1 / 36

Presented by Amrinder Singh and Hao Liang March 5, 2006

Explore a secure group communication system using a hierarchical region-based model to manage group keys effectively in mobile wireless applications. The study introduces a performance model to optimize region sizes and key management costs, ensuring forward and backward secrecy. Testing results and analysis provide insights into system reliability and security.

cclara
Download Presentation

Presented by Amrinder Singh and Hao Liang March 5, 2006

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Performance Char’ of Region-Based Group Key Management --- in Mobile Ad Hoc Networks ---by Ing-Ray Chen, Jin-Hee Cho and Ding-Chau Wang Presented by Amrinder Singh and Hao Liang March 5, 2006

  2. Agenda • Introduction • System Model • Performance Model • Testing Results and Analysis • Conclusions

  3. Introduction • Secure group communication in mobile wireless applications • Encryption key within group • Major considerations are backward and forward secrecy • Normally, large group size causes large overheads

  4. Introduction • 2-part hierarchical model which preserves reliability and security • Break group into region based sub-groups • Communication between sub-groups in response to membership change • Determine optimal regional size.

  5. System Model

  6. System Model • Important key management cost is the region size. • Different keys used depending on the communication. • KR • KLR • KG = MAC (KLR, c)

  7. System Model (continued) • In addition to various keys, there exist various membership views • Regional View (RV) • Leader View (LV) • Group View (GV) • Forward and backward secrecy maintained as group key changed on every group join or leave event

  8. System Model (continued) • Key Independence : Passive adversary who knows subset of group keys cannot discover any other key. • Ensured by using MAC with 2 inputs • Various events can be described depending on motion of members

  9. Group Join • New member beacons “hello” message • Received by leader by forward from member or directly • Update regional membership • New regional key generated • Regional view of all sub-group members updated along with regional key.

  10. Group Join (continued) • The join informed to all leaders and group view changed in all group members • New group key generated • This new group key distributed ay all leaders among its members

  11. Group Leave • Member notifies regional leader • Leader updates regional view and generates new key. • This information sent to all members. • The leader informs other leaders. • Group key generated • The group key and view updated.

  12. Group Leave by a leader • All previous operations need to be performed. • In addition new leader is elected. • New leader key is generated by all leaders using contributory key agreement (CKA) protocol • Leader View is updated • The new group key is generated using the new leader key.

  13. Boundary Crossing • For non-leader member • Regional views and regional key for both sub-groups need to be updated. • Group view and group key remains the same • For leader member • There is a leadership change • New leader in departing region elected • New leader key generated

  14. Member disconnection • Member may disconnect voluntarily or non- voluntarily • Mobile host periodically sends “I-am-alive” beacon • If member disconnection detected, group leave event is triggered

  15. Leader election • Reasons for leader election • Group leave • Boundary crossing • Leader disconnection • Member with smallest id announces itself as new leader • Regional view is updated accordingly

  16. Performance Model • Performance model developed to find optimal region size • A hexagonal coverage model is used • Number of regions calculated using 3n2+3n+1

  17. Performance model (contd) • PRM : Probability that member moves across a boundary once a move is made • PRM=(Total no. of edges - edges of region) Total no. of edges

  18. Regional Mobility • Original mobility rate for single large region is σ • σn defines regional mobility rate, i.e. how often a regional boundary crossing event occurs σn = (2n+1) σ PRM (n) • Average population of sub-group Nr (n) = λp X A/ R (n)

  19. Performance Metrics • Based on total communication cost per unit time in response to group key management events • This can be broken down to 3 components • Regional mobility cost • Group join/leave cost • Periodic beaconing cost

  20. Regional mobility cost (Cmobility) • Cost associated with mobility-induced regional boundary crossing events • Two cases • boundary crossing by leaders • Boundary crossing by non-leaders Λm: aggregate regional mobility

  21. Cmobility (contd) Probability of a non-leader crossing bounds cost incurred for rekeying and updating the regional view

  22. Cost for Group Join/Leave: Cjoin/leave • Cost associated with group join and leave ΛJ: aggregate join rate for all members ΛL: aggregate leave rate for all members

  23. Cjoin/leave (contd) • Group join will trigger view update and key update on the region level and the group level, therefore

  24. Cjoin/leave (contd) • Group leave includes two scenarios: • Non-leader member leaves • Leader leaves

  25. Cost for Beaconing • Cost of periodic beaconing • Intra-regional beaconing to maintain region view • Inter-regional beaconing to maintain leader view ΛRB: aggregate beacon rates at the intra-regional level ΛLB: aggregate beacon rates at the inter-regional level Malive: number of bits in a beacon message

  26. Numerical Example • Illustrate tradeoff: group key management vs. regional size • Demonstrate variables that affects overall cost • Find optional region size that minimizes overall cost

  27. Numerical Example (contd) • Proposed region-based group key management protocol • Group Diffie-Hellman (GDH) performance model • Baseline: traditional non-region-based group key management protocol • One region to host all group members

  28. Parameterization ΛJ: aggregate join rate ΛL: aggregate leave rate PG: prob member in G PNG: prob member in NG N: Number of nodes in a group

  29. GDH.3 Protocol m: number of node v: intermediate value size • Total cost used to parameterize the cost for rekeying a regional key and the cost for rekeying the leader key

  30. Numerical Analysis Optimal n=3 for the top 3 curves; 4 for the last 3 curves

  31. Analyzing n • Regional size = 3n2+3n+1 • n affects • Number of regions, population density • Inter-regional overhead • Updating and rekeying cost at the leader level • Intra-regional overhead • Updating and rekeying cost at the regional level • Regional mobility • System favors fewer regions as σ increases

  32. Cost Breakdown

  33. Analyzing Population Density

  34. Population Density (contd) • As λp increases: • Total cost increases • Optimal n shifts to the right • Both attributed by intra-regional cost • Overall cost converges at high n • Inter-regional cost dominates

  35. Conclusion and Future Work • Proposed and analyzed a scalable and efficient region-based secure group key management protocol • Discovered an optimal regional size that minimize the overall network communication cost • Lacks ability to deal with insider attacks and intrusion detection

  36. Questions

More Related