J.-H. Cho, I.-R. Chen, M. Eltoweissy

ACM/Springer Wireless Networks, 2007

Presented by: Mwaffaq OtoomCS5214 – Spring © 2007

On optimal batch re-keying for secure group communications in

wireless networks

Agenda

• Introduction• Contributions• System model and assumptions• Threshold-based batch re-keying.• Performance model.• Numerical results and analysis.• Conclusions• Future work.

Introduction

• Cost-effective secure group communication– Symmetric key - group key

• Dynamic group– Forward secrecy– Backward secrecy

• Re-keying– Individual re-keying– Periodic batch re-keying

Contributions

• Develops new threshold-based batch rekeying schemes.

• Identifies an optimal rekey interval for each scheme that would minimize the communication cost per join/leave operation while satisfying secrecy and delay constraints.

• Measures performance metrics for finding an optimal batch rekey interval using SPN models.

System Model & Assumptions

• Central key distribution server.– Key tree based on LKH,

why?• Inter-arrival times of join

and leave requests are exponentially distributed with rates λ and µ, respectively, why?

• A user can not join the group unless it is authorized by the server.– Trusted/un-trusted

join/leave.

Threshold-based periodic batch rekeying

• The behavior of periodic batch rekeying schemes can be described by a state machine with 3-component state representation (a, b, c)

– a: number of trusted join requests– b: number of trusted leave requests– c: number of untrusted leave requests

Threshold-based periodic batch rekeying

• Threshold-based batch rekeying schemes:– Untrusted Leave Threshold-based (ULT)– Trusted and Untrusted Double Threshold-

based (TAUDT)– Join and Leave Double Threshold-based

(JALDT)

Threshold-based periodic batch rekeying

• Probability of trustworthiness (Pt) is given in all three schemes.

• Only untrusted leave requests need to be considered by the key server.

Threshold-based periodic batch rekeying

• Application-specific constraints:– Pv: probability of (forward) secrecy violation

– D: delay occurred due to periodic batch rekeying

Threshold-based periodic batch rekeying

• The key server applies the following procedure when performing a rekeying operation at the end of each batch interval:– if a > b+c, then the server will process b+c join-leave request

pairs before processing a – (b+c) join requests; – if a = b+c, then the server will process b+c join-leave request

pairs; – if a < b+c, then the server will process a join-leave

• A new join member can take the place of a leave member in the key tree.– The server only needs to generate new keys along the paths of

the leave members and give the new keys to the new join member.

Performance model

• Notation

Performance model (ULT)

• The average batch rekey interval in ULT (T)

• For ULT, the state of the system representation at the end of each batch rekeying interval

Performance model (ULT)

• The total communication overhead bits (Cm) in ULT

• Average communication overhead delay for batch rekey (Scm)

Performance model (ULT)

• Average communication overhead delay per join/leave (S) in ULT

• Average probability of secrecy violation (Pv) in ULT

• The delay per join/leave operation (D) in ULT

Performance Model

• For TAUDT and JALDT, there are too many states, thus, SPN model is developed to measure performance metrics.

Performance Model

Performance Model

Performance Model

• Average communication overhead delay per join/leave (S):

• Average probability of secrecy violation (Pv):

Performance Model

• The delay per join/leave operation (D):

Numerical results and analysis

• Constants:– Number of members in the group (N) is set to 1024– The length of each key (J) is 64 bits

– Average overhead for broadcasting (Tb) is 5msec

– Network bandwidth (BW) is 1 Mbps

• Variables:– Ratio arrival rate of join requests to the arrival rates of

leave request (λ : µ)

– Probability of trustworthiness (Pt)

Numerical results and analysis

Numerical results and analysis

Numerical results and analysis

Numerical results and analysis

Numerical results and analysis

Numerical results and analysis

Numerical results and analysis

Numerical results and analysis

Numerical results and analysis

Numerical results and analysis

Numerical results and analysis

Numerical results and analysis

Numerical results and analysis

Conclusions

• An optimal rekeying interval (T) exists under each of these schemes

• By varying the Pv and (λ : µ), TAUDT is able to produce the minimum S and the maximum T.

• As Pt increases, minimum S decreases and T increases.

• As µ increases, minimum S increases and optimal T decreases

Future work

• Analyzing the effects of insider attacks and intrusion detection system design on the security and performance prosperities of group communications in wireless systems.

• Add reliability and availability to the SPN model.• Investing the issue of optimal batch rekeying for

the case in which a group consists of multiple subgroups.

Questions

Thank you