GE Li-na,TANG Shao-hua

DOI: https://doi.org/10.3969/j.issn.1002-137X.2009.11.024

2009-01-01

Computer Science

Abstract:Many emerging applications are based upon a group communications model.A new group key management scheme for a secure group communication system based on a geometric approach was proposed.The proposed scheme can be divided into three phases:user registration,group key assignment,and group key computation.In the user registration phase,the group manager computes and gives a secret to the new user based on geometric approaches over a secure channel.In the group key assignment phase,the group manager first constructs a secret circle using the group key.Then it computes a shadow of the group key for each member based on the member's private key.Finally,each member obtains an additional secret point based on his private key.The member reconstructs the secret circle by its shadow and the public information,and then obtains the group key in the group key computation phase.Based on simple scheme of group key management,a binary tree of keys is set up to redesign the scheme and demonstrate it.The computation complexity for rekeying decreases from O(m) to O(log(m)).The public information on the note board keeps the same.No a secure channel is needed when the group key is updated.So this scheme is scalable.

Niu Liu,Shaohua Tang,Lingling Xu,Daojing He

DOI: https://doi.org/10.1002/sec.966

IF: 1.968

2014-01-01

Security and Communication Networks

Abstract:ABSTRACTDesigning group key management schemes is a troubled field. In this paper, we review three schemes recently proposed, including Kayam's scheme for groups with hierarchy, Piao's group key management (KM) scheme, Purushothama's group KM schemes. We point out the problems in each scheme. Kayam's scheme is not secure to collusion attack. Piao's group KM scheme is not secure. The hard problem it bases is not really hard, and the way their scheme uses a hard problem is improper. Purushothama's scheme has an unnecessary design that costs lots of resources and does not give an advantage to the security level and dynamic efficiency of it. We also briefly analyze the underlying reasons why these problems emerge and give suggestions on designing. Copyright © 2014 John Wiley & Sons, Ltd.

Huifang Chen,Hiroshi Mineno,Yoshitsugu Obashi,Tomohiro Kokogawa,Tadanori Mizuno

DOI: https://doi.org/10.1007/978-3-540-72685-2_58

2007-01-01

Abstract:Confidentiality, integrity, and authentication services are critical to preventing an adversary from compromising the security of a Wireless Sensor Network (WSN). An essential component of any key-based security solution is managing the encryption keys to providing this protection. Hence, we propose a novel group key management scheme based on the key-chain tree mechanism for the clustered WSNs in this paper. In this scheme, the functions of key management are decoupled and distributed among multiple network elements of the clustered WSNs for providing compromise/failure resistance. This scheme also supports rekeying to enhance network security and survivability against the node capture. Analysis results show that the scheme does provide a secure encryption of the messages even if the revoked sensor nodes collude with each other or the cluster head is compromised.

Jun Zheng,Zhifu Chen,Jinrong Xue,Fan Wu

DOI: https://doi.org/10.2991/nceece-15.2016.194

2016-01-01

Abstract:In recent years, the rapid development and wide usage of wireless sensor networks, makes it a research hotspot at home and abroad. Wireless sensor network is an open network, the sensor nodes can easily be captured or tampered. Ensuring network security is a prerequisite for communication. So, establishing session key between adjacent nodes is critical in key management scheme for wireless sensor networks. In order to save cost and control node size, nodes in sensor networks typically have characteristics of weak storage capacity, low communication bandwidth and limited computing ability. Therefore, ordinary key management mechanism cannot be applied to the sensor networks directly. In consideration of these features of sensor nodes, a CPK-based key management scheme for wireless sensor networks is proposed in this paper based on the complexity of solving elliptic curve discrete logarithm problem. Analysis shows that our scheme performs better than some existing scheme in security, storage efficiency, calculation cost and other aspects, so it can be applied to large-scale wireless sensor networks.

Rongxing Lu,Xiaodong Lin,Haojin Zhu,Pin-Han Ho,Xuemin (Sherman) Shen,Zhenfu Cao

DOI: https://doi.org/10.1109/wcnc.2008.566

2008-01-01

Abstract:To achieve secure group communications, it is critical to develop a secure group key management strategy to guarantee security of the group keys. In this paper, based on the forward security and secret sharing techniques, we propose a new dynamic group key management scheme to minimize the rekeying cost. The forward security technique reduces the rekeying operations in joining event, while the secret sharing technique ensures the scalability in leaving event. In addition, the proposed scheme can provide anonymous authentication as well as forward and backward confidentiality. Theoretical analysis also confirms the efficiency of the proposed scheme.

