skip to main content
10.1145/1102219.1102227acmconferencesArticle/Chapter ViewAbstractPublication PagesccsConference Proceedingsconference-collections
Article

Key distribution and update for secure inter-group multicast communication

Published: 07 November 2005 Publication History

Abstract

Group communication has become an important component in wireless networks. In this paper, we focus on the environments in which multiple groups coexist in the system, and both intra and inter group multicast traffic must be protected by secret keys. We propose a mechanism that integrates polynomials with flat tables to achieve personal key share distribution and efficient key refreshment during group changes. The proposed mechanism distributes keys via true broadcast. The contributions of the research include: (1) By switching from asymmetric algorithms to symmetric encryption methods, the proposed mechanism avoids heavy computation, and improves the processing efficiency of multicast traffic and the power usage at the wireless nodes. The group managers do not have to generate public-private key pairs when the group member changes. (2) It becomes more difficult for an attacker to impersonate another node since personal key shares are adopted. The additional storage overhead at the wireless nodes and the increased broadcast traffic during key refreshment are justified. In addition, we describe techniques to improve the robustness of the proposed mechanism under the complicated scenarios such as collusive attacks and batch group member changes.

References

[1]
S. Yi, P. Naldurg, and R. Kravets. Security-aware ad hoc routing for wireless networks. In Proc. of ACM International Symposium on Mobile Ad Hoc Networking & Computing, 299--302, 2001.
[2]
M. Waldvogel, G. Caronni, D. Sun, N. Weiler, and B. Plattner. The VersaKey Framework: Versatile group key management. IEEE JSAC Special issue on middleware, 17(9), 1614--1631, 1999.
[3]
I. Chang, R. Engel, D. Kandlur, D. Pendarakis, and D. Saha. Key management for secure internet multicast using boolean function minimization techniques. In IEEE INFOCOM, 689--698, 1999.
[4]
T. Hodes and R. Katz. Composable ad hoc location based services for heterogeneous mobile clients. Wireless Networks, 5(5):411--427, 1999.
[5]
J. Agre, A. Akinyemi, L. Ji, R. Masuoka, and P. Thakkar. A layered architecture for location based services in wireless ad hoc networks. In Proc. of IEEE Aerospace Conference, 2002.
[6]
H. Harney and C. Muckenhirn. Group Key Management Protocol (GKMP) Architecture. RFC 2094, 1999.
[7]
D. Wallner, E. Harder, and R. Agee. Key Management for Multicast: Issues and Architectures. RFC 2627, 1999.
[8]
C.K. Wong, M.G. Gouda, and S.S. Lam. Secure group communications using key graphs. IEEE/ACM Transactions on Networking, 8(1), 16--30, 2000.
[9]
D.A. McGrew and A.T. Sherman. Key establishment in large dynamic groups using oneway function trees. Tech. Rep. No. 0755, Network Associates, Inc., 1998.
[10]
R. Canetti, J. Garay, G. Itkis, D. Micciancio, M. Naor, and B. Pinkas. Multicast Security: A Taxonomy and Some Efficient Constructions. In IEEE INFOCOM, 708--716, 1999.
[11]
R. Canetti, T. Malkin, and K. Nissim. Efficient communication-storage tradeoffs for multicast encryption. In Advances in Cryptology -- EUROCRYPT, 459--474, 1999.
[12]
A. Perrig, D. Song, and J.D. Tygar. ELK, a new protocol for efficient large-group key distribution. In Proc. of IEEE Symposium on Security and Privacy, 2001.
[13]
S. Mittra. Iolus: A framework for scalable secure multicasting. In ACM SIGCOMM, 277--288, 1997.
[14]
L. Dondeti, S. Mukherjee, and A. Samal. Scalable secure one-to-many group communication using dual encryption. Computer Communications, 23(17), 1681--1701, 1999.
[15]
R. Molva and A. Pannetrat. Scalable multicast security in dynamic groups. In Proc. of ACM CCS, 101--112, 1999.
[16]
S. Rafaeli and D. Hutchison. Hydra: A decentralized group key management. In Proc. of IEEE International Enterprise Security Workshop, 2002.
[17]
B. Briscoe. MARKS: Multicast key management using arbitrarily revealed key sequences. In Proc. of International Workshop on Networked Group Communication, 1999.
[18]
S. Setia, S. Koussih, and S. Jajodia. Kronos: A scalable group re-keying approach for secure multicast. In Proc. of IEEE Symposium on Security and Privacy, 2000.
[19]
R. Pietro, L. Mancini, Y. Law, S. Etalle, and P. Havinga. LKHW: A Directed Diffusion-Based Secure Multicast Scheme for Wireless Sensor Networks. In Proc. of IEEE International Conference on Parallel Processing Workshops, 2003.
[20]
T. Kaya, G. Lin, G. Noubir, and A. Yilmaz. Secure multicast groups on ad hoc networks. In Proc. of ACM workshop on security of ad hoc and sensor networks, 94 -- 102, 2003.
[21]
L. Lazos and R. Poovendran. Location-Aware Secure Wireless Multicast in Ad-Hoc Networks under Heterogeneous Pathloss. Technical Report UWEETR-2003-0012, University of Washington, 2003.
