Abstract With the evolution of the Internet, multicast communications seem particularly well adapted for large scale

Similar documents
AN EFFICIENT GROUP KEY MANAGEMENT USING CODE FOR KEY CALCULATION FOR SIMULTANEOUS JOIN/LEAVE: CKCS

Improvement of the Orthogonal Code Convolution Capabilities Using FPGA Implementation

Adaptive Resource Allocation for Electric Environmental Pollution through the Control Network

3D Model Retrieval Method Based on Sample Prediction

performance to the performance they can experience when they use the services from a xed location.

6.854J / J Advanced Algorithms Fall 2008

CIS 121 Data Structures and Algorithms with Java Spring Stacks, Queues, and Heaps Monday, February 18 / Tuesday, February 19

Prevention of Black Hole Attack in Mobile Ad-hoc Networks using MN-ID Broadcasting

Security of Bluetooth: An overview of Bluetooth Security

Algorithms for Disk Covering Problems with the Most Points

Σ P(i) ( depth T (K i ) + 1),

Ones Assignment Method for Solving Traveling Salesman Problem

CSC 220: Computer Organization Unit 11 Basic Computer Organization and Design

The Magma Database file formats

An Improved Shuffled Frog-Leaping Algorithm for Knapsack Problem

Quality of Service. Spring 2018 CS 438 Staff - University of Illinois 1

Elementary Educational Computer

Copyright 2016 Ramez Elmasri and Shamkant B. Navathe

A SOFTWARE MODEL FOR THE MULTILAYER PERCEPTRON

Heaps. Presentation for use with the textbook Algorithm Design and Applications, by M. T. Goodrich and R. Tamassia, Wiley, 2015

Improving Information Retrieval System Security via an Optimal Maximal Coding Scheme

Copyright 2016 Ramez Elmasri and Shamkant B. Navathe

Interference Aware Channel Assignment Scheme in Multichannel Wireless Mesh Networks

Chapter 1. Introduction to Computers and C++ Programming. Copyright 2015 Pearson Education, Ltd.. All rights reserved.

Task scenarios Outline. Scenarios in Knowledge Extraction. Proposed Framework for Scenario to Design Diagram Transformation

Lecture Notes 6 Introduction to algorithm analysis CSS 501 Data Structures and Object-Oriented Programming

Image Segmentation EEE 508

Chapter 10. Defining Classes. Copyright 2015 Pearson Education, Ltd.. All rights reserved.

Basic allocator mechanisms The course that gives CMU its Zip! Memory Management II: Dynamic Storage Allocation Mar 6, 2000.

A New Morphological 3D Shape Decomposition: Grayscale Interframe Interpolation Method

Optimization for framework design of new product introduction management system Ma Ying, Wu Hongcui

Analysis Metrics. Intro to Algorithm Analysis. Slides. 12. Alg Analysis. 12. Alg Analysis

FREQUENCY ESTIMATION OF INTERNET PACKET STREAMS WITH LIMITED SPACE: UPPER AND LOWER BOUNDS

Pruning and Summarizing the Discovered Time Series Association Rules from Mechanical Sensor Data Qing YANG1,a,*, Shao-Yu WANG1,b, Ting-Ting ZHANG2,c

Combination Labelings Of Graphs

Load balanced Parallel Prime Number Generator with Sieve of Eratosthenes on Cluster Computers *

A Key Distribution method for Reducing Storage and Supporting High Level Security in the Large-scale WSN

Administrative UNSUPERVISED LEARNING. Unsupervised learning. Supervised learning 11/25/13. Final project. No office hours today

Politecnico di Milano Advanced Network Technologies Laboratory. Internet of Things. Projects

. Written in factored form it is easy to see that the roots are 2, 2, i,

BASED ON ITERATIVE ERROR-CORRECTION

1. SWITCHING FUNDAMENTALS

The Counterchanged Crossed Cube Interconnection Network and Its Topology Properties

An Algorithm to Solve Fuzzy Trapezoidal Transshipment Problem

Evaluation scheme for Tracking in AMI

HADOOP: A NEW APPROACH FOR DOCUMENT CLUSTERING

Data diverse software fault tolerance techniques

Session Initiated Protocol (SIP) and Message-based Load Balancing (MBLB)

Lecture 28: Data Link Layer

condition w i B i S maximum u i

Python Programming: An Introduction to Computer Science

Parallel Polygon Approximation Algorithm Targeted at Reconfigurable Multi-Ring Hardware

Probability of collisions in Soft Input Decryption

Chapter 3 Classification of FFT Processor Algorithms

INTERSECTION CORDIAL LABELING OF GRAPHS

One advantage that SONAR has over any other music-sequencing product I ve worked

Message Integrity and Hash Functions. TELE3119: Week4

Evaluation of Distributed and Replicated HLR for Location Management in PCS Network

1 Enterprise Modeler

Solving Fuzzy Assignment Problem Using Fourier Elimination Method

Markov Chain Model of HomePlug CSMA MAC for Determining Optimal Fixed Contention Window Size