Yajie Yun,Fuyou Miao,Zonghao Xu

DOI: https://doi.org/10.1145/3644523.3644633

2024-01-01

Abstract:With the emergence of diversifie services that cater to groups, efficient and secure distribution schemes for group keys are playing an increasingly important role in group communication technology. Among them, the schemes based on the Chinese Remainder Theorem (CRT) provide a more lightweight solution in terms of structure and efficiency. The existing group key management schemes, however, are not based on known hard problems and lack provable security analysis to demonstrate their security, causing potential security vulnerability. In this paper, we propose a novel provably secure master-key-encryption-based group key management (MKE-GKM) scheme based on Discrete Logarithm Problems. The MKE-GKM scheme utilizes asymmetric keys, a master encryption key, and a corresponding set of decryption keys, which are bound together by the master encryption key generation algorithm and used for the efficient distribution of the group key. Furthermore, in addition to the construction of the scheme, we also provided its provable security analysis, based on the discrete logarithm problem (DLP). The analysis indicates that the MKE-GKM scheme is provably secure and has higher communication efficiency when compared with the existing schemes with equivalent security.

Wei-dong Qiu,Yao-wei Zhou,Bo Zhu,Yan-fei Zheng,Zheng Gong

DOI: https://doi.org/10.1007/s11771-013-1612-x

2013-01-01

Journal of Central South University

Abstract:The key exposure problem is a practical threat for many security applications. In wireless sensor networks （WSNs）, keys could be compromised easily due to its limited hardware protections. A secure group key management scheme is responsible for secure distributing group keys among valid nodes of the group. Based on the key-insulated encryption （KIE）, we propose a group key management scheme （KIE-GKMS）, which integrates the pair-wise key pre-distribution for WSN. The KIE-GKMS scheme updates group keys dynamically when adding or removing nodes. Moreover, the security analysis proves that the KIE-GKMS scheme not only obtains the semantic security, but also provides the forward and backward security. Finally, the theoretical analysis shows that the KIE-GKMS scheme has constant performance on both communication and storage costs in sensor nodes.

Guojun Wang,Jie Ouyang,Hsiao-Hwa Chen,Minyi Guo

DOI: https://doi.org/10.1016/j.comcom.2007.04.019

IF: 5.047

2007-01-01

Computer Communications

Abstract:Multi-privileged group communications containing multiple data streams have been studied in the traditional wired network environment and the Internet. With the rapid development of mobile and wireless networks and in particular mobile ad-hoc networks (MANETs), the traditional Internet has been integrated with mobile and wireless networks to form the mobile Internet. The multi-privileged group communications can be applied to the mobile Internet. Group users can subscribe to different data streams according to their interest and have multiple access privileges with the support of multi-privileged group communications. Security is relatively easy to be guaranteed in traditional groups where all group members have the same privilege. On the other hand, security has been a challenging issue and is very difficult to handle in multi-privileged groups. In this paper, we first introduce some existing rekeying schemes for secure multi-privileged group communications and analyze their advantages and disadvantages. Then, we propose an efficient group key management scheme called ID-based Hierarchical Key Graph Scheme (IDHKGS) for secure multi-privileged group communications. The proposed scheme employs a key graph, on which each node is assigned a unique ID according to access relations between nodes. When a user joins/leaves the group or changes its access privileges, other users in the group can deduce the new keys using one-way function by themselves according to the ID of joining/leaving/changing node on the graph, and thus the proposed scheme can greatly reduce the rekeying overhead.

Zhijie Jerry Shi,Bing Wang,Fan Zhang

DOI: https://doi.org/10.1142/9789812837318_0016

2010-01-01

Abstract:Because of limited resources at sensor nodes, sensor networks typically adopt symmetric-key algorithms to provide security functions such as protecting communications between nodes. In order to use symmetric-key algorithms, two nodes need to establish a secret session key first. In this chapter, we describe a novel chord-based key establishment (CBKE) protocol that allows any pair of nodes in a sensor network to establish a secret session key. CBKE is a generalized deterministic key establishment scheme that provides great flexibility for balancing memory overhead, reliability, and communication cost. We also analyze the properties of CBKE and explore the performance trade-os using simulation.

