

DOI: https://doi.org/10.3969/j.issn.1009-3443.2009.03.005

2009-01-01

Abstract:To reduce the processing delay for sub-key distribution and prevent attack from the compromised users and the leaking of the sub-keys to new users,based on the characteristics of ad hoc space network,a novel scheme DPSKC for key management in ad hoc space network was proposed.Based on elliptic curve cryptography,the parallel sub-key computing technology and packet transmission for distributed environment were designed.The former technology reduced the processing delay for sub-key distribution,and the latter prevented the attack from compromised users and the leaking of the sub-keys to new user.The new scheme is secure and performs well in the sub-key distribution delay,the computation and memory consumption.

Jian Weng,Yunlei Zhao,Robert H. Deng,Shengli Liu,Yanjiang Yang,Kouichi Sakurai

DOI: https://doi.org/10.1016/j.tcs.2015.07.051

IF: 1.002

2015-01-01

Theoretical Computer Science

Abstract:A public key trace and revoke scheme combines the functionality of broadcast encryption with the capability of traitor tracing. In Asiacrypt 2003, Kim, Hwang and Lee proposed a public key trace and revoke scheme (referred to as KHL scheme), and gave the security proof to support that their scheme is z-resilient against adaptive chosen-ciphertext attacks, in which the adversary is allowed to adaptively issue decryption queries as well as adaptively corrupt up to z users. In the passed ten years, KHL scheme has been believed as one of the most efficient public key trace and revoke schemes with z-resilience against adaptive chosen-ciphertext attacks under the well-studied DDH assumption. However, in this paper, by giving a concrete attack, we indicate that KHL scheme is actually not secure against adaptive chosen-ciphertexts, even without corruption of any user. We then identify the flaws in the security proof for KHL-scheme, and discuss the consequences of the attack.

Dongyang Xu,Zhi Tang,Yinyan Yu

DOI: https://doi.org/10.1109/ccnc.2011.5766636

2011-01-01

Abstract:Hierarchical cryptographic key management of access control can be modeled as a partially ordered set in which a high security class can derive its descendant encryption keys, but not vice versa. In this paper, we propose a practical key management scheme for our segment-based document which is a novel XML-based document format for web publishing, called CEBX. The proposed scheme is not only efficient on key generation and key derivation, but also secure against collusion attack, reverse attack and key modification attack. Excellent dynamics are also supported in our scheme and updates of nodes or edges are locally affected in the hierarchy. Nodes of the hierarchy can define passwords to protect the segments of CEBX document, supporting more flexible business strategies in a digital rights management system.

J. Li,X. Chen,H. Tian,C. Gao

DOI: https://doi.org/10.1504/ijahuc.2014.065156

2014-01-01

International Journal of Ad Hoc and Ubiquitous Computing

Abstract:Since the notion of attribute-based encryption (ABE) was proposed, it has been found a lot of important applications such as fine-grained access control. However, the issue of key exposure problem in ABE has been solved completely. This problem is formally addressed and formulated in this paper. More specifically, we propose a new key-insulated ABE (KI-ABE) scheme as a solution to the key exposure problem. The definition and security model of KI-ABE is proposed. Then, a KI-ABE scheme is presented, which is provably secure under the proposed model. The scheme is secure in the remaining time periods against an adversary who compromises the insecure device and obtains secret keys for the periods of its choice. Finally, we show that the scheme also supports user delegation, which is critical when one wants to delegate part of attributes (privileges) to others.

Xuening Liu,Hao Yin,Chuang Lin,Yiping Deng

DOI: https://doi.org/10.1109/ispacs.2007.4445968

2007-01-01

Abstract:In secure media communication system, access control is a very important and challenging issue. A common practice is to encrypt the media content using a session key, and only legal clients know the session key to decrypt the data. Since the clients can join/leave the group session frequently, the session key needs to be updated and delivered to the legal clients accordingly in order to provide forward/backward secrecy. Existing key management and distribution schemes either fail in facing a large-scale group accessing or need to build a key distribution overlay which is different from the data transmission path so as to bring additional overhead. In this paper, we propose an efficient media-dependent and time-event-driven key management and distribution scheme, named "EKMD". Our analysis and experimental results show that the proposed scheme is a secure, scalable, reliable and efficient access control solution for Peer-to-Peer (P2P) live streaming system.

DOI: https://doi.org/10.35940/ijrte.c4187.098319

2019-09-30

International Journal of Recent Technology and Engineering

Abstract:The purpose of this paper is to present an outlier detection mechanism for hierarchical key management which utilizes hybrid (public and private) key management scheme for implementing lightweight cryptographic primitives in hierarchical MANETs. Further, a comparative analysis of key management schemes is to be performed for identifying an efficient key management scheme for hierarchical MANETs. In key management methods, public and private group key management schemes are integrated at local level (subgroup) and global level (network). These key management schemes uses various topologies for minimizing communicational and computational costs. After implementing an efficient key management scheme, outliers in network are identified using packet analysis at key generation, key distribution, message transmission and key re-generation phases. It is observed that Teo and Tan key management approach with shamir’s threshold key distribution mechanism is an efficient approach key management scheme for group authentication and hierarchical key management. Further, a minimum improvement of 9.7% and 0.91%, and maximum improvements of 25.3% and 87.7% are observed for Packet Delivery Rate (APDR) and Average Throughput (AT) respectively in a network of 1000 nodes. The proposed method requires four sequential analysis of outlier detection schemes at different layers of MANET protocol stack because single scheme per layer is not efficient in identifying outliers in proposed network. The proposed key management method is useful for MANETs in group authentication and implementation of lightweight cryptographic primitives with secure key. Further, outlier detection mechanism can be extended for identifying various active and passive attacks.