Introduction to OSPF. ISP Training Workshops

Private Key Cryptography. TELE3119: Week2

Keywords Software Architecture, Object-oriented metrics, Reliability, Reusability, Coupling evaluator, Cohesion, efficiency

n Explore virtualization concepts n Become familiar with cloud concepts

IMP: Superposer Integrated Morphometrics Package Superposition Tool

CIS 121 Data Structures and Algorithms with Java Spring Stacks and Queues Monday, February 12 / Tuesday, February 13

Computers and Scientific Thinking

1 Graph Sparsfication

Outline. Research Definition. Motivation. Foundation of Reverse Engineering. Dynamic Analysis and Design Pattern Detection in Java Programs

The isoperimetric problem on the hypercube

DATA STRUCTURES. amortized analysis binomial heaps Fibonacci heaps union-find. Data structures. Appetizer. Appetizer

A Parallel DFA Minimization Algorithm

Secure Software Upload in an Intelligent Vehicle via Wireless Communication Links

A QoS Provisioning mechanism of Real-time Wireless USB Transfers for Smart HDTV Multimedia Services

9.1. Sequences and Series. Sequences. What you should learn. Why you should learn it. Definition of Sequence

Lecture 5. Counting Sort / Radix Sort

On Nonblocking Folded-Clos Networks in Computer Communication Environments

SECURED OPTIMAL ROUTING BASED ON TRUST AND ENERGY MODEL IN WIRELESS SENSOR NETWORKS. Tamil Nadu, INDIA

On (K t e)-saturated Graphs

Protected points in ordered trees

Morgan Kaufmann Publishers 26 February, COMPUTER ORGANIZATION AND DESIGN The Hardware/Software Interface. Chapter 5

Pattern Recognition Systems Lab 1 Least Mean Squares

Adaptive Graph Partitioning Wireless Protocol S. L. Ng 1, P. M. Geethakumari 1, S. Zhou 2, and W. J. Dewar 1 1

EFFICIENT MULTIPLE SEARCH TREE STRUCTURE

Table 2 GSM, UMTS and LTE Coverage Levels

Lower Bounds for Sorting

ISSN (Print) Research Article. *Corresponding author Nengfa Hu

Reversible Realization of Quaternary Decoder, Multiplexer, and Demultiplexer Circuits

Redundancy Allocation for Series Parallel Systems with Multiple Constraints and Sensitivity Analysis

Priority Queues. Binary Heaps

Cubic Polynomial Curves with a Shape Parameter

Analysis of Server Resource Consumption of Meteorological Satellite Application System Based on Contour Curve

Throughput-Delay Scaling in Wireless Networks with Constant-Size Packets

Mobile terminal 3D image reconstruction program development based on Android Lin Qinhua

CS 683: Advanced Design and Analysis of Algorithms

A Note on Least-norm Solution of Global WireWarping

Sorting 9/15/2009. Sorting Problem. Insertion Sort: Soundness. Insertion Sort. Insertion Sort: Running Time. Insertion Sort: Soundness

Hashing Functions Performance in Packet Classification

Journal of Chemical and Pharmaceutical Research, 2013, 5(12): Research Article

Transcription:

(IJCSIS) Iteratioal Joural of Computer Sciece ad Iformatio Security, Aalysis of the various key maagemet algorithms ad ew proposal i the secure multicast commuicatios Joe Prathap P M. Departmet of Iformatio Techology, Arulmigu Kalasaligam College of Egieerig, Krishakoil. Madurai, Tamiladu, Idia. joeprathappm@rediffmail.com Abstract With the evolutio of the Iteret, multicast commuicatios seem particularly well adapted for large scale commercial distributio applicatios, for example, the pay TV chaels ad secure videocoferecig. Key maagemet for multicast remais a ope topic i secure Commuicatios today. Key maagemet maily has to do with the distributio ad update of keyig material durig the group life. Several key tree based approach has bee proposed by various authors to create ad distribute the multicast group key i effective maer. There are differet key maagemet algorithms that facilitate efficiet distributio ad rekeyig of the group key. These protocols ormally add commuicatio overhead as well as computatio overhead at the group key cotroller ad at the group members. This paper explores the various algorithms alog with the performaces ad derives a improved method. Keywords- Group key maagemet, Key tree, Multicast security, Rekeyig I. INTRODUCTION Multicastig is a type of commuicatio betwee computers i a etwork that eables a computer to sed oe stream of data to may iterested receivers without iterruptig computers that are ot iterested. For these reasos, multicastig has become the favored trasmissio method for most multimedia ad triple play applicatios, which are typically large ad use up a lot of badwidth. Multicastig ot oly optimizes the performace of your etwork, but also provides ehaced efficiecy by cotrollig the traffic o your etwork ad reducig the loads o etwork devices. This techology beefits may group commuicatio applicatios such as pay-per-view, olie teachig, ad share quotes [3], [4], [6]. Before these group orieted multicast applicatios ca be successfully deployed, access cotrol mechaisms [2], [9], [13], [19] must be developed such that oly authorized members ca access the group commuicatio. The oly way to esure cotrolled access to data is to use a shared group key, kow oly to the authorized members, to ecrypt the multicast data. As group membership might be dyamic, this group key has to be updated ad redistributed securely to all authorized members wheever there is a chage i the V.Vasudeva Departmet of Iformatio Techology, Arulmigu Kalasaligam College of Egieerig, Krishakoil. Madurai, Tamiladu, Idia. drvvmca@yahoo.com membership i order to provide forward ad backward secrecy [5], [8]. Forward secrecy meas that a departig member caot obtai iformatio about future group commuicatio ad backward secrecy meas that a joiig member caot obtai iformatio about past group commuicatio. We assume the existece of a trusted etity, kow as the Group Cotroller (GC), which is resposible for updatig the group key. This allows the group membership to scale to large groups. A umber of scalable approaches have bee proposed ad oe i particular, the key tree approach ad LKH [2], [3], [10], [19], [20], is aalyzed alog with its extesios i this paper. I short, the key tree approach employs a hierarchy of keys i which each member is assiged a set of keys based o its locatio i the key tree. The rekeyig cost of the key tree approach icreases with the logarithm of the group size for a joi or depart request [16], [17], [18]. The operatio for updatig the group key is kow as rekeyig ad the rekeyig cost deotes the umber of messages that eed to be dissemiated to the members i order for them to obtai the ew group key. Idividual rekeyig, that is, rekeyig after each joi or depart request, has two drawbacks [12], [14],[19]. First, it is iefficiet sice each rekey message has to be siged for autheticatio purposes ad a high rate of joi/depart requests may result i performace degradatio because the sigig operatio is computatioally expesive. Secod, if the delay i a rekey message delivery is high or the rate of joi/ depart requests is high, a member may eed a large amout of memory to temporarily store the rekey ad data messages before they are decrypted. Batch rekeyig techiques have bee recetly preseted as a solutio to overcome this problem. I such methods, a departed user will remai i the group loger ad a ew user has to wait loger to be accepted. All joi ad leave requests received withi a batch period are processed together at the same time. A short rekey iterval does ot provide much batch rekeyig beefit, whereas a log rekey iterval causes a delay to joiig members ad icreases vulerability from departig members who ca still receive the data.