Zhe Xia,Yu Yang,Fuyou Miao

DOI: https://doi.org/10.1049/ise2.12085

2022-01-01

IET Information Security

Abstract:To ensure private message exchange among the group members, it is desirable to construct secure and efficient group key management schemes. Moreover, these schemes are more versatile if they could support dynamic join or leave of group members. In IET Information Security 2014, Vijayakumar et al. have introduced such a group key management scheme with lightweight overheads in both computation and communication. And this scheme has been used as a building block in many cryptographic protocols afterwards. In this paper, the authors demonstrate that Vijayakumar's scheme suffers some potential security weaknesses. First, after participating in the group communications for some sessions, a group member may still be able to obtain the group key after it leaves the group, and this violates the claimed security property of forward secrecy. Second, some colluding group members may derive another group member's long term secret key, and obviously, this has more serious consequences. One of the main reasons for the existence of these attacks is that the security analyses in Vijayakumar's scheme are informal and they cannot cover the dynamic environment. To address this issue, the authors' suggestion is that heuristic arguments of security are not adequate in the design of cryptographic protocols, but formal security definitions and proofs are required.

YJ Wang,JH Li,L Tie,Q Li

DOI: https://doi.org/10.1109/dnsr.2004.1344721

2004-01-01

Abstract:Key management for large dynamic groups is a difficult problem because of scalability and security. The SKDC (simple key distribution center) method is very weak in scalability. The logical key hierarchy (LKH) algorithm proposed in 1997 has greatly improved scalability for key management in large dynamic groups. In 1998, the one-way-function tree (OFT) method appeared to obtain more efficiency than LKH. But the OFT method has security breaches in collusion attacks. We present a new method which is more efficient than OFT and resistant to collusion attacks.

XIONG Wan-an,XU Chun-xiang

2011-01-01

Abstract:Secure group key management is a critical issue in secure group communication of ad hoc network.The existing group key management protocols are commentated and a novel efficient group key management protocol is presented in this paper by adopting ellipse curve cryptogram(ECC) scheme.The feasibility and security of our protocol are discussed.Based on the property that external nodes may join a group and internal members may leave the group at any time in ad hoc network,we present an efficient group key renew scheme with the forward and backward secrecy of group key.Compared with the existing group key management protocols,our scheme offers the fairness of group key generation among group members.In addition,as each participant only needs two rounds to generate the group key,the scheme also enjoys low computation complexity and low memory cost.Therefore,it is very suitable for being applied in ad hoc network.

Jie Liu,Xiaojun Tong,Zhu Wang,Miao Zhang,Jing Ma

DOI: https://doi.org/10.1109/access.2020.2976753

IF: 3.9

2020-01-01

IEEE Access

Abstract:Constrained by the limited resource, high-latency and high bit error rate, the existing group key management schemes for the space network are inefficient. To solve this problem, we proposed a centralized and identity-based key management scheme by using McEliece public-key cryptosystem (PKC). In this scheme, the node identity is used as the parameter to generate the public key. Therefore, the authentication can be embedded into the verification of the public key without needing the PKI. The group key is distributed with the protection of the public key so that the group key management scheme can be implemented safely. Furthermore, the McEliece public-key cryptosystem can resist the quantum attack and provide error correction capacity. It improves the efficiency of the group key distribution over the noisy channel. The proposed key management scheme is simulated on OPNET. The security of public-key generation, forward secrecy, backward secrecy and performance are analyzed. The results show that our scheme can provide confidentiality, integrity, authentication, non-repudiation, failure tolerance and error correction. In addition, the computation overhead and rounds of interaction are lower than former work.

Zhang Yong,Zhang Yi,Wang Weinong

DOI: https://doi.org/10.3969/j.issn.1000-386X.2007.09.070

2007-01-01

Abstract:Current group key management schemes don't consider the receiver access control of multicast group.The receiver access control can optimize the rekeying rules of group key and enhance the performance of group key management scheme.The rekeying rules of group key under receiver access control are presented.Based on reveiver access control of Gothic and LKH group management scheme,a new group key management scheme,combined with receiver access control is given.

