Lin Yao,Xiangwei Kong,Guowei Wu,Chi Lin,Qingna Fan

DOI: https://doi.org/10.1504/ijahuc.2011.041613

2011-01-01

International Journal of Ad Hoc and Ubiquitous Computing

Abstract:A Tree-based Multicast group Key Management (TMKM) protocol for ubiquitous computing is proposed to generate, distribute, and update the group key. The whole group is divided into the server layer and the user layer, and the user layer is further divided into subgroups. Every subgroup is initialised as a balanced binary tree. We employ hierarchical group key management method for the whole topology and centralised group key management method for subgroup, so TMKM takes advantage of centralised and distributed key group management. Compared with some other group key management protocols, TMKM shows higher superiority on security, scalability and computation complexity.

戴琼海,覃毅力,张莹

DOI: https://doi.org/10.3321/j.issn:0372-2112.2002.z1.026

2002-01-01

Abstract:IP multicast is an efficient multi-agent transport protocol. With the development of network, multicast will be more and more important. Applications of multicast will be used in many areas. As a fresh new thriving academic field, the main research is focused on multicast routing, the flow control, the congestion control and reliable multicast. But there are few results referred to multicast security especially to group key management. In this paper.it will submit a scheme of group key management for large dynamic multicast system. This scheme adopts hierarchical architecture,includes a control-center (main key management center: KMC) which is composed of a cluster of computers, and some sub key management center (SKMC) which manages its sub-domain. The scheme can efficiently handle the joining and leaving of group members and avoid one-point failure. It also enhances the robustness of the manage system.

Ruixue Sun,Zhiguo Shi,Rongxing Lu,Jian Qiao,Xuemin (Sherman) Shen

DOI: https://doi.org/10.1109/WCSP.2012.6542795

2012-01-01

Abstract:The 60 GHz ultra-high-speed Wireless Personal Area Network (WPAN) has received considerable attention in recent years. Information security, which ensures secure communication within the network, is of particular importance. In this paper, we propose an efficient lightweight key management scheme for 60 GHz WPAN, which deploys secure encryption algorithms and one-way hash function to achieve efficient key exchange and updating managements. Detailed security analysis has shown its security provisions. In addition, performance evaluation is also provided to demonstrate its efficiency in terms of session key distribution and group key updating.

Xingfeng Guo,Xiaodong Liu,Qionghai Dai

DOI: https://doi.org/10.1109/ICME.2006.262752

2006-01-01

Abstract:The recent growth of the World Wide Web has sparked new research into using the Internet for novel types of group communication, like multiparty video-conferencing and real-time streaming. Multicast has the potential to be very useful, but it suffers from many problems like security. To achieve secure multicast communications, key management is one of the most critical problems. So far, a lot of multicast key management schemes have been proposed and most of them are centralized, which have the problem of "one point failure" and that the group controller is the bottleneck of the group. In order to solve these two problems, we propose a Decentralized Key Management Scheme (DKMS), using RSA key system as auxiliary keys. We analyze this scheme and find it has appropriate performance in security and scalability.

Qiuhua Wang,Huifang Chen,Lei Xie,Kuang Wang

DOI: https://doi.org/10.1002/sec.429

IF: 1.968

2012-01-01

Security and Communication Networks

Abstract:The self-healing group key distribution scheme with revocation can deal with the problem of distributing session keys for secure group communication over an unreliable wireless network, with the capability to resist packet loss and collusion attack. However, existing access-polynomial-based self-healing key management schemes have some problems, such as the small number of active group members, much redundancy in the key updating broadcast packet, and limited collusion attack resistance capability. In order to increase the number of active group members and improve the performance of self-healing group key distribution schemes, we propose a self-healing group key distribution scheme based on the access polynomial and one-way hash key chain for resource-constrained wireless networks in this paper. In our proposed scheme, by binding the time at which the user joins the group with the capability of recovering previous group session keys, some novel methods to construct the personal secret, the access polynomial, and the session key updating broadcast packet are presented. Compared with existing schemes under same conditions, analysis and simulation results show that our proposed scheme not only supports much more group members and sessions, but also provides a stronger security, considering that it can deal with more colluding users. Moreover, our proposed scheme is especially suitable to resource-constrained wireless networks in a very bad environment. Copyright © 2012 John Wiley & Sons, Ltd.