I this paper the existig key maagemet algorithms ad its variatios were deeply discussed. Based o that a ew hybrid key maagemet techique was devised ad its performace was aalyzed. II. BACKGROUND A. Simple Algorithm I the simple group rekeyig scheme, all members are coected to a Group Key Cotroller (GKC). The GKC geerates ad ecrypts the group key separately for every members of the group. Whe member joi/ leave the group, the GKC creates a ew key. The GKC ecrypts ad sed this ew key to every member separately. Here both commuicatioal ad computatioal complexity is liearly proportioal to the group size. This algorithm is ot scalable. B. Key Tree Approach I a typical key tree approach [3], [19], [20] as show i Fig. 1a, there are three differet types of keys: Traffic Ecryptio Key (TEK), Key Ecryptio Key (KEK), ad idividual key. The TEK is also kow as the group key ad is used to ecrypt multicast data. To provide a scalable rekeyig, the key tree approach makes use of KEKs so that the rekeyig cost icreases logarithmically with the group size for a joi or depart request. A idividual key serves the same fuctio as KEK, except that it is shared oly by the GC ad a idividual member. (IJCSIS) Iteratioal Joural of Computer Sciece ad Iformatio Security, Whe a member is removed from the group, the GC must chage all the keys i the path from this member s leaf ode to the root to achieve forward secrecy. All the members that remai i the group must update their keys accordigly. If the key tree is balaced, the rekeyig cost for a sigle departig member is klog k (N)-1 message. For example, suppose member U9 is departig i Fig. 1a. The, all the keys that it stores (K0 ad K3) must be chaged, except for its idividual key. If backward secrecy is required, the a joi operatio is similar to a depart operatio i that the keys that the joiig member receives must be differet from the keys previously used i the group. The rekeyig cost for a sigle joiig member is 2log k N messages whe the key tree is balaced. The efficiecy of the key tree approach critically depeds o whether the key tree remais balaced. For a balaced key tree with N leaf odes, the height from the root to the ay leaf ode is log k N. However, if the key tree becomes ubalaced, the distace from the root to a leaf ode ca become as high as N. ad also we ca t predict the umber of rekeyig messages. C. Group Key Maagemet Protocol (GKMP) I GKMP, iitially, the GKC selects a member ad iitiates the creatio of a Group Key Packet (GKP). The packet cotais the Curret Group Traffic Ecryptio Key (GTEK) ad a key (GKEK) to deliver the future GTEK. To hadle future rekeys, the GKC the creates a digitally siged Group Rekey Packet (GRP), which cosist of the earlier created GKP ecrypted with the GKEK. Whe a member jois, the GKC selects a member ad creates a ew GKP cotaiig a ew GTEK. I additio, it creates a ew GRP, which is ecrypted uder the earlier ext GKEK. This method fails to maitai the forward secrecy whe a member leaves sice every member kows the GKEK[14], [21]. Figure 1. (a) key tree structure (b) ID assigmet I the example i Fig. 1a, K0 is the TEK, K1 to K3 are the KEKs, ad K4 to K12 are the idividual keys. The keys that a group member eeds to store are based o its locatio i the key tree; i other words, each member eeds to store 1+log k N keys whe the key tree is balaced. For example, i Fig. 1a member U1 kows K0, K1, ad K4 ad member U7 kows K0, K3, ad K10. The GC eeds to store all of the keys i the key tree. To uiquely idetify each key, the GC assigs a ID to each ode i the key tree. The assigmet of the ID is based o a top-dow ad left-right order. The root has the lowest ID, which is 0. For a ode with a ID of m, its paret ode has a ID of (m-1)/k, with its childre s IDs ragig from km+1 to km+k, as show i Fig. 1b. D. Logical Key Hierarchy Wog et al. [2] ad Waller et al. [3] idepedetly proposed a scalable group key maagemet scheme by costructig a logical tree of key ecryptio keys (KEKs) which provides a efficiet ad secure mechaism to maage the keys ad to coordiate the key update. LKH does ot take ito accout the topology of the etwork. The LKH employs a hierarchical tree whose root ode is associated with a group key ad whose leaf odes are idividual keys of all users i the group. The itermediate odes correspod to Key Ecryptio Key (KEK). Each user i the group holds a set of keys o the path from its leaf to the root[1].

