Date post: | 21-Jan-2016 |
Category: |
Documents |
Upload: | barnaby-hubbard |
View: | 215 times |
Download: | 0 times |
1
Performance Optimization of Region-Based Group Key Management in Mobile Ad Hoc
Networks- Presentation by Scott Stewart, Arun Sudhir, and Morgan Yeh -
Authors include Jin-Hee Cho, Ing-Ray Chen, Ding-Chau Wang
2
Overview
Introduction Related Work and Information Terminology and Background Performance Model and Analysis Example at Work Summary and Conclusion
Introduction
Security Information transferNode integrity
CommunicationsNode interactions
Wireless / MobileReliability
Introduction
PKI – Public Key Infrastructure Confidentiality Integrity
Message integrity Authentication (not authorization) Non-repudiation
The ability to prevent a user from refuting their self-identity or transaction
Rekeying To change the value of a cryptographic key that is being used in
an application of a cryptographic system
Introduction
Mobile Ad Hoc Network (MANET)Rapidly deployable, but …Constrained resources (CPU, memory,
battery, bandwidth)Unreliable communicationFrequent network topology changes due to
node mobility
Introduction
Group key group members share a secret key
Backward secrecy Group key rekeyed New members cannot decrypt previous messages
Forward secrecy Group key rekeyed Members leaving cannot decrypt future
communications
Introduction
Group key management protocolAn algorithm that deals with the distribution,
updating, and revocation of group keysSome sort of certificate management system
ProblemMany existing group key management
protocols do not consider node mobility
Introduction
Proposal Region-based group key management protocol
Decentralized control reduce group key management overhead Make protocol scalable to large number of nodes in a group
Focus Security for mobility-induced events (group
partitioning/merging) Optimal setting to maximize performance of system Show that region-based outperforms non-region-
based protocols
Related Work and Information
Group key management Centralized
Uses key controller for key management tasks Not suitable for MANETs
Decentralized Divides a group into subgroups
Distributed No group key controller for group key management Contributory group key generation by all members
Related Work and Information
IGKMP (Hardjono et al. and Zhang et al.) Intra-domain Group Key Management Protocol Suitable for wired networks, not MANETs
HYDRA (Rafaeli et al.) Decentralized Based on use of multiple groups controllers in a region
DEP (Dondeti et al.) Dual Encryption Protocol Decentralized Multiple subgroup controllers
Related Work and Information
Existing works Considers hierarchical clustering for grouping nodes
into clusters Scalability Efficiency
Two-layer hierarchical key management structure (Rhee et al.)
Secure communications, used by UAVs Many other researches, but many lack
maximized system performance identifiers and proofs
Related Work and Information
Assumptions Nodes are equipped with GPS Nodes self-organize and group themselves into
region-based subgroups Saves energy by avoiding executing clustering algorithms
Derivation Based off of IGKMP Adopt distributed key management within each region
Robustness, avoid singling out a particular node to act as key controller
Related Work and Information
Distributed key management research GDH
Group Diffie-Hellman Octopus (Becker and Wille)
Based on DH (Diffie-Hellman) key exchange protocol LKH
Logical Key Hierarchy DLKH (Rodeh et al.)
