Group Key Management: Theory and Key Technologies
|School||Xi'an University of Electronic Science and Technology|
|Keywords||Group Key Management Forward Secrecy Backward Secrecy Key Tree Key Matrix Key Updating Membership Event|
Since most group applications take place over the wide-open expanse of the Internet, it is necessary to prevent non-authorized users accessing group communication, so as to ensure the secure communication among the group members. The general method to achieve secure group communication is encrypting communication messages by a key shared among all group members. Since many group settings involve dynamic membership events, efficient and secure group key updating is a major concern. Group key management is an efficient way to update the group key in dynamic groups for it achieving low network transmission overheads and high user scalability.This thesis is concerned with the research on the theory and key technologies of group key management. Some relevant schemes are presented, including a group key management scheme for high-delay dynamic peer networks, a lazy group key updating scheme for cryptographic file systems by using the dynamic-tree and key regression, and a collusion-resistant group key management scheme for wireless sensor networks. Besides, we focused on the designs of extended weight-balanced key tree and hierarchy-matrix key structure for group key management.More precisely, the contribution of this thesis is fivefold:1. First, a secure, efficient and distributed group key management scheme is presented. It is based on the hierarchical key tree and multi-party key agreement. The related analyses on computation, storage and communication costs show that the ternary key tree is more applicable to group key management. Then, by blending the bilinear pairing based key agreement with ternary key tree, we present a group key management scheme for high-delay dynamic peer networks, which supports join, leave, merge and partition events. In the scheme, the number of rounds and messages are close to the lower bound of those for group key management, and the length of messages and computation costs are less than those of the existing schemes. Furthermore, this scheme provides strong forward secrecy, strong backward secrecy, key independence and statelessness.2. After discussing the relationship between the security against static adversary and the security against adaptive adversary in lazy group key updating systems, a lazy group key updating scheme GKUDT based on the dynamic-tree and key regression is presented. GKUDT, consisting of four algorithms Init, Update, Derive and Extract, can handle lazy key updating events with unbounded number of time intervals. In lazy join events and lazy leave events, GKUDT provides the forward secrecy and backward secrecy. We also prove that GKUDT is secure if the Large Integer Factoring problem is hard. The performance evaluation shows that the worst-case complexity of the cryptographic operations in the Extract algorithms is logarithmic in the number of time intervals, and those of Init, Update, Derive are constant.3. To achieve the secure group communication in wireless sensor networks (WSNs), an EBS-based group key management scheme is presented. First, the scheme simplifies the network topology by combining the chain-clusters and star-clusters. Next, to prevent the adversary uncover all the administrative keys by a few colluding sensors, it increases the number of sensors needed to capture WSNs. Then, the sensors’order in key combinations distribution is sorted through a coloring algorithm. Thereafter, the presented scheme distributes the administrative keys based on the hamming distance and EBS. Furthermore, the approaches handling the join event and leave event are described. Two experiments are performed to study the potential for collusions and the influence of number of compromised nodes on the ability against collusions. Simulation results demonstrate that the presented scheme boosts the WSNs’resilience to collusion attacks. The performance evaluations on the join event and leave event show that the number of key-updating messages and storage of sensors in the proposed scheme are fewer than those of the existing scheme.4. An extending weight-balanced tree (IKT tree) for group key managements is presented. By introducing a special path SP, the IKT tree does not cause adjustment-propagation after member adding or member leaving, and keeps the group rekeying holding logarithmic computation costs. The key updating costs in the worst case of IKT tree are fewer than those of the height-balanced tree and equal to those of the weight-balanced tree. The experiment results show that the IKT tree-based scheme reduce the communication overheads when compared to the existing schemes.5. A collusion-resistant system CRMS for group key management in dynamic groups is presented. CRMS is defined as the collection of subsets of group members, and the keys held by users in CRMS are organized in a hierarchical-matrix manner. By formalizing the security properties of group key management, we prove that the CRMS-based scheme satisfies the desired properties, such as group key secrecy, forward secrecy, backward secrecy and collusion freedom. Moreover, the relationships among the computation overhead in a leave event, the storage costs of members and the number of colluders in matrix-based group key management schemes are analyzed, and the suggestion of how to select the parameters in CRMS is given. The simulation results show that CRMS-based scheme has the advantage of performance over the existing ones.