Your search keyword '"Group key"' showing total 87 results

1. A group key-based lightweight Mutual Authentication and Key Agreement (MAKA) protocol for multi-server environment

Author

Ansuman Bhattacharya and Prasanta Kumar Roy

Subjects

Authentication, Cryptographic primitive, Application server, Computer science, business.industry, Mutual authentication, computer.software_genre, Theoretical Computer Science, Symmetric-key algorithm, Hardware and Architecture, Server, Key (cryptography), business, computer, Software, Information Systems, Computer network, Group key

Abstract

Use of Internet-of-Things (IoT)-based wireless applications has been exponentially increased nowadays and likely to accelerate in near future. Thus, a large volume of traffic needs to be managed at the application server. In such scenario, the traditional single-server architecture shows serious performance bottleneck and needs to be replaced by multiple servers. In addition, several security and design vulnerabilities may arise while accessing application data through various resource-constraint mobile devices. Thus, ensuring entity authentication, application data confidentiality and energy-efficient computations are essential. In this article, we introduce a group key-based lightweight Mutual Authentication and Key Agreement (MAKA) protocol for multi-server environment. The proposed protocol is designed using low-cost cryptographic primitives (such as hash function and symmetric key encryption/decryption) to address energy-efficiency requirements of the resource-constraint mobile devices. It reduces computational burden of the registration center by distributing the traffic load into a group of servers. Additionally, registration center needs not to maintain one-to-one communication with its users whenever a new server is added to the system. The protocol achieves various security and design properties which are verified both formally and informally. Finally, we compare our protocol with others to show its applicability in real-life implementations.

Published

2021

2. LIMAP: A Lightweight Multilayer Authentication Protocol for WBAN

Author

Amit Banerjee, Devanshi Chadha, Stavros Shiaeles, Anjali Vashisth, Purbasha Das, and S. Ananda Kumar

Subjects

Authentication, business.industry, Computer science, Hash function, Computer Science Applications, Software, Authentication protocol, Key (cryptography), Wireless, Electrical and Electronic Engineering, business, Protocol (object-oriented programming), Computer network, Group key

Abstract

Wireless Body Area Networks (WBANs) are emerging technologies used in the medicinal market for various applications. They connect sensors throughout the human body and hence possibly used to monitor health. However, one of the significant disadvantages of WBANs is notable security and protection problems that need rectification to protect critical data. In previous researches, WBANs have single-layer authentication protocols that are not compatible with their device design qualities, and malicious attackers can take advantage of this. For this purpose, this work has introduced a lightweight and multilayer authentication protocol for WBANs, which uses one-to-one group authentication and group key development algorithm with low software costs to communicate between personal digital assistants and sensor hubs. This model presents the Elliptical Curve Algorithm using Foci calculation, which provides low computing cost, high security, etc., that further integrates with the hash function. Finally, the security and implementation analysis reveal the stability and effectiveness of our convention. All key generations and validations used in our protocol implemented are for better performance and efficiency.

Published

2021

3. Cryptanalysis and Improvement in Multi-Party Quantum Key Distribution Protocol with New Bell States Encoding Mode

Author

Lung Chiu, Chun-Wei Yang, Jason Lin, and Chia Wei Tsai

Subjects

Bell state, Physics and Astronomy (miscellaneous), Computer science, business.industry, General Mathematics, Eavesdropping, Quantum key distribution, law.invention, Mode (computer interface), law, Key (cryptography), Cryptanalysis, business, Protocol (object-oriented programming), Group key, Computer network

Abstract

Ma et al. [Int. J. Theor. Phys. (2021): 1328–1338] proposed a multi-party quantum key distribution (MQKD) protocol using Bell states, in which multiple participants can distribute a group key efficiently. However, this study indicates that Ma et al.’s protocol has two security loopholes. First, an attacker can obtain the pre-shared key Ks using an eavesdropping attack. Second, the attacker uses an intercept-and-resend attack to steal the group key shared among the participants without being detected. An improved MQKD protocol is proposed to overcome these loopholes.

Published

2021

4. An efficient key agreement and authentication protocol for secure communication in industrial IoT applications

Author

Lazarus Jegatha Deborah and R. Vinoth

Subjects

Key-agreement protocol, General Computer Science, business.industry, Computer science, Node (networking), 020208 electrical & electronic engineering, 020206 networking & telecommunications, 02 engineering and technology, Secure communication, Authentication protocol, 0202 electrical engineering, electronic engineering, information engineering, Key (cryptography), Session key, business, Protocol (object-oriented programming), Group key, Computer network

Abstract

A most prominent and emerging technology namely the Internet of Things (IoT) enables legitimate users to access and monitor the sensors installed in various units of the industry. Such access and monitoring is facilitated using a secure authenticated key agreement (AKA) protocol. However, the complexity arises during the establishment of an effective session key agreement protocol to allow users to communicate securely with the sensors placed in the industrial IoT (IIoT). Few key agreement protocols existing in the literature have proved to perform the task effectively. Nevertheless, such protocols suffer from increased computation and communication cost. Hence, the motivation is to develop an efficient key agreement protocol that could over perform the existing protocols. Therefore, this research paper proposes an efficient key agreement protocol which is computationally and communication efficient. Moreover, the proposed key agreement protocol permits the users to securely communicate with the sensors. The proposed work focuses on twin dimensions. The first dimension is to reduce the computational complexity while sharing the mutual session key among the users and sensors. The second dimension focuses on decreasing the communicational cost. This is achieved by minimizing the amount of information communicated among the users and sensors. Subsequently, the proposed protocol is a hybrid methodology in which there are two working layers through which the session key is established. In the first layer, a mutual secret key is generated using a well-known elliptic curve cryptography (ECC) technique and this is shared among the users and the gateway node (GWN). In the second layer, the key generated in the above layer is used and the user initiates the key agreement process, wherein the GWN and sensors are generating a mutual session key using a group key. The simulated results of the proposed work clearly depicts the substantial reduction of computational and communicational complexities.

Published

2021

5. Group Based Dual Mode Key Management Scheme for Secure Communication in Vehicular Ad Hoc Networks

Author

Raghu Ramamoorthy and Menakadevi Thangavelu

Subjects

Service (business), Authentication, business.industry, Wireless ad hoc network, Computer science, 020206 networking & telecommunications, 02 engineering and technology, Computer Science Applications, Public-key cryptography, Secure communication, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, Electrical and Electronic Engineering, business, Key management, Secure transmission, Computer network, Group key

Abstract

Vehicular ad hoc networks (VANETs) provide similar services at various service points, so selecting the efficient service among the available services is a crucial task. Similarly, accessing services to exchange time-critical messages demands secure schemes. In this work, an efficient group-based dual mode key management (G-DMKM) scheme is proposed to select efficient service and the secure route to access the service. In G-DMKM for each session, the base stations are grouped according to localization in a time window manner which restricts the key and group lifetime. The time-domain randomization technique is used to generate a group key for each group and is shared between all stations and vehicles. Vehicles are authenticated for communication based on group and private keys. The private key is generated by the base station under which the vehicle is located. In G-DMKM, the multi-attribute location selection approach (MALSA) computes the multi-attribute service fitness (MASF) for each service to select the optimal service from the available services. Furthermore, Secure Transmission Support (STS) estimates the STS value for each route identified towards the service point, and the route with the highest STS support is selected for secure access to the service and data transmission. Simulation results show that the inclusion of an STS-supported route improves G-DMKM efficiency in all aspects compared to the conditional privacy-preserving authentication (CPAS), Proxy Based Authentication Scheme (PBAS), and Secure Privacy-Preserving Authentication Scheme with Cuckoo Filter (SPACF).

Published

2021

6. Multi-Party Quantum Key Distribution Protocol with New Bell States Encoding Mode

Author

Chaonan Wang, Zexi Li, Xiyuan Ma, and Hongfeng Zhu

Subjects

Authentication, Bell state, Physics and Astronomy (miscellaneous), 010308 nuclear & particles physics, business.industry, Computer science, General Mathematics, Key distribution, Mutual authentication, Quantum key distribution, 01 natural sciences, Unitary state, 0103 physical sciences, Key (cryptography), 010306 general physics, business, Computer network, Group key

Abstract

Security, efficiency and universality are the major concerns in distributed computation for how to communicate securely as there are a large number of nodes that require interactive authentication. These become more challenging especially for the multi-party quantum environment as it is highly complicated and heterogeneous in nature. Hence, based on bell states and unitary operation, we propose a multi-party quantum group key distribution protocol. The initial two participants are generated by election algorithm to ensure the fairness among the participants in our protocol. Next, mutual authentication is provided by two Bell states of four orthogonal maximal states, and the group session key is obtained by combining unitary operation. The main innovations of this scheme are that the authenticated information with the group key is transmitted among the ordered participants, and the efficiency of our protocol is acceptable which the time complexity of QKD is $$ O\left(\left\lceil {\mathit{\log}}_2^N\right\rceil \right) $$ with the N-party. Through security analysis and efficiency analysis, the protocol can effectively resist internal attacks and external attacks, and has feasible efficiency.

Published

2021

7. Lightweight and flexible key distribution schemes for secure group communications

Author

Lein Harn, Zhe Xia, and Ching-Fang Hsu

Subjects

Flexibility (engineering), Cryptographic primitive, Computer Networks and Communications, business.industry, Computer science, Key distribution, 020302 automobile design & engineering, 020206 networking & telecommunications, 02 engineering and technology, 0203 mechanical engineering, 0202 electrical engineering, electronic engineering, information engineering, Key (cryptography), Wireless, Session key, Electrical and Electronic Engineering, business, Protocol (object-oriented programming), Information Systems, Computer network, Group key

Abstract

Key distribution is one of the most fundamental cryptographic primitives that can establish secure group communications in both centralized and distributed networks. A one-time session key is needed to be shared among all users to protect the exchanged messages. In traditional one-to-one communication, a one-time key is shared between two users. But in modern many-to-many communication, a group key is shared among multiple users. Lightweight group key distributions are especially attractive for wireless/mobile applications, since most mobile devices only have limited power in computation and communication. But most of the existing group key distributions need to execute complicate mathematical operations. In this paper, we first present a novel design of key distribution. The basic key distribution protocol requires only logic XOR operation. Then, we show the flexibility of our basic scheme by demonstrating its applications in various network models, including both centralized and distributed key distributions. All key distribution schemes proposed in this paper are lightweight since they only require logic XOR operations. Logic operation is the most efficient operation which is much faster than the other mathematical operations. Furthermore, all our proposed schemes are non-interactive and they require the least amount of communication.