徐明伟,董晓虎,徐恪

2004-01-01

Ruan Jian Xue Bao/Journal of Software

Abstract:The absence of security mechanism has limited the use of multicast. Key management for multicast is used for group members in one multicast session to generate, refresh and transfer keys which are used for encryption and authentication. In addition to the maintenance of keys, issues about scalability, reliability and robustness should be carefully considered. In this paper, the existing problems in key management for multicast are analyzed, and some typical schemes are reviewed.

LI Huijie,HOU Liming,LIN Xiaokang

DOI: https://doi.org/10.3321/j.issn:1000-0054.2008.01.020

2008-01-01

Abstract:IEEE 802.16e supports multicast and broadcast services,with a multicast and broadcast rekeying algorithm(MBRA) defined to maintain and manage the multicast keys.In order to provide forward and backward secrecy for secure multicast services and to improve the scalability of the multicast key management algorithm,the MBRA is modified and optimized based on the group key management protocol(GKMP),and an adaptive wireless multicast key grouping management algorithm is proposed.For real networks,the algorithm combines two grouping schemes and divides the multicast members into subgroups with an approximately optimized mechanism.Theoretical analyses and simulation results show that the algorithm significantly reduces key updating communication costs in the multicast service and improves the network capacity.

Rong FAN,Xuezeng PAN,Jianqing FU,Lingdi PING

DOI: https://doi.org/10.3969/j.issn.1004-1699.2011.04.025

2011-01-01

Abstract:By applying multicast technology, the energy consumption can be significantly reduced, and the life time of nodes can be extended in query-based wireless sensor networks. The multicast protocol for large-scale wireless sensor networks from existing literature is usually low performance and low safety. For this reason, a steiner-based hierarchical secure multicast protocol for wireless sensor network is proposed. The main idea of proposed protocol is based on steiner tree and cluster topology. Multicast efficiency can be improved since high-efficiency of steiner tree and high-scalability of clustering are combined. Besides,the energy consumption of nodes can be balanced, and the life time of network can be extended. Furthermore, the protocol adopts secure communication mechanism to prevent from varies network attacks and ensure the data security, integrity and verifiability. Based on the analysis and simulation results, it is shown that the proposed protocol is suitable for large-scale wireless sensor networks.

Sandro Rafaeli,David Hutchison

DOI: https://doi.org/10.1145/937503.937506

IF: 16.6

2003-09-01

ACM Computing Surveys

Abstract:Group communication can benefit from IP multicast to achieve scalable exchange of messages. However, there is a challenge of effectively controlling access to the transmitted data. IP multicast by itself does not provide any mechanisms for preventing nongroup members to have access to the group communication. Although encryption can be used to protect messages exchanged among group members, distributing the cryptographic keys becomes an issue. Researchers have proposed several different approaches to group key management. These approaches can be divided into three main classes: centralized group key management protocols, decentralized architectures and distributed key management protocols. The three classes are described here and an insight given to their features and goals. The area of group key management is then surveyed and proposed solutions are classified according to those characteristics.

computer science, theory & methods

Joe Prathap P M.,V. Vasudevan

DOI: https://doi.org/10.48550/arXiv.0906.3956

2009-06-22

Cryptography and Security

Abstract:With the evolution of the Internet, multicast communications seem particularly well adapted for large scale commercial distribution applications, for example, the pay TV channels and secure videoconferencing. Key management for multicast remains an open topic in secure Communications today. Key management mainly has to do with the distribution and update of keying material during the group life. Several key tree based approach has been proposed by various authors to create and distribute the multicast group key in effective manner. There are different key management algorithms that facilitate efficient distribution and rekeying of the group key. These protocols normally add communication overhead as well as computation overhead at the group key controller and at the group members. This paper explores the various algorithms along with the performances and derives an improved method.