ZHANG Qiu-yu,WANG Rui-fang,YU Dong-mei,ZHANG Qi-kun

2007-01-01

Journal of Computer Applications

Abstract:An ID based key management scheme based on the bilinear property of Weil pairing defend on elliptic curve was proposed.The scheme used Key Generation Center(KGC) and Key Gene Combination Center(KGCC) to accomplish key management and generation.To avoid security problems caused by single independent key management,KGCC used seeded public key and private key mapping technology to mitigate the load of storage and improve the security of system.The analysis shows that this scheme is more efficient,lightweight,secure and stronger in anti-attack than traditional scheme.

Liu Zhiyuan,Fu Yalong

DOI: https://doi.org/10.3969/j.issn.1000-386x.2013.09.249

2013-01-01

Abstract:For the distributed collaborative applications deployed in an open network environment,in some circumstances the users participating in the application may join or leave a group consisting of multi-user at any time,such dynamic nature of membership leads to higher requirements and challenges in security of group communication system for collaborative applications in distributed network environment. Based on identity cryptography mechanism and threshold cryptography,a new secure distributed group key management scheme is proposed. The presented scheme can strongly resist active attacks and the coalition attacks from malicious adversaries,and with the features of robustness and adaptiveness.

Xiaozhuo Gu,Youjian Zhao,Jianzu Yang

DOI: https://doi.org/10.1109/jcn.2012.6292248

2012-01-01

Journal of Communications and Networks

Abstract:With the requirement for providing multiple levels of access control for group members, many group key management schemes designed for hierarchical access control have been put forward. However, most of these schemes focus on the efficiency of group key establishment and rekeying in centralized environments. This paper proposes an integrated group key agreement (IGK) scheme for contributory environments. The IGK scheme employs the integrated key graph to remove key redundancies existing in single key trees, and reduces key establishment and rekeying time while providing hierarchical access control. Performance analyses and simulations conducted with respect to computation and communication overheads indicate that our proposed IGK scheme is more efficient than the independent group key agreement scheme.

Renuka A.,K. C. Shet

DOI: https://doi.org/10.48550/arXiv.0910.0227

2009-10-01

Cryptography and Security

Abstract:Mobile Ad-hoc Network (MANET) is a collection of autonomous nodes or terminals which communicate with each other by forming a multi-hop radio network and maintaining connectivity in a decentralized manner. The conventional security solutions to provide key management through accessing trusted authorities or centralized servers are infeasible for this new environment since mobile ad hoc networks are characterized by the absence of any infrastructure, frequent mobility, and wireless links. We propose a hierarchical group key management scheme that is hierarchical and fully distributed with no central authority and uses a simple rekeying procedure which is suitable for large and high mobility mobile ad hoc networks. The rekeying procedure requires only one round in our scheme and Chinese Remainder Theorem Diffie Hellman Group Diffie Hellmann and Burmester and Desmedt it is a constant 3 whereas in other schemes such as Distributed Logical Key Hierarchy and Distributed One Way Function Trees, it depends on the number of members. We reduce the energy consumption during communication of the keying materials by reducing the number of bits in the rekeying message. We show through analysis and simulations that our scheme has less computation, communication and energy consumption compared to the existing schemes.

Hung-Min Sun,Chien-Ming Chen,Feng-Ying Chu

DOI: https://doi.org/10.1109/iscc.2007.4381607

2007-01-01

Abstract:To support secure group communications in resource-constrained wireless sensor networks, we propose an efficient and scalable key management protocol which only uses symmetric cryptographic algorithms and low cost operations. Our protocol can achieve current, forward and backward secrecy. Furthermore, for scalability, the communication and computation cost for master key renewing can be confined to the affected cluster. Our protocol provides better efficiency and is more suitable than the previous master key management protocols for wireless sensor networks.

Fang Wangsheng,Zhang Tao,Chen Kang

DOI: https://doi.org/10.1109/ICCSE.2009.5228436

2009-01-01

Abstract:This paper proposes a new key management scheme for wireless sensor networks to reduce the memory and communication overhead, and improve the security capacity. Comparing with the typical key pre-distribution schemes, a new method of establishing keys is adopted, and is analyzed deeply in three important performance indexes. The theory of liner combination is applied to generate the keys using the random vectors in vector group. In order to validate such positive effects of the proposed scheme, simulations are performed on the software of Matlab7.1. The results of simulations demonstrate that the proposed scheme has better performances to improve the resilience to node capture of the networks and reduces the memory and communication overhead than that of key pre-distribution schemes.