Figure 2. A biary logical key tree with eight leaf odes. Fig. 2 illustrates a rooted biary key tree for a group of eight members. Each member is represeted i the tree by a uique leaf ode ad is preassiged the idividual s pair-wise key with the KS. The ier odes are associated with auxiliary itermediate KEKs, ad the root ode is associated with the group key SEK. The set of keys associated with the odes alog the path from a leaf ode to the root are assiged to the member represeted by that leaf ode, which iclude its pairwise key with the KS, the itermediate KEKs, ad the SEK for traffic ecryptio. For a full ad balaced key tree of degree d, the member storage is give as 1 + log d N. For example, member M1 i Fig. 2 is assiged K3.1, K2.1, K1.1 ad K0, i which K3.1 is M1 s pair-wise key ad K0 is the group key. I the virtual key tree each itermediate KEK ca be used to securely multicast rekey messages to members that are leaves of the correspodig ier ode s subtree. Member deletio is accomplished by rekeyig all the keys possessed by the member (except its pair-wise key) as it shares those with others. For example, whe M1 leaves, K2.1, K1.1 ad K0 eed to be updated. The umber of rekey messages is give as Cleave = d log d N 1 [7]. I Fig. 2, d =2 ad N =8, the KS eeds to sed the followig five rekey messages: 1. KS M 2 : {K 2.1 }K 3.2 2.KS {M 2 } : {K 1.1 }K 2.1 3. KS {M,M 4 } : {K 1.1 }K 2.2 4. KS {M 2, M 3, M 4 } : {K 0 }K 1.1 5. KS {M 5, M 6, M 7, M 8 }: {K 0 }K 1.2 O user joiig, each of the ivolved keys is updated via oe uicast (to the ew member) plus oe multicast (to existig members), requirig a commuicatio cost growig as Cjoi = 2 log d N. For example i Fig. 2, suppose sometime later M1 jois back the seve-member group, the KS the eeds to sed the followig six rekey messages: 1. KS M 1 : {K 2.1 }K 3.1 2.KS {M 2 } : {K 2.1 }K 2.1 3. KS M 1 : {K 1.1 }K 3.1 4. KS {M 2, M 3, M 4 } : {K 1.1 }K 1.1 5. KS M 1 : {K 0 }K 3.1 6. KS {M 2..M 8 } : {K 0 }K 0 I the above approach, each ew key is ecrypted idividually (oe key per message) [1]. (IJCSIS) Iteratioal Joural of Computer Sciece ad Iformatio Security, E. Oe-way Fuctio Tree (OFT) Caetti et al. [4] proposed a variatio of LKH by employig a fuctioal relatioship amog the ode keys i a biary key tree alog the path from the leaf ode represetig the leavig member to the root. Ad this scheme is called as Oe-way Fuctio Chai(OFC) [9], [18]. OFC reduces the commuicatio overhead from LKH s 2 log 2 N 1 to log 2 N by itroducig a public pseudo-radom fuctio G which doubles the size of its iput. The left ad right halves of G(x) are deoted by L(x) ad R(x), so G(x)= L(x) R(x) where L(x) = R(x) = x. For example, whe M 1 i Fig. 2 leaves, the KS oly seds three rekey messages, from which each residual member ca compute all ad oly the keys it is etitled to receive as depicted i Fig. 3: Figure 3. Key revocatio i the oe-way fuctio chai scheme 1. KS M 2 : {r}k 3.2 2.KS {M 3, M 4 } : {R( r) }K 2.2 3. KS {M 5, M 6, M 7,M 8, } : {R(R(r )) }K 2.2 F. Broadcast Ecryptio-like algorithm I "broadcast ecryptio" schemes a cetral site broadcasts secure trasmissios to a arbitrary set of recipiets while miimizig key maagemet related trasmissios. We take advatage of such methods i order to improve performace for multicast rekeyig [8], [16]. The mai differece betwee broadcast ad multicast ecryptio is that the Key Server does ot kow the idetity of possible itruders i broadcast scearios. I the multicast ecryptio problem, o the cotrary, oe kows which of the possible attackers must avoid sice the multicast group is limited ad kow a priori by defiitio. G. Iterated Hash Chai (IHC) OFC reduces LKH s commuicatio overhead but it was limited to the biary key tree case. We use LKH s flexible structure to OFC ad propose the iterated hash chai (IHC) that supports trees with degree higher tha 2 [10], [17]. Fig. 4 presets a terary key tree, i which there is always a fuctioal relatioship amog the ode keys alog the path from the requestig user to the root. A public hash fuctio H is itroduced, whose iput size ad output size both equal the key legth i the cryptography system.

