360 likes | 368 Views
Explore a secure group communication system using a hierarchical region-based model to manage group keys effectively in mobile wireless applications. The study introduces a performance model to optimize region sizes and key management costs, ensuring forward and backward secrecy. Testing results and analysis provide insights into system reliability and security.
E N D
Performance Char’ of Region-Based Group Key Management --- in Mobile Ad Hoc Networks ---by Ing-Ray Chen, Jin-Hee Cho and Ding-Chau Wang Presented by Amrinder Singh and Hao Liang March 5, 2006
Agenda • Introduction • System Model • Performance Model • Testing Results and Analysis • Conclusions
Introduction • Secure group communication in mobile wireless applications • Encryption key within group • Major considerations are backward and forward secrecy • Normally, large group size causes large overheads
Introduction • 2-part hierarchical model which preserves reliability and security • Break group into region based sub-groups • Communication between sub-groups in response to membership change • Determine optimal regional size.
System Model • Important key management cost is the region size. • Different keys used depending on the communication. • KR • KLR • KG = MAC (KLR, c)
System Model (continued) • In addition to various keys, there exist various membership views • Regional View (RV) • Leader View (LV) • Group View (GV) • Forward and backward secrecy maintained as group key changed on every group join or leave event
System Model (continued) • Key Independence : Passive adversary who knows subset of group keys cannot discover any other key. • Ensured by using MAC with 2 inputs • Various events can be described depending on motion of members
Group Join • New member beacons “hello” message • Received by leader by forward from member or directly • Update regional membership • New regional key generated • Regional view of all sub-group members updated along with regional key.
Group Join (continued) • The join informed to all leaders and group view changed in all group members • New group key generated • This new group key distributed ay all leaders among its members
Group Leave • Member notifies regional leader • Leader updates regional view and generates new key. • This information sent to all members. • The leader informs other leaders. • Group key generated • The group key and view updated.
Group Leave by a leader • All previous operations need to be performed. • In addition new leader is elected. • New leader key is generated by all leaders using contributory key agreement (CKA) protocol • Leader View is updated • The new group key is generated using the new leader key.
Boundary Crossing • For non-leader member • Regional views and regional key for both sub-groups need to be updated. • Group view and group key remains the same • For leader member • There is a leadership change • New leader in departing region elected • New leader key generated
Member disconnection • Member may disconnect voluntarily or non- voluntarily • Mobile host periodically sends “I-am-alive” beacon • If member disconnection detected, group leave event is triggered
Leader election • Reasons for leader election • Group leave • Boundary crossing • Leader disconnection • Member with smallest id announces itself as new leader • Regional view is updated accordingly
Performance Model • Performance model developed to find optimal region size • A hexagonal coverage model is used • Number of regions calculated using 3n2+3n+1
Performance model (contd) • PRM : Probability that member moves across a boundary once a move is made • PRM=(Total no. of edges - edges of region) Total no. of edges
Regional Mobility • Original mobility rate for single large region is σ • σn defines regional mobility rate, i.e. how often a regional boundary crossing event occurs σn = (2n+1) σ PRM (n) • Average population of sub-group Nr (n) = λp X A/ R (n)
Performance Metrics • Based on total communication cost per unit time in response to group key management events • This can be broken down to 3 components • Regional mobility cost • Group join/leave cost • Periodic beaconing cost
Regional mobility cost (Cmobility) • Cost associated with mobility-induced regional boundary crossing events • Two cases • boundary crossing by leaders • Boundary crossing by non-leaders Λm: aggregate regional mobility
Cmobility (contd) Probability of a non-leader crossing bounds cost incurred for rekeying and updating the regional view
Cost for Group Join/Leave: Cjoin/leave • Cost associated with group join and leave ΛJ: aggregate join rate for all members ΛL: aggregate leave rate for all members
Cjoin/leave (contd) • Group join will trigger view update and key update on the region level and the group level, therefore
Cjoin/leave (contd) • Group leave includes two scenarios: • Non-leader member leaves • Leader leaves
Cost for Beaconing • Cost of periodic beaconing • Intra-regional beaconing to maintain region view • Inter-regional beaconing to maintain leader view ΛRB: aggregate beacon rates at the intra-regional level ΛLB: aggregate beacon rates at the inter-regional level Malive: number of bits in a beacon message
Numerical Example • Illustrate tradeoff: group key management vs. regional size • Demonstrate variables that affects overall cost • Find optional region size that minimizes overall cost
Numerical Example (contd) • Proposed region-based group key management protocol • Group Diffie-Hellman (GDH) performance model • Baseline: traditional non-region-based group key management protocol • One region to host all group members
Parameterization ΛJ: aggregate join rate ΛL: aggregate leave rate PG: prob member in G PNG: prob member in NG N: Number of nodes in a group
GDH.3 Protocol m: number of node v: intermediate value size • Total cost used to parameterize the cost for rekeying a regional key and the cost for rekeying the leader key
Numerical Analysis Optimal n=3 for the top 3 curves; 4 for the last 3 curves
Analyzing n • Regional size = 3n2+3n+1 • n affects • Number of regions, population density • Inter-regional overhead • Updating and rekeying cost at the leader level • Intra-regional overhead • Updating and rekeying cost at the regional level • Regional mobility • System favors fewer regions as σ increases
Population Density (contd) • As λp increases: • Total cost increases • Optimal n shifts to the right • Both attributed by intra-regional cost • Overall cost converges at high n • Inter-regional cost dominates
Conclusion and Future Work • Proposed and analyzed a scalable and efficient region-based secure group key management protocol • Discovered an optimal regional size that minimize the overall network communication cost • Lacks ability to deal with insider attacks and intrusion detection