Published

2020

8. RETRACTED ARTICLE: Architectural framework and simulation of quantum key optimization techniques in healthcare networks for data security

Author

Arun Mailerum Perumal and Edward Rajan Samuel Nadar

Subjects

Key generation, Photon, 020205 medical informatics, General Computer Science, Computer science, business.industry, Quantum simulator, Data security, 020206 networking & telecommunications, Eavesdropping, 02 engineering and technology, Quantum channel, Quantum key distribution, Encryption, 0202 electrical engineering, electronic engineering, information engineering, Key (cryptography), Key server, Key management, business, Quantum, Group key, Computer network

Abstract

Healthcare systems are heterogeneous by nature, where each device is running on different architectures, platform and operating system. This heterogeneity affects the communication performance in-terms of delay and security threats. An optimized quantum key management technique has been proposed for the purpose of managing the keys with little overhead, which enhances the health care information security by reducing the threats. And also the communication with the key authority is simulated with the quantum channel. The generated key is distributed via a dedicated quantum channel in terms of quantum bits which decreases the eavesdropping rate, transmission error, and leakage to maximum extent which improves the security further. Healthcare User group and content server communicate with the key server via a quantum channel sending them photons. Then they discuss results using a public channel. After getting an encryption key from the key server via the quantum channel, the content server can encrypt their healthcare content and send them by any public channel to the healthcare user groups. This proposed research work investigates group secret key generation problems for different types of Healthcare networks and also addresses the quantum key distribution which enhances the key security in healthcare networks. The analysis shows that the two algorithms yield optimal group key rates in healthcare networks. Numerical results are also provided to validate the performance of the proposed key generation, optimization and quantum distribution. The key generation, optimization and healthcare content encryption and decryption using those keys enhances the security of patient data and quantum simulation shows that about 90% of eavesdropping rate is reduced in healthcare network.

Published

2020

9. A group-key-based sensitive attribute protection in cloud storage using modified random Fibonacci cryptography

Author

S. Sangeetha and M. Sumathi

Subjects

020203 distributed computing, 021110 strategic, defence & security studies, Database, business.industry, Computer science, 0211 other engineering and technologies, Data security, Cloud computing, Cryptography, 02 engineering and technology, General Medicine, computer.software_genre, Encryption, Upload, Computer data storage, 0202 electrical engineering, electronic engineering, information engineering, business, computer, Cloud storage, Group key

Abstract

Cloud computing is an eminent technology for providing a data storage facility with efficient storage, maintenance, management and remote backups. Hence, user data are shifted from customary storage to cloud storage. In this transfer, the sensitive attributes are also shifted to cloud storage with high-end security. Current security techniques are processed with high encryption time and provide identical security of entire data with single key dependent. These processes are taking high computational time and leaks entire information if the key is hacked. The proposed Group Key Based Attribute Encryption using Modified Random Fibonacci Cryptographic (MRFC) technique rectifies these issues. Instead of machine learning technique, data owner preference-based attributes segregation is used to divide an input dataset into sensitive and non-sensitive attribute groups. Based on inter-organization usage and data owner’s willingness, sensitive attribute is divided into ‘n + 1′ subgroups and each subgroup is encrypted by ‘n + 1’ group keys. The encrypted sensitive subgroups are merged with non-sensitive attributes and uploaded into a private cloud. The novelties of this paper are, (1) data owner preferred sensitive attribute classification instead of machine learning algorithms, (2) sensitive attribute encryption instead of entire attributes, (3) To reduce encryption time without compromising data owner privacy, (4) To decrypt and access the required subgroup instead of the entire attribute. Our experimental results show that, the proposed method takes minimal processing time, better classification accuracy and minimal memory space with high security to selected attributes as compared to existing classification and security techniques. Hence, sensitive data security and privacy is achieved with minimal processing cost.

Published

2020

10. A practical key agreement scheme for videoconferencing

Author

Cengiz Togay

Subjects

Key generation, Computer Networks and Communications, business.industry, Computer science, computer.internet_protocol, 020207 software engineering, 02 engineering and technology, Encryption, Internet security, Key generator, Datagram Transport Layer Security, Symmetric-key algorithm, Hardware and Architecture, 0202 electrical engineering, electronic engineering, information engineering, Media Technology, Key (cryptography), Smart card, business, computer, Software, Key exchange, Group key, Computer network

Abstract

Recently, videoconferencing is becoming more and more pervasive as a consequence of new concerns about privacy and security. The media should be encrypted through the utilization of actual encryption algorithms and group key agreement schemes. In this study, a new key agreement scheme based on Java smart cards is proposed and applied on Web-based real-time communication (WebRTC)-based videoconferencing. In WebRTC, symmetric keys are generated using pseudorandom number generators and shared by two standard protocols, namely, Source Description RTCP Packet (SDES) and Datagram Transport Layer Security (DTLS), through a signaling server. In both methods, the key exchange is open to cryptanalytic attacks, and the administrator of the signaling server can compromise media. This qualitative study aims to investigate privacy during WebRTC-based videoconferencing with respect to symmetric encryption algorithm, randomness of the encryption key, overall security strength, key agreement scheme, and time required to start a conversation. Herein, a new key agreement scheme based on Java smart cards is proposed. The scheme utilizes AES-256 algorithm in GCM mode for media encryption. By means of this approach, the set-up time of a conference is reduced to 562 ms (compared to 1754 ms for the RSA-based approach) for 367 users, and the security strength is increased to 256-bit (as against 112-bit for RSA 2048-bit). A secure random key generator for smart cards is utilized for a key generation instead of pseudorandom number generators. The proposed approach also includes a safety mechanism for smart card failures. We utilize the AVISPA (The Automated Validation of Internet Security Protocols and Applications) tool to test the safety of the proposed scheme.

Published

2020

11. A Computationally Efficient and Scalable Key Management Scheme for Access Control of Media Delivery in Digital Pay-TV Systems

Author

Santosh Pandey, Vinod Kumar, and Rajendra Kumar

Subjects

Computer Networks and Communications, business.industry, Computer science, Key distribution, Access control, Keying, Conditional access, Hardware and Architecture, Scalability, Media Technology, The Internet, business, Key management, Software, Computer network, Group key

Abstract

In today’s Internet era, group communications in multimedia applications are becoming more and more popular. The issues of controlling illegal access to multimedia contents require efficient and secure mechanisms for distribution of common key called scrambling key or group key. In order to provide secure delivery of multimedia contents in digital pay-TV systems, a large number of keying information messages are exchanged for group key/scrambling key updates in the traditional key distribution schemes. In this paper we propose a Chinese Remainder Theorem (CRT) based key distribution protocol which is highly secure and computationally efficient. The proposed protocol, 1) has drastically reduced the computational complexity of Group Manager (GM) and members for updating the keys, 2) has greatly increased the security by using an additional secret parameter at Group Manager and members areas, 3) can efficiently handle large and dynamically updating groups and, 4) can update the group key in one message, without updating member’s key. With our proposed key distribution scheme, only legal members can access the multimedia contents correctly and the illegal access can be prevented. The proposed scheme is applicable in Conditional Access System (CAS) of digital pay-TV systems without increasing storage and communication overheads on GM and members. The comparative analysis of our proposed scheme with existing schemes in terms of computational cost assures the effectiveness of our scheme. As a proof of concept, we implement our scheme to a decentralized architecture-based key management system and demonstrate that the proposed scheme significantly reduces the computational complexity.

Published

2020

12. Hexagonal Clustered Trust Based Distributed Group Key Agreement Scheme in Mobile Ad Hoc Networks

Author

M. S. K. Manikandan and V. S. Janani

Subjects

Wireless ad hoc network, Computer science, business.industry, Network packet, 020206 networking & telecommunications, Public key infrastructure, 02 engineering and technology, Mobile ad hoc network, Cryptographic protocol, Computer Science Applications, Key authentication, 0202 electrical engineering, electronic engineering, information engineering, Key (cryptography), Session key, 020201 artificial intelligence & image processing, Network performance, Electrical and Electronic Engineering, business, Group key, Computer network

Abstract

Secure and efficient group communication among mobile nodes is one of the significant aspects in mobile ad hoc networks (MANETs). The group key management (GKM) is a well established cryptographic technique to authorise and to maintain group key in a multicast communication, through secured channels. In a secure group communication, a one-time session key is required to be shared between the participants by using distributed group key agreement (GKA) schemes. Due to the resource constraints of ad hoc networks, the security protocols should be communication efficient with less overhead as possible. The GKM solutions from various researches lacks in considering the mobility features of ad hoc networks. In this paper, we propose a hexagonal clustered one round distributed group key agreement scheme with trust (HT-DGKA) in a public key infrastructure based MANET environment. The proposed HT-DGKA scheme guarantees an access control with key authentication and secrecy. The performance of HT-DGKA is evaluated by simulation analysis in terms of key agreement time and overhead for different number of nodes. Simulation results reveal that the proposed scheme guarantees better performance to secure mobile ad hoc network. It is demonstrated that the proposed scheme possesses a maximum of 2250 ms of key agreement time for the higher node velocity of 25 m/s and lower key agreement overhead. Also, the HT-DGKA scheme outperforms the existing schemes in terms of successful message rate, packet delivery ratio, level of security, computation complexity, number of round, number of exponentiations and number of message sent and received that contribute to the network performance.