(IJCSIS) Iteratioal Joural of Computer Sciece ad Iformatio Security, 3. KS {M4, M5, M6} : {D}K 2.2 4. KS {M7, M8, M9} : {D}K 2.3 5. KS {M10,.M18} : {D}K 1.2 6. KS {M19,.M27} : {D} K 1.3 Figure 4. Key revocatio i the iterated hash chai scheme. Suppose i Fig. 3 M1 leaves the 27-user group. The umber of rekey messages is give as Cleave =(d 1) log d N. The KS chooses a key r at radom ad rekeys K2.1, K1.1 ad K0 as follows: 1. KS M2 : {r} K 3.2 2. KS M3 : {r} K 3.3 3. KS {M4, M5, M6} : {H(r)}K 2.2 4. KS {M7, M8, M9} : {H(r)}K 2.3 5. KS {M10,.M18} : {H 2 (r)}k 1.2 6. KS {M19,.M27} :{H 2 (r)} K 1.3 Each residual member ca the respectively compute all ad oly the keys it is etitled to receive as depicted i Fig 4, where the ew SEK deoted as K 0 = H 2 (r) = H(H(r)) is a double iteratio. I geeral we have K 0 = H (r) where = log d N 1. Similar to OFC, H should be cryptographically strog so that it is hard to fid weak iteratio keys. O user joiig, the ivolved keys are updated via oe uicast (to the ew member) plus several multicasts (to existig members), leadig Cjoi = 1+log d N. Suppose sometime later M1 jois back the secure multicast group, the KS the rekeys as follows: 1. KS M1 : {r} K 3.1 2. KS {M2, M3} : {r} K 2.1 3. KS {M4, M9} : {H(r)} K 1.1 4. KS {M10, M27} : {H 2 (r)} K 0 H. Sychro-differece LKH (SD-LKH) It has bee geerally accepted ad recetly prove that O(log N) is the lowest overhead achievable by a key maagemet scheme if strict o-member cofidetiality ad ocollusio are required [1]. Recet represetative improvemets ad extesios to LKH feature oe-way fuctios [4][5] ad clusterig [11][12]. I this subsectio we preset a ovel variatio that differs observably from those approaches while keepig fully compatible with LKH. The proposal is called sychro-differece LKH (SD-LKH) as ew keys are geerated based o previous oes by employig the distributio of the differece. We reuse Fig. 4 to demostrate the ratioale of SDLKH. Suppose M 1 leaves the 27-user group. The umber of rekey messages is give as Cleave =(d 1) log d N. The KS radomly chooses a differetial value D ad trasmits the followig six messages: 1. KS M2 : {D} K 3.2 2. KS M3 : {D} K 3.3 O receivig D, each residual member respectively performs XOR operatios to compute all ad oly the keys it is etitled to receive: K 2.1 = K2.1 D, K 1.1 = K 1.1 D, ad K 0 = K 0 D. Uder the assumptio that the geeratio of D is upredictable by the users, it should achieve the same security level with LKH. O user joiig, the ivolved keys are updated via several uicasts (to the ew member) plus oe multicast (to existig members), leadig Cjoi = log d N +1. Suppose M 1 jois back the group depicted i Fig. 3, the KS the rekeys as follows: 1. KS M1 : { K 2.1 }K 3.1 2. KS M1 : {K 1.1 } K 3.1 3. KS M1 :{K0 }K 3.1 4. KS {M2,.M 27} : { D} K 0 i which the ew value (K ) of each of the keys set to M 1 (K) is computed as K = K D by the KS. This still correspods to oe-key-per-message rekeyig. III. BATCH REKEYING Idividual rekeyig is relatively iefficiet, especially whe requests are frequet. To address this, the use of periodic batch rekeyig was proposed [13] [19]. I batch rekeyig algorithms joi ad leave requests are collected durig a time iterval ad processed i a batch. Sice the KS does ot rekey immediately, a leavig member will remai i the group till the ed of the batch period, ad a ew member will have to wait the same time to be accepted. However, this batch period ca be adapted to dyamics i the multicast group. O the other had, batch rekeyig techiques icrease efficiecy i umber of required messages thus it takes advatage of the possible overlap of ew keys for multiple rekey requests, ad thus reduces the possibility of geeratig ew keys that will ot be used. A. Lam-Gouda batch rekeyig Lam, Gouda et al. [5], [6] preseted a very simple markig algorithm that updates the key tree ad geerates a rekey subtree. Briefly, their system ca be summarized as follows. After each rekey iterval the KS collects all Joi ad Leave requests ad processes them accordig to the two possible cases. If the umber of leavigs is greater or equal tha the umber of joiigs, ew members are allocated i the places of the departed members. Empty leaves are marked as ull. All ode keys i the path from the replaced leaves to the root are updated followig the rules i LKH. If the umber of joiigs is greater tha the umber of leavigs a rekey subtree is costructed with all the remaiig ew members left after applyig the algorithm described

