Professional Documents
Culture Documents
Literature Survey: General
Literature Survey: General
General
According to Lee.P.P.C.et al.(2009) evaluated several distributed collaborative key
agreernent protocols for dynamic peer groups.T his problem has several important
characteristics which make it different from traditional secure group communication..
Instead of performing individual re-key operations,i.e.,recomputing the group key after
every join or leave request, an interval based approach of rekeying. In particular,
consider three distributed algorithms for updating the group key( 1) the Rebuild
algorithm, (2) the Batch algorithm, and (3) the Queue batch algorithm. We analyze the
performance of these distributed algorithm under different settings, including different
population sizes and different job leave probabilities.These three distributed algorithms
significantly outperform the individual rekey algorithm, and that the Queue-batch
algorithm performs the best among the three distributed algorithms. Moreover; the
Queue-batch algorithm has the intrinsic property of balancing the workload such that the
dynamic peer group can quickly begin secure group communication.
Secure group communication
According to Dharavath.R .et al.(2011) secure group communication is an increasingly
popular research area having received much attention in recent years. Group key
management is a fundamental building block for secure group communication systems.
This paper introduces a new family of protocols addressing cluster based
communication, and distributed group key agreement for secure group communication in
dynamic peer groups. In this scheme, group members can be divided into sub groups
called clusters. We propose three cluster based communication protocols with tree-based
group key management. The protocols (1) provides the communication within the cluster
by generating common group key within the cluster, (2) provides communication
between the clusters by generating common group key between the clusters and (3)
provides the communication among all clusters by generating common group key among
the all clusters. In our approach group key will be updated for each session or when a
user joins or leaves the cluster. More over we use Certificate Authority which guarantees
key authentication, and protects our protocol from all types of attacks.
Cluster group key or cluster common key is shared by all the cluster members and
communicates with it. The authentication is provided by certificate authority by issuing
the public key certificate and location identification number, LID prior to the time of
joining in the cluster or group.
Group key agreement
Ingle.R and Sivakumar.G (2007) documented the secure group communication requires
a group key management mechanism to perform.Various group key management
protocols address this issue.Contributory group key agreement protocols are preferred
over other key management protocols.Whenever a new member joins or leaves the group
the group key agreement protocol should remain secure. The applications of group key
agreement can be grouped into following different classes peer groups of long running
servers, conferencing, one-to-many broadcast, distributed logging and mobile state
transfer. Users may have different join and leave behavior.Uncertainty of user behavior
makes the key agreement algorithm costly. Inorder to obtain an efficient protocol one
would need different model
Computation technique
Aparna.r and Amberkar.B.B(2008) documented with the growth of Internet, many
applications are based on a group communication model where members of the group
would like to communicate among themselves over a public channel securely. To carry
out the group communication confidentially over a public channel, a group key is
required. In this paper we propose a new group key computation technique for secure
group communication. The scheme is based on contributory key agreement
approach,allows the users to verify the consistency of the shares used for computing the
group key, and is applicable to dynamic groups. The paper also addresses periodic group
re keying.
Secret share
According to Cao.C.J and Ma.J.F(2008) group key management is one of the basic
building blocks in securing group communication. A number of solutions to group key
exchange have been proposed, but most of them are not scalable and require a number of
rounds linear in the number of group members. We formally present a constant-round
Identity-based protocol with forward secrecy for group key exchange, which is provably
secure in the security model introduced by Bresson et al. Our protocol focuses on round
efficiency and the number of communication round is only two. And, the protocol
provides a batch verification technique, which simultaneously verifies the validity of
messages from other group participants and greatly improves computational efficiency.
Moreover, in our protocol, it is no necessary of always-online key generation center
during the execution of the protocol compared to other Identity-based protocols.
Optimization
Cho.J.H..et al(2005)secure group communication has become an important network
issue as more emerging network applications now are based on a group communication
model.In a dynamic network, a group membership can be changed dynamically. That is,
new members can join and current members can leave at any time. Instead of individual
rekeying, i.e., performing a rekey right after each join or leave request is received,
periodic batch rekeying has been proposed to alleviate rekeying overhead in resource
constrained wireless networks. The issue of how often rekey operations should be
performed, however, has not been addressed. In this paper, we develop a Stochastic
PetriNet (SPN) model to identify the optimal batch rekey interval to minimize periodic
rekey overhead while satisfying application-specific constraints in rekey delay and
secrecy violation. We develop three new threshold-based schemes,demonstrate the
optimal rekey intervals for these three schemes, and identify the best scheme that should
be adopted for periodic batch rekeying to minimize rekey overhead, when given a set of
parameter values characterizing the operational and environmental conditions.
Most network applications are based upon the client–server paradigm and make use of
unicast (or point-to-point) packet delivery. Many emerging applications,on the other
hand, are based upon a group communications model. In particular, they require packet
delivery from one or more authorized sender(s) to a large number of authorized
receivers. In the Internet, multicast has been used successfully to provide an efficient,
best effort delivery service to large groups. We envision that deployment of network
applications requiring group communications will accelerate in coming years. As a
result, securing group communications,i.e., providing confidentiality, authenticity, and
integrity of
messages delivered between group members, will become a critical networking issue in
the near future.
For a group of members, distributing the group key securely to all members requires
messages encrypted with individual keys (a computation cost proportional to group
size ). Each such message may be sent separately via uni cast. Alternatively, the
messages may be sent as a combined message to all group members via multicast. Either
way, there is a communication cost proportional to group size (measured in terms of the
number of messages or the size of the combined message).
Observe that for a point-to-point session, the costs of session establishment and key
distribution are incurred just once, at the beginning of the session. A group session, on
the other hand, may persist for a relatively long time with members joining and leaving
the session. Consequently, the group key should be changed frequently. To achieve a
high level of security, the group key should be changed after every join and leave so that
a former group member has no access to current communications and a new member has
no access to previous communications.