Distributed LKH DOFT
Distributed One-way Function Tree Many known research incur high communication overheads
Related Work and Information
Goals Robustness without sacrificing efficiency Utilize any known distributed key management
schemes Identify the optimal region size to minimize network
traffic incurred by key management operations and mobility-induced events in MANETs
Optimal region size determined by GDH To be shown …
Terminology and Background
Terminology and Background
KG Group key KRL Leader key KRi Regional key in region i RVi Regional view in region i LV Leader view GV Group view RLi A leader in region i RMi,j A member j in region i
Terminology and Background
Terminology and Background
Bootstrapping Key management View management Rekeying protocol
Terminology and Background
Group member join Group member leave Group member leave by a leader member Boundary crossing by a non-leader member Boundary crossing by a leader member Group member disconnection and reconnection Leader election Group partition Group merge
Terminology and Background
Terminology and Background
System model Nodes are randomly
distributed according to a homogeneous spatial Poisson process
Density = λ p
Operational area = A = Π r ^ 2 Average number of nodes = N
= ( λ p ) A
Rate of joining a group = λ Rate of leaving a group = μ Probabilities
Node in any group = λ / (λ+μ) Node not in any group = μ /
(λ+μ)
Terminology and Background
System model R(n) = 3n^2 + 3n + 1 n = 3, 37 regions n = 2, 19 regions n = 1, 7 regions Total number of
regional boundary edges = 6*R(n)
Total number of outward boundary edges = 12n+6
Terminology and Background
System model Mobility rate of a
node, where there is only one region = σ
σn = (2n + 1) σ PRM (n)
Terminology and Background
Security modelSecrecy (non-repudiation), confidentiality,
integrity, and authenticationGroup key secrecyForward/backward secrecyKey independence
Terminology and Background
Attack modelUnauthorized access to legitimate accountModify a data package to break data integrity Impersonating a group memberForge packets
Performance Model and Analysis Developed to evaluate network traffic cost Goal is to identify optimal region size
minimizing network traffic Derive a formula given a set of basic
parameter values Cost metric is total network traffic per time
unit
Performance Model and Analysis - Total network traffic per time unit
Incurred in response to group key management events Group merge/partition cost – Cost per time unit for dealing with
group partitioning and merging events Re-keying the group key Updating the group view
Regional mobility cost – Network response to mobility-induced regional boundary crossing events
Group join/leave cost – Cost for handling group join or leave events Includes cost caused by connection/disconnection events by group
members Periodic Beaconing Cost – Maintaining view consistency by all
members through periodic beaconing “I am alive”, “I-am-a-new-leader”
Performance Model and Analysis - State
Magnitude of cost depends on number of groups Find average cost for the system in steady-state
probabilities for number of groups Birth-death process used Each state i represents i partitioned groups with
merging and partitioning rates
Cost for group merging and partitioning Ĉmp,i
Cost for group partition - Ĉpartition,i
Product of group-partitioning rate (λnp,i) and cost per group partitioning event (Cnp,i)
Cnp,i covers 4 costs – Defined later Cintra is cost for intra-region re-key & view update (explained later) Cinter,i is cost for inter-region re-key & leader view update (later) Cgroup,i is cost for group re-key and group view update (later)
is cost for a leader to change groups
is number of partitioned regions; r is radius of area; s is radius of region
Cost for group merge - Ĉmerge,i
Product of group-merging rate (μnm,i) and cost per group merging event (Cnm,i)
Cnm,i covers same 4 costs as Cnp,i
Only pertains to single merged group is number of merged regions, similar to
Final equation for group merge/partition
Cost for regional boundary crossing - Ĉmobility,i
Traffic cost per time unit due to a regional boundary event
while the system has i groups Two factors: Leader & Non-Leader Mobility
Λm is the aggregate regional mobility by nodes in the
system, given by σn × N
Cost for non-leader regional boundary crossing -
Pnonleader is probability of a node being non-leader
Pnonleader = (N – Nleader)/N N is total number of nodes in system
Nleader is total number of leaders in system
Cintra is cost for intra-region re-key & view update
is cost for updating a regional view
is cost for re-keying a regional key Hregion is number of hops within a region; s is radius of region; R is wireless per-hop radio range
Cost for leader regional boundary crossing