赵欣,吴敏强,陈道蓄,谢立

DOI: https://doi.org/10.3321/j.issn:0372-2112.2003.05.004

2003-01-01

Tien Tzu Hsueh Pao/Acta Electronica Sinica

Abstract:To make the multieast session secure, the multicast group needs to change the session key when the group member set changes. Batch re-keying mechanism, in which group leader latches up join/leave requests and serves them together after a period of time, is introduced to reduce the overhead of group re-keying. Fixed period cannot adapt to the dynamic nature of multicast session and may not be optimal all the time. An adaptive batch re-keying algorithm was presented, and it can adaptively determine the most appropriate time according to current request arrival pattern. Applications can change the parameters of the adaptive batching algorithm to meet their performance preference. Simulation results show that the adaptive algorithm achieves optimal performance point in various multicast scenarios.

张斌,邬江兴

DOI: https://doi.org/10.3969/j.issn.1002-137X.2001.07.009

2001-01-01

Computer Science

Abstract:In RFC1949,A. Ballardie proposed a method of scalable multicast key distribution based on the Core Based Tree multicast protocol fitting for wide-area IP multicasting. This paper analyses the method deeply,points out that the model can't resist the key compromise of a single member effectively,and proposes two kinds of improvement. One is the distributed generating and distributing group data encryption key,the other one is partitioning the group into subgroups. These improvements can increase the security and lifetime of the group key,and decrease the loss of compromise of a single group key encryption key.

Muhammad Yasir Malik

DOI: https://doi.org/10.48550/arXiv.1211.3502

2012-11-15

Abstract:Key management in multicast dynamic groups, where users can leave or join at their ease is one of the most crucial and essential part of secure communication. Various efficient management strategies have been proposed during last decade that aim to decrease encryption costs and transmission overheads. In this report, two different types of key management schemes are proposed. First proposed scheme is based on One-way function tree (OFT). The proposed scheme fulfills the security gaps that have been pointed out in recent years. Second proposed scheme is based on logical key hierarchy (LKH). This proposed scheme provides better performance for, rather inflexible and expensive, LKH scheme.

Cryptography and Security,Networking and Internet Architecture

Hao Yin,Xiaowen Chu,Chuang Lin,Feng Qiu,Geyong Min

DOI: https://doi.org/10.1007/11582267_22

2005-01-01

Abstract:In secure video multicast systems, access control is a very important and challenging issue. A common practice is to encrypt the video content using a group key, shared only by legitimate clients. Since the clients can join and leave the multicast session frequently, the group key needs to be updated and delivered to the legitimate clients accordingly in order to provide forward/backward secrecy. Therefore, key management and distribution plays a crucial role in building a secure and scalable video multicast system. Conventional approaches usually use a dedicated secure channel independent of the video data channel, which is expensive and inefficient. In this paper, we propose a novel and scalable Media-dependent Key Management and Distribution (MKMD) solution that embeds key management messages in video data so as to save network bandwidth and enhance the security level, and most importantly, without sacrificing the quality of video content too much. We have built a prototype system of MKMD, and our extensive experimental results show that MKMD is a secure, scalable, reliable and efficient key management and distribution solution for video multicast system.

Lin Yao,Bing Liu,Feng Xia,Guowei Wu,Qiang Lin

DOI: https://doi.org/10.48550/arXiv.1205.1465

2011-12-30

Cryptography and Security

Abstract:Multicast in Wireless Sensor Networks (WSNs) is an attractive mechanism for delivering data to multiple receivers as it saves bandwidth. To guarantee the security of multicast, the group key is used to encrypt and decrypt the packages. However, providing key management services in WSNs is complicated because sensor nodes possess limited resources of computing, storage and communication. To address the balance between security and limited resources, a multicast group key management protocol based on the weight-balanced 2-3 tree is proposed to generate, distribute, and update the group key securely and efficiently. The decentralized group key management method is employed. A weight-balanced 2-3 key tree is formed in every subgroup. Instead of using the conventional symmetric and non-symmetric encryption algorithms, the Maximum Distance Separable (MDS) code technique is used to distribute the multicast key dynamically. During the key updating, a series of adjustment rules are summarized to keep the tree weight-balanced, where pseudo-nodes as leaves are added to reduce the computation and communication complexity. Compared with some other group key management protocols, our scheme shows higher superiority on security and performance.