Published

2020

13. Cross-domain certificateless authenticated group key agreement protocol for 5G network slicings

Author

Xiangjun Li, Jiayu Wu, and Ming Luo

Subjects

business.industry, Computer science, 020302 automobile design & engineering, 020206 networking & telecommunications, Cryptography, 02 engineering and technology, Network monitoring, Transmission security, Communications security, Public-key cryptography, 0203 mechanical engineering, Forward secrecy, 0202 electrical engineering, electronic engineering, information engineering, Key (cryptography), Electrical and Electronic Engineering, business, Computer network, Group key

Abstract

Network slicing technology is a core part of 5G network, which enables users to access the suitable network on demand and increases the flexibility of network resources through appropriate network configuration. However, the group users in dynamic 5G network slices face communication security threats (impersonation attack, network monitoring, identity leakage, etc.). Group key agreement (GKA) protocol can be used to ensure the security of communication for group users. However, most GKA protocols do not consider cross-domain environment, or use the same cryptographic system parameters between all communication nodes in cross-domain environment. This study presents a cross-domain certificateless authenticated GKA protocol for 5G network slicings supporting dynamic group users management. This new scheme only needs one-round communication and allows group users from different network domains with different cryptographic system parameters to agree on a group session key in common. The proposed scheme not only can provide authenticated key agreement security, mutual authentication, perfect forward secrecy, user anonymity and partial private key transmission security, but also is able to withstand the impersonation, replay and known temporary key attacks. As compared with existing three certificateless group key agreement protocols, our proposed scheme has less computation time, and the communication overhead of low-power group user in our proposed is reduced by at least 36%.

Published

2020

14. Attribute-Based Authenticated Group Key Transfer Protocol without Pairing

Author

Abhimanyu Kumar and Reshu Verma

Subjects

Authentication, business.industry, Computer science, 020206 networking & telecommunications, Access control, 02 engineering and technology, Computer security, computer.software_genre, Computer Science Applications, Shamir's Secret Sharing, 0202 electrical engineering, electronic engineering, information engineering, Key (cryptography), 020201 artificial intelligence & image processing, Session (computer science), Electrical and Electronic Engineering, business, Protocol (object-oriented programming), computer, Group key, Access structure

Abstract

Group key establishment protocol is the primary requirement of several group-ware applications, like secure conferences, pay per view, collaborative work space that needs to establish a secure session among a group of participants. However, some of the applications often need to establish a secure session among the participants without knowing their actual identities. In such cases, the legitimacy of participants is decided based up on a descriptive set of attributes usually called as access structure. The participants should have sufficient set of attributes to satisfy the access structure, which are to consider as authenticated and eligible for the group conversation. This paper introducing an attribute based authenticated group key transfer protocol without using bilinear pairing. Group key management based on attributes gives fine-grained access control over the group of members that are authenticated by the set of attributes. The proposed protocol uses, Shamir Secret Sharing and elliptic curve arithmetic instead of bilinear pairing computations. The members are authenticated based on the access structure defined by the session initiator. The group key is securely transferred to only those participants, who are authenticated by their attributes. The authentication process of proposed protocol is information theoretically secure, while the key confidentiality relies on the intractability of Elliptic Curve Discrete Logarithm Problem.

Published

2020

15. RETRACTED ARTICLE: Efficient data sensing with group key management for intelligent automation system by one-way key derivation in wireless networks

Author

A. V. Ram Prasad and J. Pon Senniah

Subjects

General Computer Science, business.industry, Network security, Computer science, 010401 analytical chemistry, 020206 networking & telecommunications, 02 engineering and technology, Encryption, 01 natural sciences, 0104 chemical sciences, Tree (data structure), Secure communication, Secrecy, 0202 electrical engineering, electronic engineering, information engineering, Rekeying, Session key, Key derivation function, business, Key management, Wireless sensor network, Computer network, Group key

Abstract

Over the last century, Wireless Sensor Network (WSN) has given major advances in several distinguishable fields. In addition, it has also evolved many features such as high device heterogeneity, high scale and supporting multiple applications. In WSN, Key management is employed (involves) as a significant component of network security, especially in multi-cast based applications and services. Group key management has a vital role in multi-cast secure communication with huge number of group members. Group key must always be updated dynamically to all groups in the network and keys to be redistributed currently to active members only. Consequently, a secret key called session key for a group of members is stored in key trees that are shared efficiently between them, in order to achieve secure group communication. The key trees are used to encrypt with other keys and data are transmitted to ensure security. Logical key hierarchy (LKH) is a hierarchical structure of multiple keys to provide a scalable and secrecy for group communication. This research work proposes a new hierarchical group key management (HGKM) using multiple logical key trees for dynamic groups in order to enhance the Quality of Service of the network. Among the multiple logical trees, primary tree can be selected by tree selection algorithm. In WSN, there are high numbers of members joining or leaving the group at any time, resulting with rekeying process becoming too large. This leads to degraded efficiency of tree-based key management system. Further, communication overhead of rekeying process can be mitigated by one-way key derivation method which integrates with multiple logical key trees. In this method, tree server does not need to be encrypted. Rather, it involves in sending a new key to members who are capable of derive their own keys in same way the server does. This results with a need for less number of encrypted keys for each rekeying process within the group tree. The fixed interval time is called batch time, which is applied in each rekeying process after nodes join or leave the group. The proposed approach can improve the bandwidth utilization effectively. The proposed HGKM method is implemented in Network Simulator (NS-2) environment and obtained results are compared with existing two methods such as LKH and multiple logical tree key management (MLT-KM). QOS of proposed approach is evaluated in terms of Bandwidth Efficiency.

Published

2020

16. A centralized key management scheme for space network with resistance of nonlinear channel noise

Author

Jing Ma, Zhu Wang, Miao Zhang, Jie Liu, and Xiaojun Tong

Subjects

Authentication, Computer Networks and Communications, Computer science, business.industry, 020302 automobile design & engineering, 020206 networking & telecommunications, 02 engineering and technology, Public-key cryptography, 0203 mechanical engineering, Forward secrecy, Pseudorandom noise, Secrecy, McEliece cryptosystem, 0202 electrical engineering, electronic engineering, information engineering, Cryptosystem, Electrical and Electronic Engineering, Key management, business, Error detection and correction, Information Systems, Group key, Computer network

Abstract

The channel noise in space is nonlinear and pseudorandom so that the efficiency and security of existing group key management schemes are constrained seriously. To solve these problems, we proposed a centralized and identity-based key management scheme by using McEliece public key cryptosystem. In this scheme, the node identity is used as the parameter to generate the public key. Thus the authentication can be embedded into the verification of the public key. The group key is distributed with the protection of public key so that it can be implemented safely. Furthermore, the error correction capacity provided by McEliece public cryptosystem can eliminate the disturbance of noise. It transfers the negative influence caused by pseudorandom noise to an enhancement of security and increases the efficiency of the group key distribution over the noisy channel. The security of public key generation, forward secrecy and backward secrecy is analyzed. The performance is analyzed and compared with other schemes. The error correction capacity is simulated. The results show that our scheme can provide confidentiality, integrity, authentication, non-repudiation, failure tolerance and error correction with lower computation overhead and interaction rounds.

Published

2020

17. CL-AGKA: certificateless authenticated group key agreement protocol for mobile networks

Author

Sujata Mohanty, Susmita Mandal, and Banshidhar Majhi

Subjects

Authentication, Computer Networks and Communications, business.industry, Computer science, Node (networking), 020302 automobile design & engineering, 020206 networking & telecommunications, 02 engineering and technology, Internet security, Random oracle, 0203 mechanical engineering, Secure communication, Elliptic curve cryptosystem, Secrecy, 0202 electrical engineering, electronic engineering, information engineering, Session key, Electrical and Electronic Engineering, business, Information Systems, Computer network, Group key

Abstract

Wireless group communication has gained much popularity recently due to the increase in portable, lightweight devices. These devices are capable of performing group communication by enabling every participant to agree upon a group key for secure communication in an insecure network. Many authenticated group key agreement schemes have been proposed, but most of the schemes lack the dynamic property of mobile node joining/leaving the group such that the session key is updated without affecting the protocol. In this paper, we propose a pairing-free certificateless authenticated group key agreement protocol based on elliptic curve cryptosystem for resource-constrained mobile nodes. The objective of the proposed key-agreement protocol is to ensure the un-deniability of any message exchanged between the sender and receiver, contributory property for group key agreement, and allowing mobile users to join or leave the group dynamically by enabling forward and backward secrecy. Through the rigorous security analysis, we show that the proposed scheme achieves the well-known security functionalities against various types of attacks using informal security analysis and rigorous formal analysis using the random oracle model. Moreover, the protocol validation result using broadly-accepted automated validation of internet security protocols and applications shows that the protocol is safe under OFMC and CL-AtSe back-ends. Furthermore, the result of performance analysis shows that our proposed scheme achieves desirable security properties as compared to the existing related schemes by reducing the overall computation and communication cost despite a gradual increase in the number of participating mobile nodes.

Published

2020

18. Secured Key Management Scheme for Multicast Network Using Graphical Password

Author

N. M. SaravanaKumar, V. Vijayakumar, S. Lavanya, and S. Thilagam

Subjects

Password, Authentication, Dictionary attack, Computer Networks and Communications, Computer science, Key distribution, 020206 networking & telecommunications, 02 engineering and technology, Computer security, computer.software_genre, ComputingMilieux_MANAGEMENTOFCOMPUTINGANDINFORMATIONSYSTEMS, Hardware and Architecture, Shoulder surfing, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, Elliptic curve cryptography, Key management, computer, Software, Information Systems, Group key

Abstract

In recent days, management of keys in a group has become a significant part of data communication. The textual and alphanumerical passwords used for security concern have now changed its trend to different graphical passwords procedures. Many researchers have introduced various efficient and scalable key management schemes and it is difficult to remember this type of password. There are many textual password authentication mechanisms now available in the software market and are prone to eavesdropping, dictionary attacks and shoulder surfing. To address all the above vulnerability, many researchers and practitioners have developed different authentication methods who are interested in finding an alternate way to the existing problem. Hence, this paper proposes a secure group communication scheme between group members using graphical passwords and this is easy to remember compared to a textual password but difficult to hack. The elliptic curve cryptography technique is applied for key distribution. The group key is a graphical password which is static and shared among all the members in a group. The sequence of images will be sent to the members/users of a group during registration to form a group key and the group controller sends a pass point value of each image to the member by using elliptic curve cryptography after the registration. The main focus of the proposed scheme is to provide better security and ensures negligible communication overhead and computation overhead.

