1 / 18

Trust Group Communication

Trust Group Communication. Team Challenger Feb 1 st 2005. Secure Trust Group Communication Review. Paper Reference Towards Flexible Credential Verification in Mobile Ad-hoc Networks. Keoh et al., POMC 2002 Aims Trust assertion

davis-deleon
Download Presentation

Trust Group Communication

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Trust Group Communication Team Challenger Feb 1st 2005

  2. Secure Trust Group Communication Review • Paper Reference • Towards Flexible Credential Verification in Mobile Ad-hoc Networks. Keoh et al., POMC 2002 • Aims • Trust assertion Each user maintains a key ring which comprises the list of the public keys trusted to sign assertion statement

  3. Key Management • Secure channel to expand trust group • Public and private key pair: RSA • Broadcast to trust group • Symmetric key: DES KB+ (m, KA (m)) KA KB+ m m KB KA+

  4. Trust group problems:` • Trust Transitivity • Broadcast among trust group • How to ensure secure communication in trust group Senior member Junior member

  5. Junior Temporary Trust Trust Senior Permanent Trust Key Trust Session Generate new session key Grant session key M2MI Return Omnihandle Return Multihandle Key Ring Design

  6. Key Ring Features M2MI /** * Return omnihandle * * @param TrustObject */ public Trust getAllhandle (TrustObject receivedTrustObject){ M2MI.export (receivedTrustObject, Trust.class); Trust allPersons=(Trust) M2MI.getOmnihandle (Trust.class); return allPersons; }

  7. /** * Return a multihandle */ public Trust getMyTrustMultihandle ( ){ //get a multihandle Trust myTrust =(Trust) M2MI.getMultihandle(Trust.class); for (int i=0; i<allMyTrust.size( ); i++){ //Search my trust container TrustIdentifier temp= (TrustIdentifier) allMyTrust.elementAt(i); TrustObject to=new TrustObject (temp); /** * Attach TrustObject */ myTrust.attach(to); } return myTrust; }

  8. Key Ring features synchronization /** * @param TrustIdentifier * @param long */ public void setJuniorTrust (TrustIdentifier ti, long l) { long lease=1000*l; Long Llease=new Long (lease); synchronized (hTrustJunior){ hTrustJunior.put(ti, Llease); /** *execute lease timeout */ tmr=new Timer(); tmr.schedule(new timeoutTask(hTrustJunior, ti), lease); System.out.println("Added to Junior Collection"); } }

  9. Why Session Key? • Enhance Security • Fights the middle man attack • Updates periodically and upon member leaving • Multiple algorithm is harder to break • Achieve trust group function • Save time

  10. Key Ring Session Key • Update Session Key • Once a member leaves, blacklisted or removed, generate new Session Key—an array of 16 keys • Forward for encryption • Backward for decryption • Grant Session Key • Upon request • Upon request, lookup KeyRing, Password is RSAPublicKey, • if false deny grantSessionKey, If true grantSessionKey • Broadcast sender encrypt, send • Broadcast receiver receives, requests decryption key, decrypt

  11. DES 56 bit key Initial Permutation Initial permutation 28 bit 28 bit Round 1 Li-1 xor f(Ri-1, Ki) rotate rotate Round 16 Final permutation 48 bit key

  12. Improvement and Extension • Key Ring – trusted identifier • Junior member time out • Session key update • If a member is blacklisted • If a member leaves • If a member is removed • Grant Session key check • Password is publickey • Blacklist – malicious identifier

  13. Completed Tasks • Trust • Encrypt/Decrypt/Verify Certificate • Manage Key Ring and Black List • Key Ring • Black List • RSAfactory • DESfactory

  14. What is next? • Visualization • Monitor • Simulator

  15. Risk Analysis • Monitor • We recently decided to have GUI • Simulation • Currently, simulation is among limited users with low complexity • Automation • Currently simulation is manually operated by command line input

  16. Schedule

More Related