(IJCSIS) Iteratioal Joural of Computer Sciece ad Iformatio Security, above. The rekey subtree is allocated uder the departed user whether the rekeyig message cocers to them or ot. The ew ode with the smallest height. positio is the reamig field of the message. Usig this The algorithm explaied i the previous sectio aims to iformatio, users ca reame themselves ad their keyig keep the tree balaced through differet batches by allocatig material. the rekey subtree uder the shallowest ode i each rekeyig. The Rekeyig material field is the actual data of updated keys, However, this rebalacig system is oly valid whe the calculated, for example, accordig to LKH. O the other had, umber of joiigs ad leavigs are very similar; i ay other the multicast member, basically oly has to decide if a multicast case a periodic rebalacig algorithm is eeded. rekeyig message is set to him, receive it ad update his positio ad keyig material. B. Balaced LKH for batch rekeyig I order to overcome this iefficiecy we proposed a ew batch rekeyig algorithm that keeps the tree balaced for every batch. The algorithm updates ot oly ode keys but also ode amig or positio, so rekeyig odes ca chage their origial positio after each batch followig a very simple rule. The KS computerized system does ot have much more processig load because he oly has to update the positio of the odes usig simple rules. Besides that, keepig the tree balaced reduces the total amout of required program memory. I the other side, the ew algorithm slightly icreases the umber of operatios to be doe by idividual members, cause they have to kow all the time the positio i the tree that they are occupyig i order to update it properly. However, this icrease is ot sigificat for sigle multicast members, eve if they are devices with low computatio capability. We will briefly describe the atomic steps the KS ad the idividual members must follow to carry out the algorithm. 1 ) Mark Rekeyig Nodes I the first step, odes that should be removed have to be poited out. After collectig the leavig requests, all odes from leavig members leaves to root eed to be updated, so they are marked for deletio. Notice that o replacemet with joiig members is carried out. 2) Prue Tree The prue actio is very simple; it cosists i deletig the marked odes ad to keep the subtree structures that remai uchaged. After this actio, the KS has to maage three types of elemets: remaiig subtrees (structures with more tha oe member), joiig members ad sibligs of leavig members. As the tree is a biary tree, sibligs of leavig members caot reuse ay KEK but his idividual key, so they should be treated the same way as ew joiig members. 3) Make New Rekey tree Now, the KS has to costruct the ew rekey tree balaced followig the ext recursive criterio. Group all trees of depth j i twos. If ay elemet is left, group it with tree of depth j+l ad treat the result as a tree of depth j+2. The criterio must begi with trees of miimum depth, that is to say, sigle elemets, ad be repeated util just oly oe tree is resulted. 4) Costruct ad Sed Rekey Messages Fially, the rekeyig messages have to be set. These messages should iclude three iformatio fields: destiatio ode, ew positio of destiatio ode ad rekeyig material. The destiatio ode is the ode to which sos the message is addressed. This field is used by sigle members to decide C. Lam-Gouda with Improved LKH The multicast rekeyig cosists of three stages: iitializatio, multicastig ad recoverig. I the first oe the Key Server geerates all the secrets to deliver ad seds them to the group members. Multicastig stage takes place every time a ew shared sessio key is eeded, i this stage the KS seds by the multicast chael the eough data for the authorized members to recompute the ew sessio key, that is to say, the recoverig stage [6], [12]. I Lam-Gouda batch rekeyig, members are located i the same positio of the tree durig all the group life. The oly chages permitted are up ad dow the tree level if siblig members leave the group. I ay case, the set of keys that each member has from his positio to the root is always the same. I such sceario, improved LKH ca be straightly applied cause the oly iformatio that members eed i order to update the keys is r r'. We will better explai the adaptatio of Improved LKH to Lam-Gouda Batch rekeyig thorough a simple example. Figure 5. Case of several leavig processed at a time Cosider Fig. 5 i which M2 ad M6 leave the group. All the keys that have bee compromised (ecircled i Fig.5) must be updated. Usig Lam-Gouda LKH the legth of the ext messages should be multicasted is O the other had, usig the improved LKH algorithm the message legth is. D. Balaced Batch with Improved LKH I Lam-Gouda [12] with improved LKH we did ot allow members to chage their positio durig the group life. That is to say, they always have the same keys i his path to the root.