Published

2019

19. TARE: Topology Adaptive Re-kEying scheme for secure group communication in IoT networks

Author

Mauro Conti, Pallavi Kaliyar, Chhagan Lal, and Anshu S. Anand

Subjects

Routing protocol, RPL, Multicast routing, Computer Networks and Communications, Computer science, Internet of Things, Group communication, Key distribution, 02 engineering and technology, Topology, Encryption, 0203 mechanical engineering, Forward secrecy, 0202 electrical engineering, electronic engineering, information engineering, Key derivation function, Electrical and Electronic Engineering, Key management, Group key management, Wireless Sensor Nodes, Information Systems, Group key, business.industry, Network mobility, 020206 networking & telecommunications, 020302 automobile design & engineering, Energy consumption, IPv6, Key (cryptography), business

Abstract

Internet of Things (IoT) employs a large number of sensors and actuators to collect and act upon data for its smart functionalities. These devices are considered as a part of the Low-power and Lossy Networks due to their use of low power embedded hardware and computationally constrained nature. For synchronization and utility, these devices are often clubbed together logically to form groups. To maintain data confidentiality within a group, a shared symmetric key called the Group Key (GK) is used by all the group members. The GK must be redistributed upon joining and leaving of a group member to maintain forward and backward secrecy. However, the key management (i.e., generation and distribution) process causes overhead which consumes the scarce network resources. In this paper, we propose TARE, a novel Topology Adaptive Re-kEying (TARE) scheme for lightweight and secure group communication. TARE integrates the principles of routing tree mapped logical key tree and local derivation of the key over the an IPv6 Routing Protocol for low-power and Lossy networks in an original way. TARE takes into consideration the current routing topology and makes maximum energy reduction as the premise for its choice of key derivation and distribution methods, thus, it reduces the network energy consumption while maintaining key secrecy and data confidentiality. In particular, TARE provides the following advantages: (1) lower network overhead and bandwidth utilization in key management and re-distribution operations, (2) effective against the network mobility in scalable IoT networks, (3) secure group communications in network against attacks such as man-in-the-middle and eavesdropping, and (4) data confidentiality by ensuring backward and forward secrecy in key distribution method. We evaluate the performance of TARE and compare it with existing schemes. Our results show the effectiveness of TARE regarding energy consumption, bandwidth utilization, and the number of encrypted message transmissions during the re-keying operations.

Published

2019

20. A location privacy protection scheme based on random encryption period for VSNs

Author

Xin Xin, Tianhan Gao, and Xinyang Deng

Subjects

Scheme (programming language), General Computer Science, business.industry, Computer science, Privacy protection, 020206 networking & telecommunications, Computational intelligence, 02 engineering and technology, Pseudonym, Adversary, Encryption, Computer security, computer.software_genre, 0202 electrical engineering, electronic engineering, information engineering, Identity (object-oriented programming), ComputingMilieux_COMPUTERSANDSOCIETY, 020201 artificial intelligence & image processing, business, computer, computer.programming_language, Group key

Abstract

Vehicle social networks (VSNs) are VANETs characterized by social aspect. For VSNs, it’s very crucial to ensure its location privacy. Pseudonym is considered as an effective way to resist adversary’s tracking, which ensures that each pseudonym holder communicates each other depending on such a virtual identity, but can not link to holder’s real identity. This paper proposes a novel location privacy protection scheme for VSNs. With the help of RSU, when vehicles need to change the pseudonyms, they will cooperate with the neighbors to create the encrypted area through group key encryption and the external adversary cannot crack the message in this area. During this period, some vehicles change the pseudonyms jointly so that the external adversary can not associate the pseudonyms before and after, which achieves the goal of location privacy protection. The security and performance indicate the proposed scheme is reasonable.

Published

2019

21. Correction to: A group key-based lightweight Mutual Authentication and Key Agreement (MAKA) protocol for multi-server environment

Author

Prasanta Kumar Roy and Ansuman Bhattacharya

Subjects

Multi server, Hardware and Architecture, business.industry, Computer science, Key (cryptography), Mutual authentication, business, Protocol (object-oriented programming), Software, Information Systems, Theoretical Computer Science, Computer network, Group key

Published

2021

22. A secure and efficient on-line/off-line group key distribution protocol

Author

Keju Meng, Yue Yu, and Fuyou Miao

Subjects

Scheme (programming language), Authentication, business.industry, Applied Mathematics, 020206 networking & telecommunications, Cryptography, 0102 computer and information sciences, 02 engineering and technology, Computer security, computer.software_genre, 01 natural sciences, Secret sharing, Computer Science Applications, 010201 computation theory & mathematics, Passive attack, 0202 electrical engineering, electronic engineering, information engineering, Order (group theory), business, Protocol (object-oriented programming), computer, Mathematics, Group key, computer.programming_language

Abstract

Nowadays, group communications are getting more and more popular. In order to secure the communication, all participating users need to share a common group key in advance. The paper proposes a secure and efficient group key distribution protocol based on Shamir’s secret sharing scheme. In the protocol, (1) each user only needs to send registration message in privacy, while all the other messages can be transported in public. Meanwhile, (2) the scheme supports authentication for group keys without any assumption of hard mathematics problem. Moreover, (3) the protocol introduces the notion of on-line/off-line into group key distribution and thus the speeds of group key response and recovery are greatly improved. Analyses show that our scheme is resistant to passive attack, impersonation attack and reply attack.

Published

2018

23. UMKESS: user-oriented multi-group key establishments using secret sharing

Author

Ching-Fang Hsu, Bing Zeng, and Lein Harn

Subjects

Key establishment, Computer Networks and Communications, Computer science, business.industry, 020302 automobile design & engineering, 020206 networking & telecommunications, 02 engineering and technology, Secret sharing, Information sensitivity, 0203 mechanical engineering, Body area network, 0202 electrical engineering, electronic engineering, information engineering, Rekeying, Key (cryptography), Delegation (computing), Electrical and Electronic Engineering, business, Information Systems, Group key, Computer network, Data transmission

Abstract

With the rapid development of group-oriented services, there are more and more multi-group communications in which users may join multiple group communications simultaneously. For example, in a wireless body area network (WBAN), medical personnels get together to hold a consultation for the patient and multiple consultation groups co-existed at the same time. A doctor may join more than one consultation groups simultaneously. Most existing group key establishment schemes establish a single group key for a single group. Applying a conventional group key establishment scheme in a straightforward manner (that is, running many times) can provide group-key-oriented multi-group key establishments. Since most group key establishment schemes suffer from larger rekeying overheads if users depart or join the network frequently, it is obvious that these schemes are not suitable for multiple groups co-existing applications such as WBAN. In this paper, we define a new type of user-oriented multi-group key establishments using secret sharing (UMKESS) for secure communications in WBAN. Since health data are private and sensitive information, efficient and secure data transmission in cloud-assisted WBANs is needed. In our proposed UMKESS, each user keeps only one share and uses the share to join multiple groups simultaneously, that is, or achieve multiple things at one stroke. Furthermore, the key generation center can manage user departing or joining dynamically with no rekeying overhead. The security strength of UMKESS is discussed in detail. In comparing to the latest group-key-oriented multi-group key establishment using secret sharing, UMKESS significantly improves the effectiveness of the multi-group communications and it is desirable for WBAN.

Published

2018

24. Dynamic Group Based Efficient Access Authentication and Key Agreement Protocol for MTC in LTE-A Networks

Author

Deepti D. Shrimankar and Garima Singh

Subjects

Authentication, business.industry, Computer science, Core network, 020206 networking & telecommunications, 02 engineering and technology, Mutual authentication, Cryptographic protocol, Computer Science Applications, Network congestion, Wireless network interface controller, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, The Internet, Electrical and Electronic Engineering, business, AKA, Computer network, Group key

Abstract

The machine-type communication (MTC) connects millions of the smart devices and provides a large number of applications through all of our lives. Every day, MTC is undergoing ubiquitous development and becoming a crucial application of the Internet of Things. To implement MTC in real-life, it is a big challenge to ensure the congestion control and security and privacy of the MTC devices (MTCDs) within the MTC network. When umpteen MTCDs concurrently try to access the network, each MTCD requires performing a distinct 3GPP specified access authentication procedure with the core network, that creates distressful signaling congestion over the MTC network. Taking into the consideration the aforementioned issues, in this research article, the authors suggest a dynamic group based access authentication and key agreement protocol for MTC called as EMTC-AKA protocol. The proposed protocol ensures strong mutual authentication between the MTC entities and identity protection of the MTCDs. Unlike, the other approaches, projected approach ensures confidentiality and integrity of the user/control plane data transmitted over the wireless interface and optimizes the need of group key update on each group membership update. We formally verified the suggested protocol on Automated Validation of the Internet Security Protocols and Applications (AVISPA) tool. The verification results and theoretical analysis of the protocol signify that the suggested approach is safe from the multiple malicious attacks and ensures less bandwidth consumption, signaling overhead, transmission cost and transmission delay over the MTC network.