Pleader is probability of a node being leader
Pleader = R(n)/N R(n) is the total number of regions in the system N is total number of nodes in system
Cinter,i is cost for inter-region communications
is cost for updating the leader view in a group
is cost for re-keying the leader key in a group Hleader,i is number of hops among leaders
Radius of group approximated by r/√i
Cost for leader regional boundary crossing
Composed of four costs
Outgoing leader broadcasts two intent-to-leave messages to
regional members and other leaders Incoming leader broadcast two “I-am-a-new-leader” messages to
its regional members and other leaders
Final equation for cost of regional boundary crossing
Cost for group join/leave - Ĉjoin/leave,i
Ĉjoin/leave,i = ΛJ × Cjoin,i + ΛL × Cleave,i
Cjoin,i is group join cost for i groups
Cleave,i is group leave cost for i groups
ΛJ and ΛL aggregate join/leave rates
Cost for group join - Ĉjoin,i
Regional update and group update
Ĉjoin,i = Cintra + Cgroup,i
Cintra is cost for intra-region re-key & view update
is number of bits required in a broadcast messages for updating the group view for the leaders
is number of bits for updating the group view for members in a region
is number of bits for re-keying the group key for members in a region
Nregion, i is the number of regions in a group: R(n)/i
Cost for group leave - Ĉleave,i
Non-member leave and member-leave
Pleader & Pnon-leader are probabilities of a node being a leader or non-leader
Cintra is cost for intra-region re-key & view update Cinter,i is cost for inter-region re-key & leader view update is cost for a leader to change groups
Cost for beaconing - Ĉbeacon,i
Includes cost in two levels Intra-regional among region members for region view Inter-regional among leaders for leader view
Ĉbeacon,i = [ΛRB × Malive × Hregion] + [ΛLB × Malive × Hleader,i]
Malive is number of bits in beacon message
Hregion is number of hops between a regional leader and a regional
member
Hleader,i is number of hops among leaders in a group when there are
i groups
Cost for beaconing - Ĉbeacon,i
Ĉbeacon,i = [ΛRB × Malive × Hregion] + [ΛLB × Malive × Hleader,i]
ΛRB is overall beacon rate in the system by all members
at the intra-regional level
ΛLB is overall beacon rate in the system by all leaders at
the inter-regional level
Obtained my multiplying beaconing intervals (TRB, TLB) by
the number of members and leaders, respectively
Region-based key agreement protocol: Region-based key agreement protocol: An exampleAn example
GDH.3
- fixed size messages
- constant number of exponentiation operations by each participant
- ideally suited for mobile devices with low computational capabilities
Parameterizing intra-regional communication cost based on GDH.3Parameterizing intra-regional communication cost based on GDH.3
Consider a region:
Each participant shares a common base α and keeps its secret share Ni.
Stage 1: Upflow: Collect contributions from M1 to M
m-1
Contribution to C rekey
: 1 * v ( N region
– 2 )intra members
Parameterizing intra-regional communication cost based on GDH.3Parameterizing intra-regional communication cost based on GDH.3
Contribution to C rekey
: H region
* vintra
Stage 2: Broadcast from Mm-1
Parameterizing intra-regional communication cost based on GDH.3Parameterizing intra-regional communication cost based on GDH.3
Stage 3: Unicasts from Mi
Contribution to C rekey
: Hregion
* v ( Nregion
– 1 )intra members
Parameterizing intra-regional communication cost based on GDH.3Parameterizing intra-regional communication cost based on GDH.3
Contribution to C rekey
: Hregion
* v ( Nregion
– 1 )intra members
Stage 4: Broadcast from Mm
Parameterizing intra-regional communication cost based on GDH.3Parameterizing intra-regional communication cost based on GDH.3
GDH: New member join scenario
M m+1
joins the group.
Stage 1: Unicast from Mm+1
Stage 2: Broadcast from Mm
In the event of a member leaving, only the above stage is executed.
If Mm leaves, M
m-1 distributes the subkeys.
Parameterizing inter-regional communication cost based on GDH.3Parameterizing inter-regional communication cost based on GDH.3
Stages are the same as in the regional case.
Assuming i groups, for any of the i groups, we have:
Stage 1:unicast
Contribution to C rekey,i
: Hleader
* v ( Nregion,i
– 2 )inter
Contribution to C rekey,i
: Hleader,i
* vinter
Contribution to C rekey,i
: Hleader,i
* v inter stage3(GDH)
Contribution to C rekey,i
: Hleader,i
* v ( Nregion,i
– 1 )inter
stage1(GDH)
Stage 2: broadcast
Stage 4: broadcast
Stage 3: unicast
Where..
Hleader,i
= r/ (R√i )
Hleader
= 2s / R
Hleader,i
=
stage1(GDH)
stage3(GDH)
Parameterizing the per-group merging/partitioning rates at state i.Parameterizing the per-group merging/partitioning rates at state i.
A simulation of the model is run.
Number of merging and partitioning events during time T are collected.
Si - Sojourn time that the system is in state i.
Nnm,i
– number of merging events when there are i groups
Nnp,i
– number of merging events when there are i groups
Merging rate: μnm,i
= Nnm,i
/ Si
Partitioning rate: λnm,i
= Nnp,i
/ Si
Simulation results – Group merging rateSimulation results – Group merging rate
Simulation results – Group partitioning rateSimulation results – Group partitioning rate
NUMERICAL ANALYSISNUMERICAL ANALYSIS
Overall cost (CˆOverall cost (Cˆtotaltotal) vs. number of regions (N) vs. number of regions (N
regionregion) as a function of mobility rate (σ)) as a function of mobility rate (σ)
Overall cost (COverall cost (Ctotaltotal) in no region vs. in 37 regions as a function of mobility rate (σ)) in no region vs. in 37 regions as a function of mobility rate (σ)
Breakdown of CˆBreakdown of Cˆmobilitymobility,Cˆ,Cˆ
join/leavejoin/leave,Cˆ,Cˆbeaconbeacon, and Cˆ, and Cˆ
mpmp vs. number of regions (N vs. number of regions (Nregionregion).).
CˆCˆmobilitymobility,Cˆ,Cˆ
join/leavejoin/leave,Cˆ,Cˆbeaconbeacon, and Cˆ, and Cˆ
mpmp under no region vs. under optimal region size. under no region vs. under optimal region size.
Overall cost (CˆOverall cost (Cˆtotaltotal) vs. number of regions (N) vs. number of regions (N
regionregion) as a function of node density (λ) as a function of node density (λpp).).
Overall cost (CˆOverall cost (Cˆtotaltotal) under no region vs. under optimal region size as a function of node density (λ) under no region vs. under optimal region size as a function of node density (λ
pp))
Overall cost (CˆOverall cost (Cˆtotaltotal) vs. number of regions N) vs. number of regions N
regionregion as a function of λ:μ as a function of λ:μ
λ:μ – Group join/ Group leave
Overall cost (CˆOverall cost (Cˆtotaltotal) under no region vs. under optimal region size as a function of ) under no region vs. under optimal region size as a function of λλ:μ:μ
λ:μ – Group join/ Group leave
SIMULATION USING SMPLSIMULATION USING SMPL
SIMULATION USING SMPLSIMULATION USING SMPL
Node lifecycle events: GROUP JOIN, GROUP LEAVE, BEACON, MOBILITYGROUP MERGE, GROUP PARTITION
Mobility is modeled by Random Waypoint Mobility (RWM)
S(σ) = 2r / expntl(1/σ) r – MANET area radius, expntl(1/σ) -random distribution with mean σ.
GROUP JOIN and GROUP LEAVE are assumed to be markovian with ratesλ and μ respectively. BEACONs are periodic
Batch Mean Analysis is used with 10 batches; each batch having 200,000 observations.
Results are obtained with 95% confidence and 10% accuracy level from the true mean. Also, the first 200 values of the first batch are discarded.
SIMULATION RESULT:SIMULATION RESULT:Overall cost (CˆOverall cost (Cˆ
totaltotal) vs. number of regions (N) vs. number of regions (Nregionregion) as a function of node density (λ) as a function of node density (λ
pp).).
SIMULATION vs ANALYSISSIMULATION vs ANALYSIS
Curves bear a very close resemblance
The slight difference is due to using RWM for mobility rates in simulation.
Also, the analysis uses mathematical equations while the simulation keeps track of each node's location to calculate the hops.
SUMMARYSUMMARY
A scalable and efficient region-based secure group key management protocol to support secure group communications in MANETs.
Reduces network communication costs, but also provides robust security properties.
The optimal region size minimises overall network traffic and is a trade-off betweenintra and inter regional overheads
Its also dependent on system parameters like node density, mobility rate and the group join and leave rates.
FUTURE WORKFUTURE WORK
Consider energy consumption issues
Consider insider attacks and intrusion detection
Questions or Comments?Questions or Comments?