A Manageable Method for Multicast Key Management Protocol
advertisement
International Journal of Engineering Trends and Technology (IJETT) – Volume 18 Number2- Dec 2014 A Manageable Method for Multicast Key Management Protocol Pothala Siva Kiran Kumar1, V Sangeeta2 1 1,2 Final M.Tech Student, 2Associate professor Dept of CSE,Pydah College of Engineering and Technology, JNTUK University Abstract: - In multicasting the main role is for group key management. By using inaccurate mathematical computations and un-eligible curve theories or polynomials for generate group keys. By achieving these we introduced a multicast key exchange algorithm that consists of recursive mathematical operations such as chebyshev map theory which is contains recursive and accurate group key generation technique. Index terms: Chebyshev Map Theory, Multicast key,Group Key management I.INTRODUCTION Multicast groupkey[1] can be circulated in reckoning. A typical model where session keys are issued and dispersed by a focal Group controller, as it has considerably less correspondence intricacy contrasted with appropriated key exchange conventions, which is a greatly coveted property in many remote applications. The assets requirement for the grouping controller to disseminate session keys to grouping parts incorporate correspondence, stockpiling, and processing assets. The correspondence unpredictability is generally measured by the quantity of information bits that required being transferred from the group controller to grouping parts to pass on data of session keys and the stockpiling multifaceted nature is measured by the quantity of information bits that the group controller and grouping parts need to store to acquire session keys. Some other also is imperative yet ordinarily under recognized and in the event that it is not overlooked element is the processing many-sided quality and it can measured by the quantity of calculation operations (or the reckoning time on a given registering stage) that the Group Controller and grouping parts need to disperse and concentrate session keys. The issue of how assets can viably be utilized to appropriate session keys is alluded to as the grouping key conveyance issue. For an element multicast bunch, a session key is issued by a Group Controller [1]. Utilizing this session key, the GC is a created secure multicast channel with the approved grouping parts. Each time bunch Memberships change due to the join or leave of some grouping parts, the grouping controller reissues another session key, which is free of all the previous group session keys. This rekeying technique guarantees the protection of the present session and that of the previous sessions and that is the recently ISSN: 2231-5381 joined parts can't recuperate the interchanges of the old sessions and old parts who left the grouping can't get to the current session. Therefore, both the regressive mystery and the forward mystery of grouping correspondence are kept up. Group key management, which is concerned with producing and overhauling mystery keys, is one of the basic advances to secure such grouping correspondences. Key management encourages access control and information classifiedness by guaranteeing that the keys used to encode bunch correspondence are imparted just among authentic grouping parts. Just the honest to goodness bunch parts can get to grouping interchanges. The imparted grouping key can likewise be utilized for verification. At the point when a message is scrambled utilizing the grouping key, the message must be from an authentic grouping part. To diminish the issues the accompanying two security criteria are essential for the grouping key appropriation in secure multicast correspondence. Forward secrecy: In the event that an individual has left a group and withdrew part can't unscramble encoded messages transmitted in the wake of clearing out. Retrogressive mystery: If an individual joins a group and he can't decode scrambled messages transmitted before the joining. The procedure for attaining forward and regressive mystery obliges redistributing the group key. This procedure is called group rekeying. Security requirements of group key management: 1. Forward mystery obliges that clients who left the grouping ought not have entry to any future key. This demonstrates that the part can't unscramble information after it leaves the grouping. It is certain that the forward mystery and a re-key of the grouping with another Traffic Encryption Key after each one leave from the grouping is a definitive arrangement. 