Published

2018

25. Anonymous group key agreement protocol for multi-server and mobile environments based on Chebyshev chaotic maps

Author

Tzu-Wei Lin and Chien-Lung Hsu

Subjects

Computer science, Data_MISCELLANEOUS, Hash function, 02 engineering and technology, Computer security, computer.software_genre, Theoretical Computer Science, Key authentication, Public-key cryptography, Forward secrecy, 0202 electrical engineering, electronic engineering, information engineering, Group key, Key-agreement protocol, Authentication, business.industry, Password cracking, 020206 networking & telecommunications, Mutual authentication, Hardware and Architecture, Key (cryptography), 020201 artificial intelligence & image processing, Reflection attack, business, computer, Software, Information Systems

Abstract

A group key agreement protocol can establish a secret key shared among some participants for secure group-oriented applications. Many authenticated group key agreement protocols are proposed, but some of them cannot provide user anonymity. Xiao et al. (Inf Sci 177:1136–1142, 2007) proposed an improved key agreement protocol based on chaotic maps with only a predetermined long-term key to ensure security. Guo and Zhang (Inf Sci 180:4069–4074, 2010) proposed a group key agreement protocol based on chaotic hash function, but Yoon et al. recently pointed out that Guo et al.’s protocol is vulnerable to off-line password guessing attack, stolen-verifier attack, and reflection attack. In this paper, we will propose an authenticated group key agreement protocol with user anonymity based on Chebyshev chaotic maps to resist above pointed out attacks and achieve the following properties with better performance: (i) It is suitable for multi-server and mobile environments; (ii) it achieves contributory group key agreement with user authentication; (iii) it provides mutual authentication, explicit key authentication, key confirmation, forward secrecy, and group key updating; (iv) user anonymity can simultaneously be preserved in the group key agreement procedure, which implies that identities of all participants are anonymously to outsiders; (iv) no public key certificates are used, which implies that authenticity of public keys are implicitly verified; (vi) it can also resist password guessing and stolen-verifier attacks.

Published

2018

26. A method for obtaining authenticated scalable and efficient group key agreement for wireless ad-hoc networks

Author

P. J. A. Alphonse and Y. Venkatramana Reddy

Subjects

Authentication, Computer Networks and Communications, business.industry, Computer science, Wireless ad hoc network, 020206 networking & telecommunications, Cryptography, 02 engineering and technology, Mobile ad hoc network, Adversary, Computer security, computer.software_genre, Server, Scalability, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, business, computer, Software, Group key

Abstract

Ubiquitous computer and its computing capabilities have given rise to many devices like PDAs, Note books, etc. which are now a part and parcel of our every days activities. Communication between each of such devices is supported by mobile ad hoc networks (MANET) through single and broadcasting techniques. Security of such communication has gained prominence and is being studied extensively to create progressively fail proof schemes. In the present scenario of the digital world, authenticity and reliability are the corner stones of conducting trillions of dollars worth of business transactions and hence cryptography with public and private keys sharing authentically has become the focal point as the adversary can digitally disguise, intrude and spoil the system. With the communication not limited between any two fixed parties, the ever expanding group of users need a mechanism where they can be authenticated and enable participation. A centralized authentication servers such as Kerebros and many implementable protocols presented ways for efficient implementation, system optimization in terms of authentication and group key distribution is to be aimed at all times. Wireless communication is always fraught with danger of impersonation and hence risk of loosing important and valuable data to adversary. In this context MANETS are required to authenticate and efficiently conduct the group communication through a group key distribution process. Our analysis and results demonstrate that this approach completely satisfies modern days requirements of authentication, scalability, efficiency and security for group communication.

Published

2018

27. Local Dynamic Key Management Scheme Based on Layer-Cluster Topology in WSN

Author

Qi Li, Bo-wen Sun, and Bin Tian

Subjects

020203 distributed computing, business.industry, Computer science, Node (networking), 02 engineering and technology, Encryption, Topology, Computer Science Applications, Broadcasting (networking), Default gateway, Computer Science::Networking and Internet Architecture, 0202 electrical engineering, electronic engineering, information engineering, Key (cryptography), Cryptographic hash function, 020201 artificial intelligence & image processing, Electrical and Electronic Engineering, business, Key management, Wireless sensor network, Computer Science::Cryptography and Security, Group key

Abstract

Wireless sensor networks (WSN) are usually deployed in complicated environments, for the broadcasting features of WSN, they have high requirements for the security of the network. Encrypting message is the most effective way against attacker to obtain transmitted message. This paper proposes a local dynamic scheme based on layer-cluster topological architecture to accomplish the key management progress in WSN. The scheme saves more energy by reducing negotiation progress under the conditions to protect the security of the network. In this scheme, the sensor nodes form certain cluster by its position, and elect head-cluster nodes by self-election algorithm. After network deployment, gateway node completes most of the calculation in the process of key agreement according to Chinese Remainder Theorem, and the head-cluster nodes calculate group key according to one way hash tree. The scheme can better adapt to dynamic change of the network, which has good flexibility and extensibility.

Published

2018

28. Software-defined security controller-based group management and end-to-end security management

Author

Marnel Peradilla, Enrique D. Festijo, and Younchan Jung

Subjects

General Computer Science, business.industry, Network packet, Computer science, 020206 networking & telecommunications, 02 engineering and technology, Public-key cryptography, Security service, 0202 electrical engineering, electronic engineering, information engineering, Key (cryptography), Rekeying, 020201 artificial intelligence & image processing, Security management, business, Key management, Heterogeneous network, Group key, Computer network, Key size

Abstract

This paper proposes group management and end-to-end security management based on the horizontal model suitable for group based private systems. The software-defined security controller (SDSC), which is located at the center of the control layer, functions as software-defined networking controller responsible for group management and end-to-end security management. The proposed group key rekeying feature uses the unicast method for distributing the signaling messages among the group members which belong to various heterogeneous networks. This network independent and centralized architecture for group key rekeying is advantageous for the dynamic members to constitute secure group. While the group key management is responsible for securing control signaling messages within the group members, the purpose of the end-to-end security management is to protect the end-to-end data traffic within them. To achieve end-to-end security, this paper uses packet key scheme that collaborates with the group key management. Then, the members of the group-based private system are allowed to receive packet key based security service for their end-to-end data traffic. The packet key scheme is based on the idea that the very short lifetime of the packet key with a relatively small key size can provide high level of security and satisfy the latency requirements especially for real-time applications. Because SDSC handles most of the burden in terms of communication and computational load, the workload for group key and end-to-end security management are dramatically reduced from each group member view point. The additional feature of subgroup key management enables each group member to sustain less workload, which solves the scalability issue for the big size private group.

Published

2018

29. Secure and efficient encrypted keyword search for multi-user setting in cloud computing

Author

Zhenfu Cao, Xiaolei Dong, and Haijiang Wang

Subjects

020203 distributed computing, Computer Networks and Communications, business.industry, Computer science, 020206 networking & telecommunications, Cloud computing, 02 engineering and technology, Shared secret, Security token, Computer security, computer.software_genre, Encryption, Multi-user, 0202 electrical engineering, electronic engineering, information engineering, Overhead (computing), business, Broadcast encryption, computer, Software, Group key

Abstract

A key challenge to design searchable encryption in multi-user setting lies in the efficient management of encryption and search keys. Existing multi-user searchable encryption schemes either extend the single-user searchable encryption framework with broadcast encryption or require search user refers to the data owner and get the search token. However, this implies the necessity that the data owner distributes a single shared secret key among the group of users or requires the data owner stay online to authorize other users to search. In this paper, we address this practical problem, which is neglected in the literature. We also study secret-key-recovery attack where a malicious user can deduce a valid secret when given a search token. We show such attack violates secret key privacy, which is important in the whole system. Inspired by asymmetric group key agreement and multilinear map technology, we provide a secure and efficient encrypted keyword search scheme for multi-user setting, in which a data owner can share data with a group users without knowing which user in the group. In the proposed scheme, (a) each user has his own secret key, (b) each user generates trapdoors without getting any help from data owner or the third party, (c) our scheme features constant communication overhead, and (d) our scheme resist the secret-key-recovery attack. Our scheme preserves the traceability inherited from the asymmetric group key agreement system. We offer rigorous security proof of our scheme, and the performance analysis demonstrates the efficiency of our scheme.

Published

2018

30. Authenticated group key agreement protocol based on twist conjugacy problem in near-rings

Author

Devarasan Ezhilmaran and V. Muthukumaran

Subjects

Discrete mathematics, Multidisciplinary, Conjugacy problem, Braid group, Structure (category theory), 030206 dentistry, 010501 environmental sciences, Cryptographic protocol, 01 natural sciences, 03 medical and health sciences, 0302 clinical medicine, Conjugacy class, ComputingMethodologies_SYMBOLICANDALGEBRAICMANIPULATION, Search problem, Protocol (object-oriented programming), Computer Science::Cryptography and Security, 0105 earth and related environmental sciences, Group key, Mathematics

Abstract

Nowadays some promising authenticated group key agreement protocols are constructed on braid groups, dynamic groups, pairings and bilinear pairings. Hence the non-abelian structure has attracted cryptographers to construct public-key cryptographic protocols. In this article, we propose a new authenticated group key agreement protocol which works in non-abelian near-rings. We have proved that our protocol meets the security attributes under the assumption that the twist conjugacy search problem (TCSP) is hard in near-ring.

Published

2017

31. An Authentication Key Establish Protocol for WSNs Based on Combined Key

Author

Qikun Zhang, Yong Gan, Ge Guo, Junling Yuan, and Jianwei Zhang

Subjects

Authentication, Wireless network, Computer science, business.industry, 020206 networking & telecommunications, Cryptography, 02 engineering and technology, Mutual authentication, Computer Science Applications, Public-key cryptography, Authentication protocol, Lightweight Extensible Authentication Protocol, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, Electrical and Electronic Engineering, business, Key management, Wireless sensor network, Computer network, Group key

Abstract

Advances in lattice-based cryptography are enabling the use of public key algorithms (PKAs) in power-constrained ad hoc and sensor network devices. Unfortunately, while many wireless networks are dominated by group communications, PKAs are inherently unicast—i.e., public/private key pairs are generated by data destinations. To fully realize public key cryptography in these networks, lightweight PKAs should be augmented with energy efficient mechanisms for group key agreement. Recently, many key management schemes for the WSNs have been proposed, but the computation and communication costs of these protocols are too high to suitable for WSNs. This paper proposes a key establish protocol for the WSNs based on combined key. The protocol adopts seed key mapping technology to achieve two-party and multi-party key establish in the WSNs, it can generate a large number of combination keys with little resources. So it effectively solve the contradiction between the sensor nodes need large storage space to store shared key with their neighbors and their limited storage space. It can also achieve mutual authentication between nodes when they establish shared key. Analysis shows that the proposed protocol has the advantages in storage efficiency, computation consumption and Communication consumption and suitable for wireless networks.