[22]
L. Lazos and R. Poovendran. Energy-Aware Secure Multicast Communication in Ad-hoc Networks Using Geographic Location Information. In Proc. of IEEE International Conference on Acoustics Speech and Signal Processing, 2003.
[23]
S. Mäki, T. Aura, and M. Hietalahti. Robust Membership Management for Ad-hoc Groups. in Proc. of Nordic Workshop on Secure IT Systems, 2000.
[24]
A. Yasinsac, V. Thakur, S. Carter, and I. Cubukcu. A Family of Protocols for Group Key Generation in Ad Hoc Networks. In Proc. o IASTED International Conference on Communications and Computer Networks, 183--187, 2002.
[25]
B. DeCleene, L. Dondeti, S. Griffin, T. Hardjono, D. Kiwior, J. Kurose, D. Towsley, S. Vasudevan, and C. Zhang. Secure Group Communications for Wireless Networks. In IEEE MILCOM, 2001.
[26]
D. Bruschi and E. Rosti. Secure multicast in wireless networks of mobile hosts: protocols and issues. Mobile Networks and Applications, 7(6), 503--511, 2002.
[27]
M. Moharrum, R. Mukkamala, and M. Eltoweissy. CKDS: An Efficient Combinatorial Key Distribution Scheme for Wireless Ad-Hoc Networks. In Proc. of IEEE International Conference on Performance, Computing, and Communications, 631--636, 2004.
[28]
S. Zhu, S. Setia, S. Xu, and S. Jajodia. GKMPAN: An Efficient Group Rekeying Scheme for Secure Multicast in Ad-Hoc Networks. In Proc. of International Conference on Mobile and Ubiquitous Systems: Networking and Services, 42--51, 2004.
[29]
A. Shamir. How to share a secret. Communications of the ACM, 22, 612--613, 1979.
[30]
J. Staddon, S.Miner, M. Franklin, D. Balfanz, M. Malkin, and D. Dean. Self-Healing Key Distribution with Revocation. In Proc. of IEEE Symposium on Security and Privacy, 2002.
[31]
D. Liu, P. Ning, and K. Sun. Efficient self-healing group key distribution with revocation capability. In Proc. of ACM conference on Computer and communications security, 231--240, 2003.
[32]
D. Liu, P. Ning, and R. Li. Establishing Pairwise Keys in Distributed Sensor Networks. In ACM Transactions on Information and System Security, 8(1), 41--77, 2005.
[33]
S.M. More, M. Malkin, J. Staddon, and D. Balfanz. Sliding-window self-healing key distribution. In Proc. of ACM workshop on Survivable and self-regenerative systems, 82--90, 2003.
[34]
R. Pickholtz, D. Schilling, and L. Milstein. Theory of spread spectrum communications -- a tutorial. IEEE Trans. Comm., 1982.
[35]
V. Gupta, S. Krishnamurthy, and M. Faloutsos. Denial of service attacks at the MAC layer in wireless ad hoc networks. In Proc. of Milcom, 2002.
[36]
P. Bjorklund, P. Varbrand, and D. Yuan. Resource optimization of spatial TDMA in ad hoc radio networks: A column generation approach. In IEEE INFOCOM, 2003.
[37]
M. Steiner, G. Tsudik, and M. Waidner. Key Agreement in Dynamic Peer Groups. IEEE Transactions on Parallel and Distributed Systems, 11(8):769--780, 2000.
[38]
S.T. Redwine Jr. A Logic for the Exclusion Basis System. In Proc. of the Hawaii International Conference on System Sciences (HICSS), 2004.
[39]
L. Morales, I.H. Sudborough, M. Eltoweissy, and M.H. Heydari. Combinatorial Optimization of Multicast Key Management. In Proc. of the Hawaii International Conference on System Sciences, 2003.
[40]
B. Bhargava and Y. Zhong. Authorization Based on Evidence and Trust. In Proc. of Data Warehouse and Knowledge Management Conference (DaWak), 2002.
[41]
Y. Zhong. Formalization of Dynamic Trust and Uncertain Evidence for User Authorization. Ph.D. Thesis, Dept. of CS, Purdue University, 2005.
[42]
N. Potlapally, S. Ravi, A. Raghunathan, and N. Jha. Analyzing the energy consumption of security protocols. In Proc. of International symposium on Low power electronics and design, 30--35, 2003.
[43]
P. Ni and Z. Li. Energy Cost Analysis of IPSec on Handheld Devices. Microprocessors and Microsystems, special issue on Secure Computing Platform, 28(10), 585--594, 2004.
[44]
X. Chen and J. Wu. Multicasting techniques in mobile ad hoc networks. In The handbook of ad hoc wireless networks, 25--40, CRC Press, Inc., 2003.
[45]
L. Ji and M. Corson. Differential destination multicast - a MANET multicast routing protocol for small groups, In Proc. of IEEE INFOCOM, 2001.
[46]
L. Ji and M. Corson. Explicit multicasting for mobile ad hoc networks. In Mobile Networks and Applications, 8(5), 535--549, 2003.
[47]
K. Chen and K. Nahrstedt. Effective Location-Guided Tree Construction Algorithms for Small Group Multicast in MANET, In Proc. of IEEE INFOCOM, 1180--1189, 2002.
[48]
C. Gui and P. Mohapatra. Efficient Overlay Multicast for Mobile Ad Hoc Networks, In Proc. of IEEE Wireless Communications and Networking Conference (WCNC), 2003.
[49]
S. Vasudevan, B. DeCleene, N. Immerman, J. Kurose, and D. Towsley. Secure Leader Election Algorithms for Wireless Ad Hoc Networks. In Proc. of IEEE DARPA Information Survivability Conference and Exposition (DISCEX), 2003.