2. Retrogressive mystery obliges that another client that joins the session ought not have admittance to http://www.ijettjournal.org Page 113 International Journal of Engineering Trends and Technology (IJETT) – Volume 18 Number2- Dec 2014 any old key. This can beyond any doubt that a part can't unscramble information sent before it joins the grouping. To beyond any doubt retrogressive mystery and a re-key of the grouping with another TEK after each one join to the grouping is a definitive arrangement. 3. Agreement flexibility obliges that any set of false clients ought not have the capacity to derive the current activity encryption key. 4. Key autonomy: a convention is said key autonomous if an exposure of a key does not bargain different keys. 5. Insignificant trust: the key management plan ought not place confide in a high number of elements. Something else, the successful sending of the plan would not be simple. II.RELATED WORK In multicast bunch correspondences, a legitimate MKD protocol[3] [4] is needed for producing and dispersing a mystery grouping key that can be utilized to secure (scramble) information sent from one source to all objectives that are part of the same grouping. Since multicast groupings are frequently extremely rapid, because of the join of new parts and the leave of old parts, the MKD needs to handle such grouping participation changes by re-creating and re-circulating new grouping keys. All the more correctly, the grouping key ought to be modified after every join and that is excluded through a suitable rekeying operation and so that a previous grouping part has no right to gain entrance to current interchanges and another part has no right to gain entrance to past correspondences. These prerequisites can be communicated by presenting the ideas of forward mystery and retrogressive mystery. As indicated by the previous, nonmembers ought not have the capacity to acquire the grouping key at any moment built just with respect to the data acquired at or before that moment. A more strict prerequisite, is the idea of regressive mystery, agreeing with the group key at any moment ought not be process able by non-parts considerably after that moment (as it were, the new comers can't process past group keys). Additionally, group correspondence ought to ISSN: 2231-5381 be impervious to conspiracy assaults, in which (past or current) part of the group trade data ''out-of-band'' so as to illegally have admittance to data. Join and leave operations can happen at whatever time (in an offbeat and element design), or on the other hand, they can be synchronized at particular moments (in an opened way). In the second case, various join/leave operations ought to be mutually overseen in the same fleeting space and thus these systems are additionally alluded as ""clump"" strategies. In this work, we concentrate on this sort of instruments, since they altogether diminish the many-sided quality (measured regarding number of traded messages) and they fit well the attributes of reasonable administrations, for example, internet diversion, where the join/leave operations have an everyday or an hourly granularity. The Key Tree Manager [9] is capable to deal with the key tree and to create new gathering keys. It doles out a position to a recently included hub and imprints the keys on the key tree that need to be upgraded. The Key Tree Manager additionally changes the key tree structure focused around the probabilities got from the Request Predictor. It may change the quantity of limbs at the top level of the key tree so as to keep up the ideal key tree structure as indicated by the anticipated probabilities. This can be effortlessly fulfilled by erasing or including one level instantly underneath the top level. The Delay Controller figures and controls the measure of the defenselessness window. By controlling the time postpone, the framework can perform the synchronized key upgrade with variable time periods. The data transmission needed for securing the multicast bunch correspondence can be decreased if the time of the key upgrade can be alertly changed. The Delay Controller sends its processed deferral time to the Key Tree Manager, which will look at if the time is arrived at. Assuming this is the case, the Key Tree Manager will show the overhauled keys to set up the telecast information. The Key Tree supervisor checks the hubs along every way from the new client hub at the leaf to the root. On the off chance that it discovers a hub that is stamped, it will encode the new key put away in this hub by utilizing the keys put away as a part of its youngster hub. III. PROPOSED WORK In our proposed work contains a system for gathering key management and productive correspondence cost in correspondence. It contains a calculation for http://www.ijettjournal.org Page 114 International Journal of Engineering Trends and Technology (IJETT) – Volume 18 Number2- Dec 2014 creating keys for part removal and expansion from a gathering. This methodology