Published

2017

32. DGBES: Dynamic Group Based Efficient and Secure Authentication and Key Agreement Protocol for MTC in LTE/LTE-A Networks

Author

Balu L. Parne, Shubham Gupta, and Narendra S. Chaudhari

Subjects

Key-agreement protocol, Authentication, business.industry, Computer science, Core network, 020206 networking & telecommunications, 02 engineering and technology, Computer Science Applications, LTE Advanced, Authentication protocol, Secrecy, 0202 electrical engineering, electronic engineering, information engineering, Key (cryptography), 020201 artificial intelligence & image processing, The Internet, Electrical and Electronic Engineering, business, AKA, Computer network, Group key

Abstract

The machine to machine communication (MTC) has grown into one of the fastest expansion in the area of Information and Communication Technology and is one of the important aspect of the Internet of Things. It allows millions of devices to connect with each other over the internet. MTC has a huge market and massive strength to obtain numerous application scenarios. The applications of MTC are reliable and effective only after a successful authentication of MTC devices. Hence, there are several group based authentication and key agreement (AKA) protocols were proposed by researchers. Whenever a number of MTC devices simultaneously generate the access request to the LTE/LTE-A network, each MTC device needs a separate authentication process to access the core network that leads to genuine signaling congestion problem. In addition, the existing group based AKA protocols did not equip with the group management scheme efficiently and also vulnerable to various known attacks. To avoid the aforesaid problems and mitigate the authentication complexity of the earlier schemes, we propose a dynamic group based efficient and secure (DGBES-AKA) protocol for MTC in LTE/LTE-A network. The proposed protocol consists the group key update scheme with key forward and backward secrecy. The formal verification using ProVerif and security analysis of the proposed protocol represent the security against malicious attacks. Finally, we show the qualitative and quantitative analysis of the DGBES-AKA protocol with the existing protocols. The analysis shows that the proposed protocol has improved results in terms of communication and computation overhead.

Published

2017

33. The octet rule in chemical space: generating virtual molecules

Author

Rafel Israels, Jan Hamaekers, Astrid Maaß, and Publica

Subjects

FOS: Physical sciences, 010402 general chemistry, 01 natural sciences, Catalysis, Inorganic Chemistry, User-Computer Interface, Physics - Chemical Physics, 0103 physical sciences, Drug Discovery, Molecule, Octet rule, Physical and Theoretical Chemistry, Molecular Biology, Group key, Chemical Physics (physics.chem-ph), High prevalence, 010304 chemical physics, Basis (linear algebra), Organic Chemistry, General Medicine, Chemical space, 0104 chemical sciences, Unexpected finding, Quantum Theory, Algorithm, Information Systems, Generator (mathematics)

Abstract

We present a generator of virtual molecules that selects valid chemistry on the basis of the octet rule. Also, we introduce a mesomer group key that allows a fast detection of duplicates in the generated structures. Compared to existing approaches, our model is simpler and faster, generates new chemistry and avoids invalid chemistry. Its versatility is illustrated by the correct generation of molecules containing third-row elements and a surprisingly adept handling of complex boron chemistry. Without any empirical parameters, our model is designed to be valid also in unexplored regions of chemical space. One first unexpected finding is the high prevalence of dipolar structures among generated molecules., 24 pages, 10 figures

Published

2017

34. MuGKeG: Secure Multi-channel Group Key Generation Algorithm for Wireless Networks

Author

Mamoon Raja, Naumana Ayub, Saad Saleh, and Muhammad Ilyas

Subjects

021110 strategic, defence & security studies, business.industry, Computer science, Wireless network, 0211 other engineering and technologies, Key distribution, 020206 networking & telecommunications, Data_CODINGANDINFORMATIONTHEORY, 02 engineering and technology, Computer Science Applications, Secrecy, 0202 electrical engineering, electronic engineering, information engineering, Entropy (information theory), Electrical and Electronic Engineering, business, Algorithm, Multi channel, Computer network, Key size, Group key

Abstract

The broadcast nature of communication channels in infrastructureless wireless networks poses challenges to security. In this paper, we propose a novel technique namely secure multi-channel group key generation (MuGKeG) algorithm. We utilize the available channels switching behaviour between multiple nodes to hide our key from eavesdropper. We provide descriptions for an illustrative base case of three users and one eavesdropper and expand it for the case of N users with C channels and M eavesdroppers. Repeated application of the MuGKeG algorithm on the order of $$O(\log {N})$$ allows scaling the size of the group in the order of millions. We provide an analytical closed-form solution for the entropy of the secret group key generated when eavesdroppers follow an optimal attack strategy, and verify it by ns-3 simulations. Comparison with previous state-of-the-art schemes suggests that MuGKeG can provide upto 20 kbps increase in secrecy rate with a scalable key size.

Published

2017

35. Computationally efficient privacy preserving authentication and key distribution techniques for vehicular ad hoc networks

Author

L. Jegatha Deborah, Maria Azees, Pandi Vijayakumar, Victor Chang, and Balamurugan Balusamy

Subjects

Authentication, Computer Networks and Communications, Wireless ad hoc network, Computer science, business.industry, Process (computing), Key distribution, 020206 networking & telecommunications, 02 engineering and technology, Computer security, computer.software_genre, Secure communication, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, Key management, business, computer, Protocol (object-oriented programming), Software, Group key, Computer network

Abstract

The incorporation of electronics by embedding the relevant sensors in the physical devices in home and office, vehicles of all types, buildings in the smart cities and in all possible spheres of life form a network of devices termed as internet of things (IoT). It is being realized that vehicular ad-hoc networks (VANETs) which are responsible for the reliable and secure communication among vehicles is a primary area of research in IoT and hence ensuring security in this area is essential. Thus, this work introduces a novel approach to improve the existing authentication support to VANETs. In this proposed framework, first an anonymous authentication approach for preserving the privacy is proposed which not only performs the vehicle user’s anonymous authentication but preserves the message integrity of the transmitting messages as well. Although many anonymous authentication schemes have been proposed in VANETs until now, the existing schemes suffer from a high computation cost during the signature and certificate verification process which leads to delayed authentication. Consequently, the vehicles and roadside units (RSUs) cannot authenticate more number of vehicles per second in VANETs. Second, an efficient anonymous group key distribution protocol is proposed in this paper for securely distributing the group key to the group of vehicles in the communication range of an RSU. The RSUs can send location based information to the group of vehicles in a secure manner using this group key. Experimental analysis portrays that the results of this new privacy preserving anonymous authentication and key management schemes are promising and efficient with regard to signature verification cost and computational cost in comparison with the existing schemes.

Published

2017

36. Centralized Group Key Establishment Protocol without a Mutually Trusted Third Party

Author

Lein Harn, Ching-Fang Hsu, and Bohan Li

Subjects

Computer Networks and Communications, Computer science, business.industry, Key distribution, 020206 networking & telecommunications, 0102 computer and information sciences, 02 engineering and technology, Trusted third party, Computer security, computer.software_genre, 01 natural sciences, Secret sharing, 010201 computation theory & mathematics, Hardware and Architecture, Channel (programming), Server, Communication in small groups, 0202 electrical engineering, electronic engineering, information engineering, business, computer, Protocol (object-oriented programming), Software, Information Systems, Group key, Computer network

Abstract

The type of centralized group key establishment protocols is the most commonly used one due to its efficiency in computation and communication. A key generation center (KGC) in this type of protocols acts as a server to register users initially. Since the KGC selects a group key for group communication, all users must trust the KGC. Needing a mutually trusted KGC can cause problem in some applications. For example, users in a social network cannot trust the network server to select a group key for a secure group communication. In this paper, we remove the need of a mutually trusted KGC by assuming that each user only trusts himself. During registration, each user acts as a KGC to register other users and issue sub-shares to other users. From the secret sharing homomorphism, all sub-shares of each user can be combined into a master share. The master share enables a pairwise shared key between any pair of users. A verification of master shares enables all users to verify their master shares are generated consistently without revealing the master shares. In a group communication, the initiator can become the server to select a group key and distribute it to each other user over a pairwise shared channel. Our design is unique since the storage of each user is minimal, the verification of master shares is efficient and the group key distribution is centralized. There are public-key based group key establishment protocols without a trusted third party. However, these protocols can only establish a single group key. Our protocol is a non-public-key solution and can establish multiple group keys which is computationally efficient.

Published

2016

37. Enhancing the Security of IEEE 802.11i Standard by Integrating a Quantum Scheme for Authentication and Encryption Key Distribution

Author

Ridha Bouallegue, Mostafa Azizi, and Aymen Ghilen

Subjects

Key establishment, Computer science, Key distribution, Cryptography, 02 engineering and technology, Quantum entanglement, Quantum key distribution, Man-in-the-middle attack, Computer security, computer.software_genre, 01 natural sciences, Security association, 0103 physical sciences, 0202 electrical engineering, electronic engineering, information engineering, Static key, Key encapsulation, Pre-shared key, Electrical and Electronic Engineering, 010306 general physics, Quantum, Key exchange, Computer Science::Cryptography and Security, Key size, Group key, Authentication, business.industry, Mutual authentication, Adversary, Computer Science Applications, Quantum cryptography, Key (cryptography), 020201 artificial intelligence & image processing, Quantum algorithm, Cryptographic key types, business, computer, Computer network

Abstract

According to the principles of quantum mechanics, quantum cryptography provides the necessary means to establish a secret and perfectly random key material between two parties. However, classical cryptography suffers from several vulnerabilities that make it unsecure against impersonation attacks or enemy with an unbounded computing power. Improving the contemporary cryptographic methods, based only on computational security, by integrating a quantum cryptographic solution becomes an interesting prospect worth exploring. In this paper, we introduce a quantum scheme, for mutual authentication and key establishment, which will be integrated within IEEE 802.11 networks to reach absolute security. The key issued from the quantum algorithm is a fundamental parameter for authenticating the participating parties and for building the Pairwise key and the Group key hierarchies. To inspect the security of our approach, a formal verification of some security properties is performed using the Model Checking technique.

