![Page 1: Security Kim Soo Jin. 2 Contents Background Introduction Secure multicast using clustering Spatial Clustering Simulation Experiment Conclusions](https://reader035.vdocuments.mx/reader035/viewer/2022062317/5a4d1b4e7f8b9ab0599a6794/html5/thumbnails/1.jpg)
Security
Kim Soo Jin
![Page 2: Security Kim Soo Jin. 2 Contents Background Introduction Secure multicast using clustering Spatial Clustering Simulation Experiment Conclusions](https://reader035.vdocuments.mx/reader035/viewer/2022062317/5a4d1b4e7f8b9ab0599a6794/html5/thumbnails/2.jpg)
2
Contents Background Introduction Secure multicast using clustering Spatial Clustering Simulation Experiment Conclusions
![Page 3: Security Kim Soo Jin. 2 Contents Background Introduction Secure multicast using clustering Spatial Clustering Simulation Experiment Conclusions](https://reader035.vdocuments.mx/reader035/viewer/2022062317/5a4d1b4e7f8b9ab0599a6794/html5/thumbnails/3.jpg)
3
Background(1/3) Cryptosystem
Secret key system (Private key system)
A B
Encryption
Decryption
![Page 4: Security Kim Soo Jin. 2 Contents Background Introduction Secure multicast using clustering Spatial Clustering Simulation Experiment Conclusions](https://reader035.vdocuments.mx/reader035/viewer/2022062317/5a4d1b4e7f8b9ab0599a6794/html5/thumbnails/4.jpg)
4
Background(2/3) Multicasting
Key server
Host – Individual Key
Group multicasting
![Page 5: Security Kim Soo Jin. 2 Contents Background Introduction Secure multicast using clustering Spatial Clustering Simulation Experiment Conclusions](https://reader035.vdocuments.mx/reader035/viewer/2022062317/5a4d1b4e7f8b9ab0599a6794/html5/thumbnails/5.jpg)
5
Background(3/3) Multicasting
Key server
Host – ”Group Key”* Secure group communication *
Group multicasting
![Page 6: Security Kim Soo Jin. 2 Contents Background Introduction Secure multicast using clustering Spatial Clustering Simulation Experiment Conclusions](https://reader035.vdocuments.mx/reader035/viewer/2022062317/5a4d1b4e7f8b9ab0599a6794/html5/thumbnails/6.jpg)
6
Introduction(1/2) If assuming the network infrastructure is
insecure : Non-members can eavesdrop on the multicast
group and store encrypted messages The members who have left the group can
continue to decrypt messages New members can decrypt messages they
had stored previously Need the “Group re-keying”
during each membership change
![Page 7: Security Kim Soo Jin. 2 Contents Background Introduction Secure multicast using clustering Spatial Clustering Simulation Experiment Conclusions](https://reader035.vdocuments.mx/reader035/viewer/2022062317/5a4d1b4e7f8b9ab0599a6794/html5/thumbnails/7.jpg)
7
Introduction(2/2) Point-to-point Point-to-multipoint
Scalability problem of key management
This paper’s algorithm Does not require router support Completely end-host based
![Page 8: Security Kim Soo Jin. 2 Contents Background Introduction Secure multicast using clustering Spatial Clustering Simulation Experiment Conclusions](https://reader035.vdocuments.mx/reader035/viewer/2022062317/5a4d1b4e7f8b9ab0599a6794/html5/thumbnails/8.jpg)
8
Secure Multicast using Clustering Member hierarchy for Key
distributionThe procedure terminates when there is only a single member in any layer
Cluster [ABC]
Cluster [DEJF]
Cluster [GHI]
Cluster [CEH]
![Page 9: Security Kim Soo Jin. 2 Contents Background Introduction Secure multicast using clustering Spatial Clustering Simulation Experiment Conclusions](https://reader035.vdocuments.mx/reader035/viewer/2022062317/5a4d1b4e7f8b9ab0599a6794/html5/thumbnails/9.jpg)
9
Secure Multicast using Clustering Layer Keys and Cluster Keys :