This allows us the usage of the updatig factor (r r') because members oly have to kow it to chage their set of keys. Cotrary to that, Balaced Batch eeds the redistributio of reusable subtrees. This does ot permit us oly to distribute the updatig factor because usually, after a batch, the key path to the root of remaiig members will chage. This forces us to distribute ot the updatig factor but the updated keys themselves, although we ca use the same mechaism usig products of radom umbers. This method is expected to preset worse behavior tha Lam-Gouda with improved LKH. But, o the other side, it keeps the tree balaced all the time. However, performace of such method is better tha Balaced LKH without improvemet mechaism. IV. HYBRID TREE KEY DISTRIBUTION Sice, the umber of leaves determies the total umber of odes i a tree of give degree, if we ca set the umber of leaves as a variable, the we ca cotrol the total umber of keys. Oe approach is to cluster the members ad assig multiple members to a leaf, the by cotrollig the umber of members assiged to a leaf ode, we ca vary the total umber of odes i the tree ad thus the umber of keys stored i the GC. We use the hybrid tree model i to develop the desig algorithm for a give amout of update commuicatio. The mai idea of the hybrid tree is to divide the group ito clusters of size M with every cluster assiged to a uique leaf ode. The there are N/M clusters (also leaves), ad we eed to build a tree of depth log a (N/M). Fig. 6 illustrates this for a biary tree with cluster size M=3 ad a group of 24 members. (IJCSIS) Iteratioal Joural of Computer Sciece ad Iformatio Security, scheme plus oe KEK required by the miimal storage scheme withi the cluster. Whe a member is deleted, the total umber of key update messages, deoted by C, is (a-1) log a (N/M) withi the tree plus (M-1) withi the cluster, leadig to: C= (M-1) + (a-1) log a (N/M) The umber of keys stored by the GC is computed as the keys o the tree plus seeds for ( N/M) clusters, which is The last term 1/(a-1) is at most 1 sice a 2. Sice the logical key tree schemes have logarithmic update commuicatio [1], [2], i the hybrid tree model, we wat to keep the update commuicatio as O(log N) except some scale factor β. This ca be expressed as: where the commuicatio scale factor β idicates how much commuicatio ca be allotted for key updates. I the hybrid tree scheme, the storage ad the update commuicatio are fuctios of the cluster size M. The selectio of M should be such that the update commuicatio scales at least of the order of O(logN) while the key storage of the GC is better tha O(N). Hece the optimizatio problem is posed as mi[(1+ a/a-1) N/M] w.r.t. M. With this hybrid tree key distributio the key storage is reduced greater percetage if the total ode is i the order of 2 20. The performace is purely based o the cluster size value M. We should choose the cluster value based o the applicatios & security requiremets. Withi cluster the commuicatio is very much easier tha iter cluster commuicatio. Ad itra cluster commuicatio provide tight security tha the iter cluster commuicatio. Figure 6. A biary hybrid tree with cluster size M = 3ad group size N = 24 We otice that the structure i Fig. 6 cosists of two parts, the logical tree, ad the clusters. The logical key tree is used as iter-cluster key maagemet scheme to limit key update commuicatio, ad the miimal storage used as the itra-cluster scheme to reduce GC storage requiremet. I the hybrid tree preseted i Fig. 6, a user eeds to store(1+ log a (N/M)) KEK s required by the logical key tree V. ANALYSIS The table I provide the comparative aalysis of the various algorithms. From this we ca easily uderstad the importace of each algorithm i terms of storage, security, commuicatio costs as well as basic properties. From that we uderstad that the hierarchical key tree based algorithms work wells for a mildly large group commuicatio etworks such as iteret radio, video cofereces ad pay per view systems. TABLE I. OVERALL COMPARATIVE ANALYSIS Algorithm Properties Comm. costs Secrecy storage

(IJCSIS) Iteratioal Joural of Computer Sciece ad Iformatio Security, Trust i 3 rd party Cetral cotrollig etity Joiig & separatio of groups Simple poit of failure Secure agaist collusios Scalability recoverable Joi msg from GKC to other New member joi Leave from msgs the GKC Backward forward Keys i cotrol maager Number of member keys Processig time for retrievig a group key Simple X easy X X -1 1 k k O(log) GKMP X Ok X X 2 2 New X 2k 2k 2k LKH X easy X d d+1 2d O() O(log) O(log) OFT X easy X d+1 d+1 d+1 O() O(log) O(log)/2 Broadcast ecryptio like X easy X d d+1 2d O() O(log) O(log) algorithm IHC X ok X 1+log d SD-LKH X easy X log d +1. 1+lo g d log d +1. (d 1) log d (d 1) log d O() O(log) O(log) O() O(log) O(log) Lam-Gouda X easy X d d+1 2d O() O(log) O(log) batch rekeyig Balaced LKH X easy d-1 d+1 2d O() O(log) O(log) Balaced Batch with Improved LKH X easy d-1 d+1 2d O() O(log) O(log) Hybrid Tree Key Distributio X easy (a-1) log a (N/M) N/M +1 2N/M (a-1) log a(n/m) (1+ log a(n/m)) (a-1) log a(n/m) VI. CONCLUSION This study exhibits a clear picture about various key maagemet algorithms. The workig priciples of each algorithm alog with their drawbacks are deeply aalyzed ad tabulated. From this we ca easily idetify which algorithm is suitable for particular applicatios. Especially the hybrid key maagemet scheme combie the best features from various algorithms ad try to provide a optimized algorithm which is more flexible whe compared with other algorithms. REFERENCES [1] J. Pegueroles ad F. Rico-Novella, Balaced Batch LKH: New Proposal, Implemetatio ad Performace Evaluatio, The 8th IEEE ISCC 03, July 2003, pp. 15 25. [2] C. K. Wog, M. Gouda, ad S. S. Lam, Secure group commuicatios usig key graphs, IEEE/ACM Tras. Networkig, vol. 8, Feb 2000, pp. 16-31. [3] D. M. Waller, E. J. Harder, ad R. C. Agee, Key maagemet for multicast: Issues ad architectures, RFC 2627, Jue 1999. [4] R. Caetti, J. Garay, G. Itkis, D Micciacio, M. Naor, ad B. Pikas, Multicast security: A taxoomy ad some efficiet costructios, i Proc. IEEE INFOCOM 99, vol. 2, Mar 1999, pp.708-716. [5] A. T. Sherma ad D. A. McGrew, Key establishmet i large dyamic groups usig oe-way fuctio trees, IEEE Tras. Software Eg., vol. 29, May 2003, pp. 444-458. [6] M. R. Macedoia ad D.P. Brutzma, MBoe provides audio ad video across the Iteret, IEEE Tras. Comput., vol. 27, Apr 1994, pp. 30 36. [7] R. Atkiso, Security architecture for the Iteret protocol, RFC 1825, Aug. 1995. [8] G. H. Chiou ad W. T. Che, Secure broadcastig usig the secure lock, IEEE Tras. Software Eg., vol. 15, Aug. 1989, pp. 929 934. [9] S. Setia, S. Koussih, ad S. Jajodia, Kroos: A Scalable Group Rekeyig Approach for Secure Multicast, Proc. IEEE Symp. Security ad Privacy, 2000. [10] D. Baleso, D. A. McGrew, ad A. T. Sherma, Key Establishmet i Large Dyamic Groups Usig Oe-Way Fuctio Trees ad Amortized Iitializatio, Iteret Draft, 1999. [11] Migya Li, R. Poovedra ad C. Berestei, Desig of Secure Multicast Key Maagemet Schemes With Commuicatio Budget Costrait, IEEE Commuicatios Letters, vol. 6, o. 3, Mar. 2002, pp. 108-110.