Published

2016

38. Certificateless and identity-based authenticated asymmetric group key agreement

Author

Wenchang Shi, Jianwei Liu, Qianhong Wu, Lei Zhang, Jiangtao Li, Hua Deng, and Bo Qin

Subjects

020203 distributed computing, Computer Networks and Communications, business.industry, Computer science, Group (mathematics), 020206 networking & telecommunications, Cryptography, 02 engineering and technology, Computer security model, Encryption, Computer security, computer.software_genre, 0202 electrical engineering, electronic engineering, information engineering, Key (cryptography), Session key, Communication source, Safety, Risk, Reliability and Quality, business, computer, Software, Information Systems, Group key

Abstract

Group key agreement (GKA) is one of the traditional ways to guarantee the subsequent secure group communications. However, conventional GKA protocols face two limitations, i.e., they require two or more rounds to establish secure channels and are sender restricted. Asymmetric group key agreement (AGKA) eliminates above two limitations of GKA. It allows a group of users to establish a public group encryption key and a different secret decryption key of each group member in one round. Any user who knows the group encryption key can encrypt to the group members. This paper studies authenticated AGKA in certificateless and identity-based public key cryptosystems. We formalize the security model of certificateless authenticated asymmetric group key agreement and realize a one-round certificateless authenticated asymmetric group key agreement protocol to resist active attacks in the real world. We also investigate the relation between certificateless authenticated AGKA and identity-based authenticated AGKA. We propose a concrete conversion from certificateless authenticated AGKA to session key escrow-free identity-based authenticated AGKA.

Published

2016

39. MANET Security Betterment by Enhanced Multiple Key Management Scheme

Author

K. Krishnamoorthi and R. Mohandas

Subjects

Authentication, business.industry, Computer science, Wireless ad hoc network, Distributed computing, Key distribution, 020206 networking & telecommunications, 02 engineering and technology, Mobile ad hoc network, Certificate, Computer Science Applications, Public-key cryptography, Elliptic curve, ID-based cryptography, 020204 information systems, 0202 electrical engineering, electronic engineering, information engineering, Key encapsulation, Pre-shared key, Electrical and Electronic Engineering, business, Key management, Key exchange, Computer network, Group key, Key size

Abstract

Creating and accessing multiple groups with various validations in Mobile Ad hoc Networks (MANET) is getting popular these days. Providing privacy as well as accessibility at the same time is a challenging process because the MANET nodes are highly random and independent characteristics. Several researchers have been proposed different Key Management Schemes to serve these purposes. The prime objective and common goal of these schemes is to ensure a secured communication in an Ad hoc Network, which is complicated one because of its dynamic nature and the lack of Centralized Management. The fully-distributed ID-based Multiple Secret Key Management Scheme (IMKM) was proposed to provide secured communication. This research work has implemented the IMKM and thoroughly studied. From the experimental results, we observed that IMKM was performing well and it is eliminating the requirement of certificate-based authenticated public key distribution. This is also suitable for Key Update and Key Abrogation. IMKM can be significantly improved to reduce the Procedure Complexity, Processing Overhead, Power Consumption, the Key Size and Group Key Generation, which could not be achieved through the existing IMKM. To overcome above problems, we enhanced IMKM by introducing Elliptic Curve Technique based Key Exchange Procedure, which is known as Enhanced Multiple Key Management Scheme (EIMKM). This improved EIMKM Scheme is implemented and analyzed the performances. From our experimental results, we conclude that the proposed EIMKM Key Management Scheme has achieved higher performance in terms of Robustness, Mobility, Computational Overhead, Message Overhead, Security Strength, Key Exchange Time, Power Consumption and Key Update Time.

Published

2016

40. An Efficient Secure Group Communication in MANET Using Fuzzy Trust Based Clustering and Hierarchical Distributed Group Key Management

Author

B. Parvathavarthini, K. Gomathi, and C. Saravanakumar

Subjects

business.industry, Computer science, Distributed computing, Node (networking), 020206 networking & telecommunications, 02 engineering and technology, Mobile ad hoc network, Encryption, Computer Science Applications, Communication in small groups, 0202 electrical engineering, electronic engineering, information engineering, Rekeying, 020201 artificial intelligence & image processing, Electrical and Electronic Engineering, Cluster analysis, business, Key management, Group key

Abstract

Secure group communication is desired in many group oriented applications of mobile ad hoc network (MANET), and fruitful communication achieved only via trustable network environment. In order to enhance the privacy among group members, proper group key management schemes can be used to encrypt and decrypt the payload. This management is serious task in flexible network like MANET due to dynamic node movement and limited available resources. In order to get away from repeated group key refreshment for entire large network, rekeying done only for sub networks known as clusters. To cope up in this situation, the integrated approach of fuzzy trust based clustering (FTBC) and hierarchical distributed group key management is proposed in this paper. The FTBC isolate misbehaving node from legitimate data transmission and also categorize trusted and distrusted nodes by applying fuzzy logic rules. As well as there is no single solution adopted for all kind of applications, hence two more clustering schemes are proposed namely simple clustering and enhanced distributed weighted clustering are incorporated with key management to satisfy different needs. The performance of our proposal measured by introducing attackers and simulation results prove the proficiency of proposed schemes.

Published

2016

41. Computation-efficient key establishment in wireless group communications

Author

Yi Mu, Lein Harn, Ching-Fang Hsu, Xuan Zhu, and Maoyuan Zhang

Subjects

Key establishment, Computer Networks and Communications, business.industry, Computer science, Distributed computing, Key distribution, 020206 networking & telecommunications, 02 engineering and technology, Secret sharing, 020204 information systems, 0202 electrical engineering, electronic engineering, information engineering, Key (cryptography), Secure multi-party computation, Wireless, Electrical and Electronic Engineering, business, Communication complexity, Protocol (object-oriented programming), Information Systems, Computer network, Group key

Abstract

Efficient key establishment is an important problem for secure group communications. The communication and storage complexity of group key establishment problem has been studied extensively. In this paper, we propose a new group key establishment protocol whose computation complexity is significantly reduced. Instead of using classic secret sharing, the protocol only employs a linear secret sharing scheme, using Vandermonde Matrix, to distribute group key efficiently. This protocol drastically reduces the computation load of each group member and maintains at least the same security degree compared to existing schemes employing traditional secret sharing. The security strength of this scheme is evaluated in detail. Such a protocol is desirable for many wireless applications where portable devices or sensors need to reduce their computation as much as possible due to battery power limitations. This protocol provides much lower computation complexity while maintaining low and balanced communication complexity and storage complexity for secure group key establishment.

Published

2016

42. An authenticated group key transfer protocol using elliptic curve cryptography

Author

Priyanka Jaiswal and Sachin Tripathi

Subjects

Key-agreement protocol, Interlock protocol, Computer Networks and Communications, Elliptic curve Diffie–Hellman, Computer science, Key distribution, 020206 networking & telecommunications, 02 engineering and technology, Oakley protocol, Computer security, computer.software_genre, 020202 computer hardware & architecture, Authentication protocol, 0202 electrical engineering, electronic engineering, information engineering, Pre-shared key, computer, Software, Group key

Abstract

Several groupware applications like e-conferences, pay-per view, online games, etc. require a common session key to establish a secure communication among the group participants. For secure communication, such applications often need an efficient group key establishment protocol to construct a common session key for group communications. Conventional group key transfer protocols depends on mutually trusted key generation center (KGC) to generate and distribute the group key to each participant in each session. However, those approaches require extra communication overheads in the server setup. This paper presents an efficient and secure group key transfer protocol using elliptic curve cryptography (ECC). The proposed protocol demonstrates a novel group key transfer protocol, in which one of the group member plays the role of KGC (the protocol without an online KGC, which is based on elliptic curve discrete logarithm problem (ECDLP) and Shamir’s secret sharing scheme. The confidentiality of the proposed protocol is ensured by Shamir’s secret sharing, i.e., information theoretically secure and provides authentication using ECDLP. Furthermore, the proposed protocol resists against potential attacks (insider and outsider) and also significantly reduces the overheads of the system. The security analysis section of the present work also justifies the security attributes of the proposed protocol under various security assumptions.

Published

2016

43. Energy efficient secured routing protocol for MANETs

Author

Sandeep Sharma, Jaswinder Singh, and Tejpreet Singh

Subjects

Routing protocol, Dynamic Source Routing, Computer Networks and Communications, Computer science, Routing table, Enhanced Interior Gateway Routing Protocol, Wireless Routing Protocol, Geographic routing, 02 engineering and technology, Multipoint relay, Computer security, computer.software_genre, Routing Information Protocol, 0202 electrical engineering, electronic engineering, information engineering, Destination-Sequenced Distance Vector routing, Electrical and Electronic Engineering, Group key, Zone Routing Protocol, Static routing, business.industry, ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, Policy-based routing, Path vector protocol, 020206 networking & telecommunications, Energy consumption, Mobile ad hoc network, Supernetwork, Link-state routing protocol, Optimized Link State Routing Protocol, Interior gateway protocol, Border Gateway Protocol, 020201 artificial intelligence & image processing, Hazy Sighted Link State Routing Protocol, Message broker, business, computer, Anti-replay, Information Systems, Efficient energy use, Computer network

Abstract

The design of routing protocol with energy efficiency and security is a challenging task. To overcome this challenge, we propose energy-efficient secured routing protocol. The objective of our work is to provide a secured routing protocol, which is energy efficient. To provide security for both link and message without relying on the third party, we provide security to the protocol by choosing a secure link for routing using Secure Optimized Link State Routing Protocol. Each node chooses multipoint relay nodes amongst the set of one-hop neighbors, so as to reach all two-hop neighbors. The access control entity authorizes nodes announcing the node identification to the network. In addition, the access control entity signs a public key Ki, a private key ki, and the certificate Ci required by an authorized node to obtain the group key. Each node maintains a route table with power status as one of its entry. After selecting the link, on requirement of a new route, we check nodes' power status in its routing table and then accordingly arise a route. Then, we perform group key distribution using the generated keys using a small number of messages which helps reducing energy consumption. The group key can be altered periodically to avoid nonauthorized nodes and to avoid the use of the same group key in more than some amount of data. Then, we provide communication privacy for both message sender and message recipient using Secure Source Anonymous Message Authentication Scheme. Thereby, the message sender or the sending node generates a source anonymous message authentication for message for releasing each message based on the MES scheme. Hence, our approach will provide message content authenticity without relying on any trusted third parties.