is purported as rekeying. From secure key era we embrace chebyshev map cycle idea. It is utilized for creating positive keys for clients. There is an impediment in past methodology, for example, the premise of the above calculation is semi-bunch property, which is constantly valid for Chebyshev delineate. On the other hand, we must perceive that, on one hand, Chebyshev guide is characterized over genuine numbers and delicate to introductory conditions. Then again, machine can just do estimated other than exact reckoning. Subsequently, = b × c × an if a; b; c are genuine numbers Multicast key management, which is much not the same as unicast key management, is a standout amongst the most appealing region of cryptography. For unicast application theDiffie-Hellman key exchange convention can be utilized to make a KEK (Key Encryption Key) between two elements. At that point utilize this KEK to dispatch or overhaul a session key. Interestingly, the circumstances is significantly more convoluted for a multicast application. A multicast application should powerfully handle multi-elements. Case in point, in an element multicast bunch, the participation is alterable all the time because of oftentimes clients' expansion and expulsion. So the key materials will most likely be uncovered if no security approaches are embraced. In the previous two decades, analysts have proposed numerous multicast key management plans . These plans can be sorted into three separate sorts: concentrated, decentralized and circulated. A concentrated gathering key management plan includes a Key Server (KS) to produce and appropriate imparted key to all gathering parts by means of a correspondence channel. The decentralized key management separates the entire gathering into littler subgroups. Every subgroup is controlled by a solitary or a few KS. A Distributed plan permits every part to participate in a gathering key era collectively. Each of the three plans has its own particular points of interest and detriments. The incorporated plan is the least complex one yet has the danger of single-pointdisappointment. Decentralized plan includes some correspondence many-sided quality between two parts inside distinctive subgroups. Conveyed plan is some way or another more unpredictable than the other two, however it doesn't include KS. This peculiarity is extremely helpful on account of nobody can assume the part of KS, e.g. a sensor Ad-hoc system application. The objective of the multicast key exchange calculation can be communicated as takes after: By trading messages over untrusted system, multi-elements have the capacity figure the mystery offer key freely. Amid the whole process, nobody is in charge of the key era or dissemination. Our proposed System as shown below F0(x) = 1 mod N F1(x) = x mod N Fn(x) = 2xFn-1(x) –Fn-2(x) mod N Where x is users secret key N is any integer which less 256 and greater than 0 n is number of members in the group ISSN: 2231-5381 http://www.ijettjournal.org Page 115 International Journal of Engineering Trends and Technology (IJETT) – Volume 18 Number2- Dec 2014 2. Send master key Network 1. Register 2. Send master key 1.Register Send Initial key Start key generation process Rotates up to no of users cycles User 1 Send second key User 3 Send third key …….n Send nth key The Algorithm is as follows: and sends it to the next. There are some notations such as ‘n’ is number of members in the group. ‘x’ is public key for user. ‘N’ is large prime number. (3) Repeat this until the last member calculates Fn(Fn-1 (· · · Fn-i+1(x))) and sends it to the first member. (1) The first member calculatesF1 (x) and sends it to thesecond member. (2) The second member calculates F2 (x) and sends it tothe third one. (3) Repeat this until the last member calculatesFrn(x) and sendsit to the first member. (1) The first member calculatesFn1 (Frn(x)) and sends it to the second member. (2) The second member calculates F2 (F1 (x)) and sends itto the next. (3) Repeat this until the last member calculatesFrn(Frn-1 (x))and sends it to the first member. Stage i. (1) The first member calculates F1 (Frn(· · · Frn-i+2(x)))and sends it to the second member. (2) The second member calculatesFn2 (Fn1 (· · · Frn-i+3(x))) ISSN: 2231-5381 By n − 1 stages message exchange by any memberand the ith member calculates the group session key by: Fi (Fi-1 (· · · F1(Fn(Fn-1(· · · Fi+1(x))))))which is equal to F12….rn(x) We call calculation a multicast key exchange calculation, yet users may watch that this calculation appears to unicast correspondence. Every hub conveys shared at each one stage. In other way we ought to recognize that this calculation initially is intended for building a multicast session key between gathering parts. After n stages running, all parts have