Cited By

View all
  • (2018)Fault-Tolerant and Scalable Key Management Protocol for IoT-Based Collaborative GroupsSecurity and Privacy in Communication Networks10.1007/978-3-319-78816-6_22(320-338)Online publication date: 25-Apr-2018
  • (2016)An Efficient Secure scheme for Wireless Sensor NetworksProceedings of the 9th International Conference on Security of Information and Networks10.1145/2947626.2947636(129-132)Online publication date: 20-Jul-2016
  • (2016)Cost-effective polynomial-based multicast–unicast key distribution framework for secure group communication in IPv6 multicast networksIET Information Security10.1049/iet-ifs.2015.039810:5(252-261)Online publication date: 1-Sep-2016
  • Show More Cited By

Index Terms

  1. Key distribution and update for secure inter-group multicast communication

    Recommendations

    Comments

    Information & Contributors

    Information

    Published In

    cover image ACM Conferences
    SASN '05: Proceedings of the 3rd ACM workshop on Security of ad hoc and sensor networks
    November 2005
    136 pages
    ISBN:1595932275
    DOI:10.1145/1102219
    Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

    Sponsors

    Publisher

    Association for Computing Machinery

    New York, NY, United States

    Publication History

    Published: 07 November 2005

    Permissions

    Request permissions for this article.

    Check for updates

    Author Tags

    1. inter-group communication
    2. key distribution and update
    3. security

    Qualifiers

    • Article

    Conference

    CCS05
    Sponsor:

    Upcoming Conference

    CCS '25

    Contributors

    Other Metrics

    Bibliometrics & Citations

    Bibliometrics

    Article Metrics

    • Downloads (Last 12 months)4
    • Downloads (Last 6 weeks)0
    Reflects downloads up to 13 Feb 2025

    Other Metrics

    Citations

    Cited By

    View all
    • (2018)Fault-Tolerant and Scalable Key Management Protocol for IoT-Based Collaborative GroupsSecurity and Privacy in Communication Networks10.1007/978-3-319-78816-6_22(320-338)Online publication date: 25-Apr-2018
    • (2016)An Efficient Secure scheme for Wireless Sensor NetworksProceedings of the 9th International Conference on Security of Information and Networks10.1145/2947626.2947636(129-132)Online publication date: 20-Jul-2016
    • (2016)Cost-effective polynomial-based multicast–unicast key distribution framework for secure group communication in IPv6 multicast networksIET Information Security10.1049/iet-ifs.2015.039810:5(252-261)Online publication date: 1-Sep-2016
    • (2014) Inter cluster communication and rekeying technique for multicast security in mobile ad hoc networks IET Information Security10.1049/iet-ifs.2013.02178:4(234-239)Online publication date: Jul-2014
    • (2013)Polynomial-based key management for secure intra-group and inter-group communicationComputers & Mathematics with Applications10.1016/j.camwa.2012.02.00865:9(1300-1309)Online publication date: May-2013
    • (2012)Transmission-efficient group-key generation in large dynamic MANET environments2012 Third International Conference on Emerging Applications of Information Technology10.1109/EAIT.2012.6407965(355-360)Online publication date: Nov-2012
    • (2009)Power Management and Security in IEEE 802.15.4 ClustersMobile Telemedicine10.1201/9781420060478.ch13(237-263)Online publication date: 23-Nov-2009
    • (2008)Performance implications of periodic key exchanges and packet integrity overhead in an 802.15.4 beacon enabled clusterInternational Journal of Sensor Networks10.1504/IJSNET.2008.0164603:1(33-42)Online publication date: 1-Dec-2008
    • (2008)Secure communication for ad-hoc, federated groupsProceedings of the 7th symposium on Identity and trust on the Internet10.1145/1373290.1373298(48-58)Online publication date: 4-Mar-2008
    • (2008)Performance of IEEE 802.15.4 Clusters with Power Management and Key ExchangeJournal of Computer Science and Technology10.1007/s11390-008-9140-023:3(377-388)Online publication date: 2-Jun-2008
    • Show More Cited By

    View Options

    Login options

    View options

    PDF

    View or Download as a PDF file.

    PDF

    eReader

    View online with eReader.

    eReader

    Figures

    Tables

    Media

    Share

    Share

    Share this Publication link

    Share on social media