Published

2016

44. Group Key Authentication scheme for Vanet INtrusion detection (GKAVIN)

Author

G. Kumaresan and T. Adiline Macriga

Subjects

021110 strategic, defence & security studies, Authentication, Key generation, Vehicular ad hoc network, Computer Networks and Communications, Computer science, business.industry, Network packet, Node (networking), ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, 0211 other engineering and technologies, 020206 networking & telecommunications, 02 engineering and technology, Intrusion detection system, Handshaking, Brute-force attack, 0202 electrical engineering, electronic engineering, information engineering, Electrical and Electronic Engineering, business, Information Systems, Computer network, Group key

Abstract

Security must be provided in VANET as it is open to various attacks due to malicious vehicle, Brute force attack, misbehaving and faulty nodes, malicious users, and malicious nodes. The attacks can be occurred due to the lack of authentication. To overcome this problem, in this paper, we propose to develop a group key authentication and misbehaviour detection in VANET. Initially, we form clusters with three types of nodes within a certain transmission range namely Unique Node, Sub Unique Node, and Normal Node. Handshaking can be performed followed by message signing. The message is verified, and then group key is generated with subsequent key generation at each time slot. Finally, location information and time about vehicles can be used to detect malicious behaviours. Simulation results show that the proposed technique can achieve more packet delivery ratio with reduced delay, overhead, and packet drop.

Published

2016

45. Provably secure group key management scheme based on proxy re-encryption with constant public bulletin size and key derivation time

Author

B. R. Purushothama and Gaurav Pareek

Subjects

021110 strategic, defence & security studies, Multidisciplinary, Computer science, business.industry, 0211 other engineering and technologies, 020206 networking & telecommunications, Cryptography, 02 engineering and technology, Binary logarithm, Encryption, Proxy re-encryption, Collusion, 0202 electrical engineering, electronic engineering, information engineering, Key derivation function, business, Proxy (statistics), Group key, Computer network

Abstract

Users share a group key to decrypt encryptions for the group using a group key management scheme. In this paper, we propose a re-encryption-based group key management scheme, which uses a unidirectional proxy re-encryption scheme with special properties to enable group members share the updated group key with minimum storage and computation overhead. In particular, we propose a proxy re-encryption scheme that supports direct re-encryption key derivation using intermediate re-encryption keys. Unlike multi-hop re-encryption, the proposed proxy re-encryption scheme does not involve repeated re-encryption of the message. All the computations are done on the re-encryption key level and only one re-encryption is sufficient for making the group key available to the users. The proposed scheme is the first for group key management based on proxy re-encryption that is secure against collusion. The individual users store just one individual secret key with group key derivation requiring O $$(\log N)$$ computation steps for a group of N users. Size of the public bulletin maintained to facilitate access to the most recent group key for off-line members is O(N) and remains constant with respect to the number of group updates. The proposed group key management scheme confronts attacks by a non-member and even a collusion attack under standard cryptographic assumptions.

Published

2018

46. Cross-cluster asymmetric group key agreement for wireless sensor networks

Author

Zhang Qikun, Liehuang Zhu, Jiamin Zheng, Xiaosong Zhang, Yu-an Tan, and Quanxin Zhang

Subjects

General Computer Science, Computer science, 0202 electrical engineering, electronic engineering, information engineering, Cluster (physics), 020206 networking & telecommunications, 020201 artificial intelligence & image processing, 02 engineering and technology, Topology, Wireless sensor network, Group key

Published

2018

47. A new two-round dynamic authenticated contributory group key agreement protocol using elliptic curve Diffie–Hellman with privacy preserving public key infrastructure

Author

Vankamamidi Srinivasa Naresh and Nistala V. E. S. Murthy

Subjects

TheoryofComputation_MISCELLANEOUS, Key-agreement protocol, Multidisciplinary, business.industry, Computer science, Elliptic curve Diffie–Hellman, MQV, Oakley protocol, Computer security, computer.software_genre, Diffie–Hellman key exchange, Forward secrecy, Station-to-Station protocol, business, computer, Computer network, Group key

Abstract

In this paper a new two-round authenticated contributory group key agreement based on Elliptic Curve Diffie–Hellman protocol with Privacy Preserving Public Key Infrastructure (PP-PKI) is introduced and is extended to a dynamic authenticated contributory group key agreement with join and leave protocols for dynamic groups. The proposed protocol provides such security attributes as forward secrecy, backward secrecy, and defense against man in the middle (MITM) and Unknown key-share security attacks and also authentication along with privacy preserving attributes like anonymity, traceability and unlinkability. In the end, they are compared with other popular Diffie–Hellman and Elliptic Curve Diffie–Hellman based group key agreement protocols and the results are found to be satisfactory.

Published

2015

48. A Time-Bound and Hierarchical Key Management Scheme for Secure Multicast Systems

Author

Wei Chieh Huang and Victor R. L. Shen

Subjects

Secure multicast, Multicast, Computer science, business.industry, Hash function, Key distribution, Access control, Computer security, computer.software_genre, Encryption, Computer Science Applications, Elliptic curve, Security association, Elliptic curve cryptosystem, Electrical and Electronic Engineering, Key management, business, computer, Group key, Computer network

Abstract

In this paper, we have adopted elliptic curve multiplication operation, ID-based character in bilinear pairing, one-way hash function, and time access control to construct a time-bound hierarchical access control and key management scheme for multicast systems. In this scheme, central authority distributes a group key for every security class (SC) and a time-bound secret key for each member of security class. With its time-bound secret key, each member in SC can obtain a group key to decrypt the message and thereof utilize the group key to attain the group keys for successors so as to decrypt their data sets. Considering many common ways of dynamic access control, namely, a new member joining in the security class, an existing member departing from a security class, replacing time-bound key, increasing security class, decreasing security class, replacing group key, adding relationship and deleting relationship among SCs, all of them are explicitly discussed in this paper. In view of the security and performance analyses under many typical attacks, we thereby prove our proposed scheme can prevent malicious attacks effectively with less computation time and more reasonable complexity. In consequence, the proposed scheme offers a secure and hierarchical access control in multicast systems.

Published

2015

49. Provably secure one-round certificateless authenticated group key agreement protocol for secure communications

Author

Abhishek Kumar Singh and Sk Hafizul Islam

Subjects

Provable security, computer.internet_protocol, Computer science, Key distribution, Cryptography, Oakley protocol, Computer security, computer.software_genre, Random oracle, Public-key cryptography, Diffie–Hellman key exchange, Security association, Universal composability, Certificate authority, Session key, Electrical and Electronic Engineering, Key exchange, Group key, Standard model (cryptography), Key-agreement protocol, Authentication, business.industry, Computer security model, Certificate Management Protocol, Computer Science Applications, Authenticated Key Exchange, Group Domain of Interpretation, business, computer, Computer network

Abstract

A novel one-round authenticated group key agreement (CL-AGKA) protocol is devised in this paper on certificateless public key cryptography. Our CL-AGKA protocol abolished the certificate management burden existing in certificate authority-based public key cryptography and the private-key escrow problem occurring in identity-based cryptography. Our CL-AGKA protocol is designed to establish an authenticated group session key between a group participants by ensuring that the session key is not revealed to any outsiders. The proposed CL-AGKA protocol designed a security model in the computational model, called the random oracle model. It is formally examined that our CL-AGKA protocol achieved the strong authenticated key exchange security and thus provably secured in the random oracle model. The security of the designed protocol is achieved against the intractability assumptions of the computational Diffie---Hellman problem and bilinear Diffie---Hellman problem. In addition, the proposed CL-AGKA protocol offered low message exchange cost and computational cost against the related group key agreement protocols.

Published

2015

50. A novel protocol for multiparty quantum key management

Author

Zhao Dou, Yi-Xian Yang, Gang Xu, Zongpeng Li, and Xiu-Bo Chen

Subjects

Key-agreement protocol, Key generation, Computer science, Key distribution, Statistical and Nonlinear Physics, Computer security, computer.software_genre, Theoretical Computer Science, Electronic, Optical and Magnetic Materials, Quantum cryptography, Modeling and Simulation, Signal Processing, Key (cryptography), Pre-shared key, Electrical and Electronic Engineering, Key management, computer, Group key

Abstract

Key management plays a fundamental role in the field of cryptography. In this paper, we propose a novel multiparty quantum key management (QKM) protocol. Departing from single-function quantum cryptography protocols, our protocol has a salient feature in that it accomplishes a complete QKM process. In this process, we can simultaneously realize the functions of key generation, key distribution and key backup by executing the protocol once. Meanwhile, for the first time, we propose the idea of multi-function QKM. Firstly, the secret key is randomly generated by managers via the quantum measurements in $$d$$d-level Bell basis. Then, through entanglement swapping, the secret key is successfully distributed to users. Under circumstances of urgent requirement, all managers can cooperate to recover the users' secret key, but neither of them can recover it unilaterally. Furthermore, this protocol is further generalized into the multi-manager and multi-user QKM scenario. It has clear advantages in the burgeoning area of quantum security group communication. In this system, all group members share the same group key, and group key management is the foundation of secure group communication and hence an important subject of study.

Published

2015