[12] M.J. Moyer, J.R. Rao, ad P. Rohatgi, Maitaiig Balaced Key Trees for Secure Multicast, Iteret Research Task Force (IRTF), Iteret draft, draft-irtf-smug-key-tree-balace-00.txt, Jue 1999. [13] Li, Yag, Gouda, ad Lam, Batch Rekeyig for Secure Group Commuicatios, ACM SIGCOMM 2001, Sa Diego, August 2001. [14] H. Harey ad C. Muckehir, Group Key Maagemet Protocol (GKMP) Specificatio, IETF, RFC 2093, July 1997. [15] W. Ng ad Z. Su, Multi-Layers LKH, Proc. IEEE It l Cof. Comm. (ICC), May 2005. [16] M. J. Mihaljevi c, Recofigurable key maagemet for broadcast ecryptio, IEEE Commu. Lett., vol. 8, July 2004, pp. 440-442. [17] X. B. Zhag, S. S. Lam, D.-Y. Lee, ad Y. R. Yag, Protocol desig for scalable ad reliable group rekeyig, i Proc. SPIE Cof. Scalability ad Traffic Cotrol i IP Networks, vol. 4526, Dever, CO, Aug. 2001, pp. 87 108. [18] A.T. Sherma ad D.A. McGrew, Key establishmet i large dyamic groups usig oe-way fuctio trees, IEEE Trasactios o Software Egieerig, vol. 29 (5), Ju 2005, pp. 444 458. [19] Joe Prathap P M ad Vasudeva V, Revised Two Phase Batch Rekeyig with Balaced Key Tree Maagemet for Secure Multicast Commuicatios, Iteratioal Joural of Computer Sciece ad Network Security (IJCSNS), vol. 8, No.4, April 2008, pp. 232-242. [20] S.M Ghaem ad H. Abdel-Wahab, A secure group key maagemet framework: desig ad rekey issues Computers ad Commuicatio, Proceedigs. Eight IEEE Iteratioal Symposium (ISCC 2003), vol.2, July 2003, pp.797 802. (IJCSIS) Iteratioal Joural of Computer Sciece ad Iformatio Security, AUTHORS PROFILE Joe Prathap P M received the B.E. ad M.E. degree i Computer Sciece & Egieerig from Aa Uiversity i 2003 ad 2005. He is curretly pursuig Ph.D degree i Faculty of Iformatio ad Commuicatio Egieerig departmet, Aa Uiversity, Idia. He is curretly a seior lecturer at Kalasaligam Uiversity. His fields of iterest are Computer Networks, Network Security, Operatig Systems ad Graph Theory. He has more tha 10 publicatios to his credit i iteratioal jourals ad cofereces. He is a member of ISTE, Idia. Dr. V Vasudeva is presetly workig as Seior Professor ad Head, Departmet of Iformatio Techology at Arulmigu Kalasaligam College of Egieerig, KrishaKoil, Tamiladu. He is also servig as the Project Director (Network techologies) i TIFAC CORE i Network Egieerig at A.K.College of Egieerig. He has completed his Ph.D degree from Madurai Kamaraj Uiversity, i 199. He has more tha 25 years of experiece i teachig ad research. He has guided more tha 50 M.E./M.Tech. projects,10 M.Phil.Thesis ad 7 Ph.D. Thesis. His fields of iterests are Network Egieerig, Multicast Security, Grid Computig ad Evolutioary computig. He has more tha 50 publicatios to his credit i iteratioal jourals ad cofereces. He has visited may uiversities i UK. He is a member of ISTE, Idia.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback