KAIST

A Secure Group Key Management Scheme for Wireless Cellular Network

Hwayoung Um and Edward J. Delp, ITNG’06

2007. 9. 5Kim Pyung

A Secure Group Key Management Scheme for Wireless Cellular Network

Contents

IntroductionHandoff schemesLocation trackingPre-positioned secret sharingGroup key managementSimulation and resultConclusion

A Secure Group Key Management Scheme for Wireless Cellular Network

Introduction : Multicast protocols

Growths with multimedia streaming over wireless networksAccess control mechanismSession key(SK)

“forward message secrecy” and “backward message secrecy”

Tree-based key management schemesadvantages when update and maintain the SK(computation, communication, storage)

Performance issuesScalable

no “1 affects n”

Matching the key tree to the network topology reduces 33%~45% traffic

A Secure Group Key Management Scheme for Wireless Cellular Network

Introduction

The suggested scheme“The neighbors on the key tree are also physical neighbors”A pre-positioned secret sharing scheme

A Secure Group Key Management Scheme for Wireless Cellular Network

Handoff Schemes

Handoff schemes are based on the location of a userL_ADD : the beginning of handoffL_DROP : the termination of handoff

Soft handoff(30% handoff area)L_ADD : the boundary of overlapping areaL_DROP : the middle of two BSs

Hard handoffThe same with “joining after leaving”

A Secure Group Key Management Scheme for Wireless Cellular Network

Location Tracking

In Code Division Multiple Access(CDMA)The forward link transmission timing is synchronized within a μs(using self-synchronization, radio beacons, or GPS)The backward link transmission timing is based on the received timing derived from the first multipath component

A Secure Group Key Management Scheme for Wireless Cellular Network

Pre-Positioned Secret Sharing(PSS)

m-shares

Lagrange interpolation

Over the finite field GF(q)

a0 is the shared secret group key

A Secure Group Key Management Scheme for Wireless Cellular Network

Pre-Positioned Secret Sharing(PSS)

The pre-positioned sharessharei, 1≤i≤m, i≠j user group

The activation share(AS)sharej key server

Joining a group{s4-6}k4-5

AS, {s1-6,s4-6}k6

AS, {s1-6}k1-5

A Secure Group Key Management Scheme for Wireless Cellular Network

Group Key Management

M1 M3 M4

B1

G

M6

B2

M2 M5

Group manager

Subgroup managers

Users

s1-5 © AS k1-5

{s1-6}k1-5 s1-6

s1-5 s1-6

s4-5 s4-6

s1-6, s4-6, s6

s4-5 © AS k4-5

{s4-6}k4-5 s4-6

Leaving a group

AS, {s1-6}k1-5,{s4-6}k4-5

AS, {s1-5}k1-3

A Secure Group Key Management Scheme for Wireless Cellular Network

Group Key Management

M1 M3 M4

B1

G

M6

B2

M2 M5

Group manager

Subgroup managers

Users

s1-3 © AS k1-3

{s1-5}k1-3 s1-5

s1-6 s1-5 s4-6 s4-5

s1-6 s1-5

s4 © AS k4 | s5 © AS k5

{s4-5}k4 s4-5 | {s4-5}k5 s4-5

s4-5 © AS k4-5

{s1-5}k4-5 s1-5

Handoff

AS, {s5-6}k5,{s5-6}k6AS, {s1-4}k4

AS, {s1-4}k1-3

A Secure Group Key Management Scheme for Wireless Cellular Network

Group Key Management

M1 M3 M6

B1

G

M4

B2

M2 M5

Group manager

Subgroup managers

Users

s1-3 s1-4 s4-6 s5-6

s1-3 © AS k1-3

{s1-4}k1-3 s1-5

s4 © AS k4

{s1-4}k4 s1-4

s5 © AS k5 | s6 © AS k6

{s5-6}k5 s5-6 | {s5-6}k6 s5-6

{s1-6}k1-4, {s1-6}k5-6 ?

A Secure Group Key Management Scheme for Wireless Cellular Network

Cost Analysis

Tree-based scheme vs Pre-positioned secret sharingd : the degree of the treeh : the height of the tree ( the length of the longest directed path)The group key tree is assumed full and balanced

Comparison of TBC and PSS schemes : Storage cost

TBC PSS

# of keys held by server dn/(d-1) -

# of keys held by each member h -

# of share sets held by server - dn/(d-1)

# of share sets held by each member - h

Comparison of TBC and PSS schemes : Communication cost

Join Leave

A Secure Group Key Management Scheme for Wireless Cellular Network

Cost Analysis

TBC PSSJoin O(logd(n)) O(d logd(n)) and O(1)

Leave O(logd(n)) O(d logd(n)) and O(1)

Periodic rekeying O(d) O(1)

A Secure Group Key Management Scheme for Wireless Cellular Network

Cost Analysis

TBC computation cost

PSS computation cost

Server Requesting member

Non-requesting member

Join 2(h-1) h-1 d/(d-1)

Leave d(h-1) 0 d/(d-1)

Periodic rekeying d 1 1

Server Requesting member

Non-requesting member

Join 2(h-1) h-1 d/(d-1)

Leave d(h-1) 0 d/(d-1)

Periodic rekeying 0 0 0

A Secure Group Key Management Scheme for Wireless Cellular Network

Simulations and Results

Simulation Parameters

Parameter Value

# of MX 1

# of BS 16

# of MS Up to 100 per BS

Call generation Poisson with λ (calls/sec)

Call duration Exponential with 1/μ (1/sec)

User mobility 0-1 km/h (walking)2-5 km/h (running)6-25 km/h (low speed vehicle)25-100 km/h (high speed vehicle)

Cell radius 1 Km

Service Voice, Data, Video

L_ADD 30% of BS coverage area

L_DROP Boundary of BS

A Secure Group Key Management Scheme for Wireless Cellular Network

Simulations and Results

Number of key transaction 1 x (callgeneration) + 1 x (calltermination) + 2 x (# of Handoff)

No call admission control(CAC) Call admission control(CAC)

A Secure Group Key Management Scheme for Wireless Cellular Network

Conclusion

New schemethe neighbors on the key tree – physical neighborsPre-positioned secret sharing

Simulation3 - 8 handoff during a call durationNeed of call admission control

A Secure Group Key Management Scheme for Wireless Cellular Network

Time for

Any questions?

Thank you for listening !