Layer key Possessed by the group members in that
specific layer Generated, on-demand, by a key-server
Cluster key The leader of each cluster is responsible for
generating the cluster key for that cluster A pair-wise key is shared between the
cluster-leader and each member
![Page 10: Security Kim Soo Jin. 2 Contents Background Introduction Secure multicast using clustering Spatial Clustering Simulation Experiment Conclusions](https://reader035.vdocuments.mx/reader035/viewer/2022062317/5a4d1b4e7f8b9ab0599a6794/html5/thumbnails/10.jpg)
10
Secure Multicast using Clustering Key Distribution Protocol (Example
1) Assuming the cluster size : 3~5Multicast to all members in L1
encrypted by L1 layer key
![Page 11: Security Kim Soo Jin. 2 Contents Background Introduction Secure multicast using clustering Spatial Clustering Simulation Experiment Conclusions](https://reader035.vdocuments.mx/reader035/viewer/2022062317/5a4d1b4e7f8b9ab0599a6794/html5/thumbnails/11.jpg)
11
Secure Multicast using Clustering Key Distribution Protocol (Example
2)
![Page 12: Security Kim Soo Jin. 2 Contents Background Introduction Secure multicast using clustering Spatial Clustering Simulation Experiment Conclusions](https://reader035.vdocuments.mx/reader035/viewer/2022062317/5a4d1b4e7f8b9ab0599a6794/html5/thumbnails/12.jpg)
12
Example 2 cont.
![Page 13: Security Kim Soo Jin. 2 Contents Background Introduction Secure multicast using clustering Spatial Clustering Simulation Experiment Conclusions](https://reader035.vdocuments.mx/reader035/viewer/2022062317/5a4d1b4e7f8b9ab0599a6794/html5/thumbnails/13.jpg)
13
Secure Multicast using Clustering Key Distribution Protocol (Example
2)
![Page 14: Security Kim Soo Jin. 2 Contents Background Introduction Secure multicast using clustering Spatial Clustering Simulation Experiment Conclusions](https://reader035.vdocuments.mx/reader035/viewer/2022062317/5a4d1b4e7f8b9ab0599a6794/html5/thumbnails/14.jpg)
14
Spatial Clustering Clustering algorithm
Member discovery protocol Clustering protocol
![Page 15: Security Kim Soo Jin. 2 Contents Background Introduction Secure multicast using clustering Spatial Clustering Simulation Experiment Conclusions](https://reader035.vdocuments.mx/reader035/viewer/2022062317/5a4d1b4e7f8b9ab0599a6794/html5/thumbnails/15.jpg)
15
Spatial clustering Member discovery protocol
Defines parent-child relationships among the different members of the multicast tree
Focus on network layer multicast scheme that creates shared bi-directional trees (e.g.CBT)
d(x,y): distance between the members x and y, in router hops, then,y is considered to be parent of x, if and only if- d(S,y) d(S,x) (where, S is source)- z that satisfy d(y,x) d(z,x)
![Page 16: Security Kim Soo Jin. 2 Contents Background Introduction Secure multicast using clustering Spatial Clustering Simulation Experiment Conclusions](https://reader035.vdocuments.mx/reader035/viewer/2022062317/5a4d1b4e7f8b9ab0599a6794/html5/thumbnails/16.jpg)
16
Spatial Clustering Member discovery protocol (Cont.)
1234
5
34
![Page 17: Security Kim Soo Jin. 2 Contents Background Introduction Secure multicast using clustering Spatial Clustering Simulation Experiment Conclusions](https://reader035.vdocuments.mx/reader035/viewer/2022062317/5a4d1b4e7f8b9ab0599a6794/html5/thumbnails/17.jpg)
17
Spatial Clustering Clustering protocol
To create the clusters, the tree is logically traversed from the leaves upwards to the root.Whenever a set of members that fall within the size bounds is detected,they are grouped into a cluster.