张斌邬,邬江兴

DOI: https://doi.org/10.3969/j.issn.1002-137X.2001.09.012

2001-01-01

Computer Science

Abstract:Security management of group key is becoming a key problem of multicast security. This paper summarizes five kinds of policy of rekeying group key and some of evaluating criteria of rekeying method, then discusses rekeying group key problem based on some current group key management method. Finally,a method to resist preventing rekeying message from transmitting is proposed.

CUI Wu-cheng,XU Ke,WU Jian-ping

DOI: https://doi.org/10.3969/j.issn.1000-1220.2006.07.013

2006-01-01

Abstract:Multicast implements the communication between many nodes efficiently and more and more multicast applications are deployed in networks.Security is one of the problems that block the progress of multicast application.In previous multicast security solutions,the multicast security management is implemented by the multicast initiator.This paper proposes SMSA(Secure Multicast Service Architecture),which performs the group security management instead of the multicast initiator.SMSA supports many secure multicast groups simultaneously.We describe the details of SMSA and present the experiment results compared with the existing solutions.It is shown that SMSA improves the efficiency of multicast group security management and has a good scalability.

Gang Yao,Kui Ren,Feng Bao,Robert H. Deng,Dengguo Feng

DOI: https://doi.org/10.1007/978-3-540-45203-4_27

2003-01-01

Abstract:Mobile ad hoc networks offer convenient infrastructureless communications over the shared wireless channel. However, the nature of mobile ad hoc networks makes them vulnerable to security attacks, such as passive eavesdropping over the wireless channel and denial of service attacks by malicious nodes. To ensure the security, several cryptography protocols are implemented. Due to the resource scarcity in mobile ad hoc networks, the protocols must be communication efficient and need as less computational power as possible. Broadcast communication is an important operation for many application in mobile ad hoc networks. To securely broadcast a message, all the members in the network need share a group key so that they can use efficient symmetric encryption, such as DES and AES. Several group key management protocols have been proposed. However, not all of them are communication efficient when applied to mobile ad hoc networks. In this paper, we propose a hierarchical key agreement protocol that is communication efficient to mobile ad hoc networks. We also show how to manage the group efficiently in a mobile environment.

曹雯雯,陈相宁

DOI: https://doi.org/10.16208/j.issn1000-7024.2009.16.009

2009-01-01

Abstract:Most of the applications in MANET are based on group communication,and information sharing between groups also plays an important part.Security must be paid more attention because of the unreliability of MANET,so a secure scheme is proposed.This scheme which is proxy-based could ensure the security of information sharing between groups in MANET.LKH is adopted to implement key management in each group,and members from the other groups achieve secure communication with the group through mutual authe-ntication and key agreement.The analysis proves that the scheme is not only consumes less storage,computation and communication resource but also secure.

M. Waldvogel,G. Caronni,Dan Sun,N. Weiler,B. Plattner

DOI: https://doi.org/10.1109/49.790485

IF: 16.4

1999-01-01

IEEE Journal on Selected Areas in Communications

Abstract:Middleware supporting secure applications in a distributed environment faces several challenges. Scalable security in the context of multicasting or broadcasting is especially hard when privacy and authenticity is to be assured to highly dynamic groups where the application allows participants to join and leave at any time. Unicast security is well-known and has widely advanced into production state. But proposals for multicast security solutions that have been published so far are complex, often require trust in network components, or are inefficient. In this paper, we propose a framework of new approaches for achieving scalable security in IP multicasting. Our solutions assure that newly joining members are not able to understand past group traffic and that leaving members may not follow future communication. For versatility, our framework supports a range of closely related schemes for key management, ranging from tightly centralized to fully distributed, and even allows switching between these schemes on-the-fly with low overhead. Operations have low complexity [O(log N) for joins or leaves], thus granting scalability even for very large groups. We also present a novel concurrency-enabling scheme, which was devised for fully distributed key management. In this paper, we discuss the requirements for secure multicasting, present our flexible system, and evaluate its properties based on the existing prototype implementation.

telecommunications,engineering, electrical & electronic