the capacity arrange a session key, which will be utilized as a part of multicast correspondence. This is the reason it is named multicast key exchange calculation. In this we proposed a multicast key exchange protocol, here we illustrate an example. Consider we have three nodes w, y and Z acts as key server. Initially all nodes calculate their individual keys using chebyshev map as shown below. At z node x=2, n=3, N=7 F3(2)=2*2 F3-1(2) - T3-2(2) mod N =26 At w node x=3, n=3, N=4 http://www.ijettjournal.org Page 116 International Journal of Engineering Trends and Technology (IJETT) – Volume 18 Number2- Dec 2014 F3(3)=2*3 F3-1(3) - F3-2(3) mod N =99 At y node x=4, n=3, N=4 F3(4)=2*4 F3-1(4) - F3-2(4) mod N =120 After calculating of individual keys all nodes exchange keys in secure channel. Node z Node w Node y zkey zkey wkey wkey Ykey Ykey After sending individual keys, node z contains z*w*y key, node w contains w*y*z key and node y contains y*z*w. It satisfies the main feature association rule. We presented a comparison that shows the complexity of the group generation and the processing time of the process. Table1.The comparisons of key generation in simultaneous join or leave operations are shown below. Join Leave LKH OFT OKD CKCS Proposed m log2 n m log2 n m log2 n m+1 O(2n(n − 1)) m log2 n m log2 n m log2 n 1 O(2n(n − 1)) Processing time Protocols 1200 1000 800 600 400 200 0 LKH OFT OKD CKCSS Proposed Simultaneous users In this paper we have focused on the field of multicast key trade, which is an appealing sub-field of cryptography. We profoundly dissect the multicast key management plans proposed in and hence make sense of the lethal confinements. That is, because of the creators' wrong suspicions, the three calculations are not commonsense whatsoever. Notwithstanding, edified by those written works, we propose an alternate calculation focused around the stretched out Chebyshev polynomial to attain multicast key trade. Accuracy and security examination demonstrate that this new calculation is sensible and down to earth. REFERENCES [1] Sanjoy Paul. Multicasting on the Internet and Its Applications.Kluwer Academic Publishers, Norwell, MA, USA, 1998. [2] M. Park, Y. Park, H. Jeong, and S. Seo. Secure multiple multicastservices in wireless networks. Mobile Computing, IEEE Transactionson, PP(99):1, 2012. [3] H. Harney and C. Muckenhirn.Group key management protocol(gkmp) protocol specification, 1997. [4] H. Harney and C. Muckenhirn.Group key management protocol(gkmp) architecture, 1997. [5] Jack Snoeyink, SubhashSuri, and George Varghese.A lowerbound for multicast key distribution.Comput.Netw., 47(3):429–441, February 2005. [6] Min-Ho Park, Young-Hoon Park, and Seung-Woo Seo. A cellbaseddecentralized key management scheme for secure multicastin mobile cellular networks. In Vehicular Technology Conference(VTC 2010-Spring), 2010 IEEE 71st, pages 1 –6, may 2010. [7] Jen-Chiun Lin, Feipei Lai, and Hung-Chang Lee. Efficient groupkey management protocol with one-way key derivation. In Proceedings of the The IEEE Conference on Local Computer Networks30th Anniversary, LCN ’05, pages 336–343, Washington, DC, USA,2005. IEEE Computer Society. [8] Wen Tao Zhu. Optimizing the tree structure in secure multicastkey management. Communications Letters, IEEE, 9(5):477 – 479,may 2005. [9] Jun Sik Lee, JuHyung Son, Young Hoon Park, and Seung WooSeo. Optimal level-homogeneous tree structure for logical keyhierarchy.In Communication Systems Software and Middleware andWorkshops, 2008.COMSWARE 2008. 3rd International Conference on,pages 677 –681, jan. 2008. [10] Chung Kei Wong, Mohamed Gouda, and Simon S. Lam. Securegroup communications using key graphs. IEEE/ACM Trans. Netw.,8(1):16–30, February 2000. [11] SandroRafaeli and David Hutchison.A survey of key managementfor secure group communication.ACM Comput.Surv., In our protocol maximum all computations very low. IV. CONCLUSION ISSN: 2231-5381 http://www.ijettjournal.org Page 117 International Journal of Engineering Trends and Technology (IJETT) – Volume 18 Number2- Dec 2014 BIOGRAPHIES Pothala Siva Kiran Kumar completed MSC in M.S.R.S.Siddhartha P.G College,Sivapuram Junction, Visakhapatnam. He pursuing M.Tech in Department of CSE in Pydah College of Engineering and Technology, JNTUK University. His interesting areas are data mining network security. ISSN: 2231-5381 V Sangeeta completed her M.Tech in Andhra University, Visakhapatnam in year 2006.She is currently working as an Associate professor and Head of the Department of Computer Science and Engineering at Pydah College of Engineering and Technology, JNTUK University. She is pursuing her Ph.D degree in computer science at Andhra University. Her research focus on Data Mining and Warehousing . http://www.ijettjournal.org Page 118
