Journal of KIISE:Information Networking (한국정보과학회논문지:정보통신)

Korean Institute of Information Scientists and Engineers (한국정보과학회)
권호 표지

Decentralized Group Key Management for Untrusted Dynamic Networks

신뢰할 수 없는 동적 네트워크 환경을 위한 비중앙화 그룹키 관리 기법

  • 허준범 (한국과학기술원 전산학과) ;
  • 윤현수 (한국과학기술원 전산학과)
  • Published : 2009.08.15
Download PDF
⟨ Previous Next ⟩

Abstract

Decentralized group key management mechanisms offer beneficial solutions to enhance the scalability and reliability of a secure multicast framework by confining the impact of a membership change in a local area. However, many of the previous decentralized solutions reveal the plaintext to the intermediate relaying proxies, or require the key distribution center to coordinate secure group communications between subgroups. In this study, we propose a decentralized group key management scheme that features a mechanism allowing a service provider to deliver the group key to valid members in a distributed manner using the proxy cryptography. In the proposed scheme, the key distribution center is eliminated while data confidentiality of the transmitted message is provided during the message delivery process. The proposed scheme can support a secure group communication in dynamic network environments where there is no trusted central controller for the whole network and the network topology changes frequently.

비중앙화(decentralized) 그룹키 관리 알고리즘은 그룹 멤버의 변화에 대한 영향을 지역적인곳으로 한정시킴으로서 안전한 멀티캐스트 네트워크 구조의 확장성(scalability)과 안정성(reliability)을 향상시킬 수 있다. 그러나 기존의 비중앙화 그룹키 관리 기법들에서는 멀티캐스트 과정에서 중간의 중계노드들이 멀티캐스트 데이터의 평문 정보를 복호화함으로써 그룹 통신의 비밀성이 보장되지 않거나, 하위 그룹간의 안전한 통신을 위해서 외부의 중앙화된 그룹키 분배 센터가 필요했다. 본 연구에서 제안하는 그룹키 관리 방식에서는 서비스 제공자가 대리 암호(proxy encryption)를 이용하여 그룹키를 분산화(distributed) 방식으로 합법적인 그룹 멤버에게만 분배한다. 따라서 멀티캐스트 데이터를 전송하는 과정에서 데이터의 비밀성을 보장하는 안전한 통신을 가능케 함과 동시에 중앙화된 그룹키 분배 센터에 대한 필요성을 제거시킬 수 있다. 제안하는 그룹키 관리 기법은 중앙화된 네트워크 관리자가 없이 네트워크의 구조가 빈번히 변화하는 신뢰할 수 없는 동적인 네트워크 환경에서도 안전한 그룹통신을 효과적으로 보장할 수 있다.

Keywords

References

  1. S. Rafaeli, D. Hutchison, "A Survey of Key Management for Secure Group Communication," ACM Computing Surveys, vol.35, no.3, pp.309-329, 2003 https://doi.org/10.1145/937503.937506
  2. I. F. Akyildiz, X. Wang, W. Wang, "Wireless Mesh Networks: A Survey, Computer Networks," vol.47, pp.445~487, 2005 https://doi.org/10.1016/j.comnet.2004.12.001
  3. C. K. Wong, M. G. Gouda, and S. S. Lam, "Secure Group Communications Using Key Graphs," ACM SIGCOMM, pp.68-79, 1998
  4. D. A. McGrew and A. T. Sherman, "Key Establishment in Large Dynamic Groups Using Oneway Function Trees," Tech. Rep. 0755, TIS Labs at Network Associates, Inc., Glenwood, Md
  5. R Canetti, J. Garay, G. Itkis, D. Miccianancio, M. Naor, and B. Pinkas, "Multicast security: A taxonomy and some efficient constructions," Proceedings of IEEE INFOCOM 1999, pp.708-716
  6. A. Perrig, D. Song, and J. D. Tygar. "ELK, a New Protocol for Efficient Large-Group Key Distribution," Proceedings of IEEE Symposium on Security and Privacy, pp.247-262, 2001
  7. S. Mittra, "Iolus: A Framework for Scalable Secure Multicasting," Proceedings of the Conference on Applications, Technologies, Architectures, and Protocols for Computer Communication, pp.277-288, 1997
  8. R. Molva, A. Pannetrat, "Scalable Multicast Scemity in Dynamic Groups," Proceedings of the 6th ACM Conference on Computer and Communications Security (ACM CCS), pp.101-112, 1999
  9. M. Steiner, G. Tsudik, M. Waidner, "Diffie-Hellman Key Distribution Extended to Group Communication," Proceedings of the 3rd ACM Conference on Computer and Communications Security (ACM CCS), pp.31-37, 1996
  10. A. Ivan, Y. Dodis, "Proxy Cryptography Revisited," Proceedings of the Tenth Network and Distributed System Security Symposium, 2003
  11. Y. Chiu, C. Lei, C. Huang, "Secure Multicast Using Proxy Encryption," Proceedings of International Conference on Information and Communications Security, ICIGS 2005, Lecture Notes in Computer Science 3783, pp.280-290, 2005
  12. D. Boneh, M. Franklin, "Identity-Based Encryption from the Weil Pairing," Proceedings of Crypto 2001, Lecture Notes in Computer Science 2139, pp. 213-229, 2001 https://doi.org/10.1007/3-540-44647-8_13
  13. C. Huang, Y. Chiu, K. Chen, C. Lei, "Secure Multicast in Dynamic Environments," Computer Networks, vol.51, pp.2805-2817, 2007 https://doi.org/10.1016/j.comnet.2006.11.027
  14. L. Dondeti, S. Mukherjee, A. Samal, "Scalable Secure One-to-many Group Communication Using Dual Encryption," Computer Communication, vol. 23, pp.1681-1701, 1999 https://doi.org/10.1016/S0140-3664(00)00255-3
  15. R. Cramer, V. Shoup, "Secure Hybrid Encryption from Weakened Key Encapsulation," Proceedings of Crypto, pp.553-571, 2007
  16. Y. Tsiounis, M. Yung, "On the Security of ElGamal Based Encryption," Proceedings of the 1st International Workshop on Practice and Theory in Public Key Cryptography, PKC'98, Lecture Notes in Computer Science 1431, pp.117-134, 1998 https://doi.org/10.1007/BFb0054019
  17. D. R. Stinson, Cryptography Theory and Practice (third edition), Chapman & Hall/CRC, 2006
  18. T. M. Cover, J. A. Thomas, Elements of Information Theory (second edition), Wiley, 2006