Diffe.H(1986) development of computer controlled communication net- multiple access
cipher. A private conversation can therefore be works promises effortless and
inexpensive contact between pro- held between any two individuals regardless of
whether they pile or computers on opposite sides of the world, replacing most have ever
communicated before. Each one sends messages to mail and many excursions with
telecommunications. For many the other enciphered in the receiver public enciphering
key applications these contacts must be made secure against both and deciphers the
messages he receives using his own secret eavesdropping and the injection of
illegitimate messages. At deciphering key. present, however, the solution of security
problems lags well We propose some techniques for developing public key crypt behind
other areas of communications technology. Contemporary systems, but the problem is
still largely open cryptography is unable to meet the requirements, in that Public key
distribution systems offer a different approach to its use would impose such severe
inconveniences on the system eliminating the need for a secure key distribution channel.
In users, as to eliminate many of the benefits of teleprocessing. such a system, two users
who wish to exchange a key The best known cryptographic problem is that of privacy
back and forth until they arrive a key in common.
Many emerging Internet applications (e.g., real-time information services, pay per view,
distributed interactive simulations, multi-party games) are based on a secure group
communications model. In this model, authorized members of a group share a symmetric
group key that is used to encrypt group communications. To provide forward and
backward confidentiality [21], the shared group key is changed on each membership
change and securely redistributed to the existing members of the group. This is referred
to as group rekeying. For large groups with frequent membership changes, the costs of
rekeying the group can be quite substantial. The straightforward approach under which a
new group key is generated on each membership change, encrypted individually and
transmitted to each existing group member is not scalable since the costs of this
approach increase linearly with the size of the group. Scalable rekeying is therefore an
important and challenging problem that needs to be addressed in order to support secure
communications for large and dynamic groups.
The idea of batched key retransmission (BKR) is also based on the special properties of
the rekey transport payload. In a conventional receiver-initiated reliable multicast
protocol, when a sender receives NACKs for packets from specific receivers, it responds
by retransmitting the corresponding packets to the group. In the case of a reliable key
delivery protocol, a packet will typically contain several keys most of which are not
needed by a specific receiver. Instead of re-sending the whole packet to the group, our
protocol determines the keys that are needed by the receivers who responded with
NACKs to the initial multicast, packs these keys into new packets (again using the WKA
algorithm) and multicasts them to the group. In performance evaluation, we find that for
most scenarios, WKA-BKR has lower bandwidth overhead in comparison to previously
proposed protocols. The difference in bandwidth overhead is significant – up to 26%
lower than FEC-based protocols and up to 60% lower than simpler replication based
protocols for the default scenario considered in our performance study. WKA-BKR is
also less sensitive to changes in network loss conditions than proactive FEC-based
protocols, and outperforms these protocols over a wide range of group sizes and
membership dynamics. Finally, based on insights provided by our results, propose
modifications that can lead to improved performance for group rekey transport protocols
based on proactive FEC.
Sunghyuck Hong and Noe Lopez-Benitez(2003) documented ─Group communication is
becoming increasingly popular in Internet applications such as videoconferences, online
chatting programs, games, and gambling. For secure communications, the integrity of
messages, member authentication, and confidentiality must be provided among group
members. To maintain message integrity, all group members use the Group Key (GK)
for encrypting and decrypting messages while providing enough security
to protect against passive attacks. Tree-based Group Diffie-Hellman (TGDH) is an
efficient group key agreement protocol to generate the GK. TGDH assumes all members
have an equal computing power. One of the characteristics of distributed computing and
grid environments is heterogeneity; the member can be at a workstation, a laptop or even
a mobile computer. Member reordering in the TDGH protocol could potentially lead to
an improved protocol; such reordering should capture the
heterogeneity of the network as well as latency. This research investigates dynamic
reordering mechanisms to consider not only the overhead involved but also the
scalability of the proposed protocol.
The Group Diffie-Hellman (GDH) key agreement protocol iis an extension to the Diffie-
Hellman (DH)
key exchange protocol. The GK computation is an important component of group key
management in securing group communication; several efforts to enhance the group key
computational process have been reported in which every member must contribute in
the computation of the GK. Therefore, group key management focuses on minimizing
computational overhead due to its inherent expensive cryptographic operations . Because
of the complexity of the GK computation, the group key management adopts a key tree
structure that reduces computational times. Key trees have been suggested in the past for
centralized group key distribution systems to reduce the complexity of the key
calculation . One such group key computational protocol is the Tree-based Group Diffie-
Hellman TGDH.
According to Bartee.T.C(1985) there are two basic types of key establishment :In key
agreement protocols ,neither party knows the key in advance;it is determined as a result
of their interaction.In key distribution protocol ,one party has decided on a key and
transmits it to the other party.Diffie-Hellman key exchange is an example of key
agreement.In any key establishment protocol,authentication and intruder-in the middle
attacks are security concerns.Pre-authentication and another solution involves employing
a server that will handle the task of securely giving keys to two entities wishing to
communicate.
A dynamic communication group in which members are located in a distributed fashion.
Extending the Diffie-Hellman key exchange protocol to more than two members in the
communication group. The membership of the communication group is dynamic so that
members can leave and new members can join the group at any time. The contributions
of our work are: The key agreement protocol is distributed in nature and does not require
a centralized key server. The key agreement protocol is contributive - each member
contributes its part to the overall group key. We illustrate that instead of performing
individual rekeying operations, one can use an interval-based approach to significantly
reduce the computation and communication costs of maintaining the group key. We
propose three distributed interval-based rekey protocols and carry out qualitative and
simulation-based analyses to illustrate their performance merits.