Trust based Clustering for Group Trust based Clustering for Group Trust based Clustering for Group Trust based Clustering for Group Key Management Key Management Key Management Key Management Hamida SEBA Graphs, Algorithms and Applications L aboratoire d' I nfoRmatique en I mage et S ystèmes d'information LIRIS UMR 5205 CNRS/INSA de Lyon/Université Claude Bernard Lyon 1/Université Lumière Lyon 2/Ecole Centrale de Lyon http://liris.cnrs.fr
In this talk: In this talk: Group based applications Security of Group communication Group key management Trust based clustering for group key management 2 Hamida SEBA
Process Group based applications Group based applications Web service Agent End user application Etc. Teleconferencing Distributed interactive simulation Collaborative work E-learning Replicated databases Etc. Hamida SEBA 3
Security of Group Communication Security of Group Communication Confidentiality Authentication Prevention Integrity Non-repudiation 4 Hamida SEBA
Confidentiality Confidentiality- Key Management Key Management Solution= Encryption Symmetric Key : shared between the sender and the receivers. This key is called : the group key Main issue : how to compute and distribute keys? Hamida SEBA 5
GROUP KEY MANAGEMENT GROUP KEY MANAGEMENT GROUP KEY: a secret quantity known only to current group members A new group member can not read data exchanged before he joins the group BACKWARD SECRECY Any subset of group keys cannot be used to discover previous group An excluded member can keys not read data exchanged after he leaves the group FORWARD SECRECY Any subset of group keys cannot be used to discover subsequent keys THE GROUP KEY MANAGEMENT PROTOCOL MUST UPDATE THE GROUP KEY (REKEY) Hamida SEBA 6
MODELS OF GROUP KEYS (1) MODELS OF GROUP KEYS (1) GROUP KEY DISTRIBUTION One party generates a secret key and distributes it to others Pairwise model Hierarchical model (tree of members or third parties Group member Group member Key node No key generation Does key generation Hamida SEBA
MODELS OF GROUP KEYS (2) MODELS OF GROUP KEYS (2) GROUP KEY AGREEMENT Secret key is derived jointly by two or more parties Key is a function of information contributed by each member No party can pre-determine the result Distributed Tree of keys (maintained by each member) Group member Does key generation No pre-determined structure Key node Hamida SEBA
Group Key computation: an example Protocole de Perrig et al.,2000 N 1 N 2 N 3 N 4 g g clé g mod p 1 3 N N N N 1 2 3 4 k g mod p k g mod p , 2 , 4 bk N bk i b N g mod p 1 , 2 3 , 4 i N 2 N 1 N 4 N 3 bN bN 3 4 bN bN 1 M 2 2 M 1 M 4 M 3 Hamida SEBA 9
MODELS OF GROUP KEYS (3) MODELS OF GROUP KEYS (3) Hybrid Solutions Cluster based. Key Agreement Key Distribution How to construct/maintain clusters? How to compute inter-cluster keys and intra-cluster keys? How about a security based clustering? Group member Does key generation Simple node Hamida SEBA
Trust Trust-based Clustering based Clustering Know each other: Establish trust/distrust relations Log and analyze interactions Give scores Good interaction Bad interaction Application dependent Peer to peer network: Nodes: promiscuous mode Forward packet: + Black hole attack: - Recommendations, etc. Hamida SEBA 11
Trust Trust-based Clustering based Clustering j Two trust thresholds : S max and S min tv(j,i) [1, S min S max ,1] tv(i,l) tv(i,j) i Total trust (TT) l tv(l,i) tv(i,k) ) Є Є [S max • tv( tv(i,j i,j) and tv( ) and tv(j,i j,i) max ,1] ,1] tv(k,i) k Partiel Trust (PT) ) Є Є [S max ) Є Є [S min • tv( tv(i,j i,j) max ,1] and ,1] and tv( tv(j,i j,i) min , , S max max ] ) Є Є [S min ) Є Є [S max • tv( tv(i,j i,j) min , , S max max ] and ] and tv( tv(j,i j,i) max ,1] ,1] ) Є Є [S min • tv( tv(i,j i,j) ) and and tv( tv(j,i j,i) min , , S max max ] Distrust (DT) ) Є Є [-1, • tv( tv(i,j i,j) ) and and tv( tv(j,i j,i) 1, S min min ] 12 Hamida SEBA
Trust Trust-based Clustering based Clustering Two trust thresholds : S max and S min j TT Total trust (TT) DT i l ) Є Є [S max • tv( tv(i,j i,j) and tv( ) and tv(j,i j,i) max ,1] ,1] PT k Partiel Trust (PT) ) Є Є [S max ) Є Є [S min • tv( tv(i,j i,j) max ,1] and ,1] and tv( tv(j,i j,i) min , , S max max ] ) Є Є [S min ) Є Є [S max • tv( tv(i,j i,j) min , , S max max ] and ] and tv( tv(j,i j,i) max ,1] ,1] ) Є Є [S min • tv( tv(i,j i,j) ) and and tv( tv(j,i j,i) min , , S max max ] Distrust (DT) ) Є Є [-1, • tv( tv(i,j i,j) ) and and tv( tv(j,i j,i) 1, S min min ] 13 Hamida SEBA 13
Trust-based Clustering Trust based Clustering Distrusted node Cluster periphery (key distribution zone) Cluster core (TT) (key agreement zone) Clusterheads Max number of Self-stabilizing algorithm: TT relations Adaptive Self-maintaining Hamida SEBA
Example Example 1 1 1 1 3 3 1 1 1 1 1 3 3 3 3 2 2 1 1 2 3 3 2 2 1 2 2 1 Hamida SEBA 15 15
Recommend
More recommend