: subtree rooted at some node v, which cannot be joined to any cluster rooted at v, and has to be joined to a cluster that is rooted at a node upstream of node v
Unstable subtree
v
Cv Cluster size : k~2k
3k/2 + 3k/4 = 9k/4 > 2k
![Page 18: Security Kim Soo Jin. 2 Contents Background Introduction Secure multicast using clustering Spatial Clustering Simulation Experiment Conclusions](https://reader035.vdocuments.mx/reader035/viewer/2022062317/5a4d1b4e7f8b9ab0599a6794/html5/thumbnails/18.jpg)
18
Spatial Clustering Clustering protocol (Cont.)
![Page 19: Security Kim Soo Jin. 2 Contents Background Introduction Secure multicast using clustering Spatial Clustering Simulation Experiment Conclusions](https://reader035.vdocuments.mx/reader035/viewer/2022062317/5a4d1b4e7f8b9ab0599a6794/html5/thumbnails/19.jpg)
19
Simulation Experiment Experiment setup
Simulated network infrastructures that do support directed multicast
→ sender can multicast a packet to individual subtree(s) rooted at a specific router on the multicast delivery tree
do not support directed multicast→ using a different multicast address→ Instead, using TTL-scoping : scoped multicast
![Page 20: Security Kim Soo Jin. 2 Contents Background Introduction Secure multicast using clustering Spatial Clustering Simulation Experiment Conclusions](https://reader035.vdocuments.mx/reader035/viewer/2022062317/5a4d1b4e7f8b9ab0599a6794/html5/thumbnails/20.jpg)
20
Simulation Experiment Experimental methodology
Key-normalized byte count The network overhead for re-keying at a
single router assuming unit(1 byte) key size Packet load
A counter of the # of packets processed by the routers on the multicast tree
Storage and Processing Overhead The # of keys stored at each node and
the # of cryptographic operation at each node
![Page 21: Security Kim Soo Jin. 2 Contents Background Introduction Secure multicast using clustering Spatial Clustering Simulation Experiment Conclusions](https://reader035.vdocuments.mx/reader035/viewer/2022062317/5a4d1b4e7f8b9ab0599a6794/html5/thumbnails/21.jpg)
21
Simulation Experiment
Spatial-i : i different multicast addresses → a simple decentralized address assignment scheme : each cluster picks one multicast address at random, independent of each other
Spill over
![Page 22: Security Kim Soo Jin. 2 Contents Background Introduction Secure multicast using clustering Spatial Clustering Simulation Experiment Conclusions](https://reader035.vdocuments.mx/reader035/viewer/2022062317/5a4d1b4e7f8b9ab0599a6794/html5/thumbnails/22.jpg)
22
Simulation Experiment
<Impact of batched updates>
<using multiple multicast addresses>
![Page 23: Security Kim Soo Jin. 2 Contents Background Introduction Secure multicast using clustering Spatial Clustering Simulation Experiment Conclusions](https://reader035.vdocuments.mx/reader035/viewer/2022062317/5a4d1b4e7f8b9ab0599a6794/html5/thumbnails/23.jpg)
23
Simulation Experiment
![Page 24: Security Kim Soo Jin. 2 Contents Background Introduction Secure multicast using clustering Spatial Clustering Simulation Experiment Conclusions](https://reader035.vdocuments.mx/reader035/viewer/2022062317/5a4d1b4e7f8b9ab0599a6794/html5/thumbnails/24.jpg)
24
Conclusions This paper’s algorithm
Does not require router support Completely end-host based
efficient in practice Directed multicast is an useful
primitive for implementing many secure multicast schemes
![Page 25: Security Kim Soo Jin. 2 Contents Background Introduction Secure multicast using clustering Spatial Clustering Simulation Experiment Conclusions](https://reader035.vdocuments.mx/reader035/viewer/2022062317/5a4d1b4e7f8b9ab0599a6794/html5/thumbnails/25.jpg)
25
References Suman Banerjee, Bobby Bhattacharjee,Scalable
Secure Group Communication over IP Multicast
I. Chang, R. Engel, D. Kandlur, D. Pendarakis, and D. Saha, Key management for secure internet multicast using boolean function minimization techniques. In Proceedings of Infocom, New York, March 1999
C.K. Wong, M. Gouda, and S. Lam. Secure group communications using key graphs. Proceedings of SIGCOMM, September 1998