Xingfeng Guo,Xiaodong Liu,Qionghai Dai

DOI: https://doi.org/10.1109/ICME.2006.262752

2006-01-01

Abstract:The recent growth of the World Wide Web has sparked new research into using the Internet for novel types of group communication, like multiparty video-conferencing and real-time streaming. Multicast has the potential to be very useful, but it suffers from many problems like security. To achieve secure multicast communications, key management is one of the most critical problems. So far, a lot of multicast key management schemes have been proposed and most of them are centralized, which have the problem of "one point failure" and that the group controller is the bottleneck of the group. In order to solve these two problems, we propose a Decentralized Key Management Scheme (DKMS), using RSA key system as auxiliary keys. We analyze this scheme and find it has appropriate performance in security and scalability.

Huifang Chen,Hiroshi Mineno,Yoshitsugu Obashi,Tomohiro Kokogawa,Tadanori Mizuno

DOI: https://doi.org/10.1007/978-3-540-72685-2_58

2007-01-01

Abstract:Confidentiality, integrity, and authentication services are critical to preventing an adversary from compromising the security of a Wireless Sensor Network (WSN). An essential component of any key-based security solution is managing the encryption keys to providing this protection. Hence, we propose a novel group key management scheme based on the key-chain tree mechanism for the clustered WSNs in this paper. In this scheme, the functions of key management are decoupled and distributed among multiple network elements of the clustered WSNs for providing compromise/failure resistance. This scheme also supports rekeying to enhance network security and survivability against the node capture. Analysis results show that the scheme does provide a secure encryption of the messages even if the revoked sensor nodes collude with each other or the cluster head is compromised.

B. Murugeshwari,R. Amirthavalli,C. Bharathi Sri,S. Neelavathy Pari

DOI: https://doi.org/10.48550/arXiv.2304.14652

2023-04-28

Cryptography and Security

Abstract:Since communication signals are publicly exposed while they transmit across space, Ad Hoc Networks (MANETs) are where secured communication is most crucial. Unfortunately, these systems are more open to intrusions that range from passive listening to aggressive spying. A Hybrid Team centric Re-Key Control Framework (HT-RCF) suggests that this research examines private group communication in Adhoc environments. Each group selects a Group Manager to oversee the group's members choose the group manager, and the suggested HT-RCF uses the Improved Hybrid Power-Aware Decentralized (I-HPAD) mechanism. The Key Distribution Center (KDC) generates the keys and distributes them to the group managers (GMs) using the base algorithm Rivest Shamir Adleman (RSA). The key agreement technique is investigated for safe user-user communication. Threats that aim to exploit a node are recognized and stopped using regular transmissions. The rekeying procedure is started every time a node enters and exits the network. The research findings demonstrate that the suggested approach outperforms the currently used Cluster-based Group Key Management in terms of power use, privacy level, storage use, and processing time.

Yihao Hu,Chunguang Huang,Hai Cheng

DOI: https://doi.org/10.1016/j.comcom.2024.02.020

IF: 5.047

2024-02-28

Computer Communications

Abstract:Smart healthcare overcomes the limitations of time and space, allowing users to access medical and health services anywhere and anytime, thus improving the quality and efficiency of these services. However, due to its excessive reliance on wireless public networks, smart healthcare faces challenges and issues related to communication security. As a result, authentication and key agreement are critical as the first line of defense for smart healthcare communications. Over the past few years, numerous authentication and key agreement schemes have been proposed by experts and scholars, but most of these schemes are not applicable to practical scenarios due to their lack of security and efficiency. To address these issues, we propose an elliptic curve-based certificateless conditional privacy-preserving authentication and key agreement scheme. This scheme does not require endorsement from a Certificate Authority (CA) and features lightweight and secure properties, making it suitable for resource-limited smart healthcare communication. In addition, the security of the proposed scheme is proven under the random oracle model, and its safety is supplemented using BAN logic. Finally, performance analysis reveals that the proposed scheme not only satisfies security property and can withstand general attacks but also offers certain advantages in communication efficiency.

computer science, information systems,telecommunications,engineering, electrical & electronic

Muhammad Yasir Malik

DOI: https://doi.org/10.48550/arXiv.1211.3502

2012-11-15

Abstract:Key management in multicast dynamic groups, where users can leave or join at their ease is one of the most crucial and essential part of secure communication. Various efficient management strategies have been proposed during last decade that aim to decrease encryption costs and transmission overheads. In this report, two different types of key management schemes are proposed. First proposed scheme is based on One-way function tree (OFT). The proposed scheme fulfills the security gaps that have been pointed out in recent years. Second proposed scheme is based on logical key hierarchy (LKH). This proposed scheme provides better performance for, rather inflexible and expensive, LKH scheme.

Cryptography and Security,Networking and Internet Architecture