Key Management Techniques
for Group Communications in MANETs
Maria Striki, John S. Baras
Original 2d-Octopus (O): Breaks a Large Group into 2d Smaller Subgroups,
Requires Three Steps:
1. Subgroup Key Establishment by means of a Centralized Scheme
2. Group Key Establishment from Partial Subgroup Keys via Hypercube
3. Each Subgroup Leader Communicates Group Key to All its Members
Key
Entity
Generation Authentication
Key
Distribution
Steady State
Operations
MAC
address
16
2
?
Discover members
w12,16
9
w35
w45
5
w56
w49
9
10
5
6
8
w67
w9,10
sec ret
n 1: g
30
00
0
30
00
0
26
00
0
22
00
0
18
00
0
14
00
0
20
00
30
00
0
26
00
0
18
00
0
2
M3
M2
M1
n3: gn1 n2 n3,
gn1 n2,gn1 n3,gn2 n3
secret
nN
1..
nN
GDH.2
:g
,.., +
GKMP
n
g
+
g
H
TGDH +
P4
N -1 ,
n1
MN
14 w14,15
Original Octopus P5
GSC
,
,..
g
n2..n
nN-1
10
P6
P1
et N-1 +1…
secr ..ni-1 ni
n1
Group Key: gn1…nN
nN-1
n1…
A
111
G
110
100
E
F
8
101
=
B
C
D
P2
z’=az
011 D
z=ar1 r2
M3
M1
ƒSteady State Operations: Re-Keying, Re-authentication, Privileges Update/
26
00
0
22
00
0
18
00
0
14
00
0
60
00
00
10
00
0
0
20
00
0
0
00
00
26
30
0
0
00
22
0
00
14
00
0
10
00
0
60
00
22
00
0
Group Size (n)
Group Size (n)
x’=ar1 y’=ar2
x
y
M2
w’=ar3
w
C
v’=ar4
v
A
M5
M6
p’=ar5 q’=ar6
p
q
000
B
Hypercube
P7
P3
010
M4
001
Octopus – Based
protocols: MO, MOT
Step
StepII:
II:Comparative
ComparativePerformance
PerformanceEvaluation
Evaluationof
ofKey
KeyGeneration
Generation
with
withEntity
EntityAuthentication
Authenticationincorporation
incorporationfor
forprotocols
protocolsOFT,
OFT,MO,
MO,
MOT
MOT&
&original
originalOctopus
Octopus
Revocation
Focus on the Design of Suitable for MANETs Techniques for Group
Formation and Steady State Operations. Emphasis on Incorporation of
Entity Authentication to Key Generation/ Distribution
Table 1: Evaluation and Comparison of Octopus based protocols: (O), (MO) and (MOT)
Motivation
Example
ExampleII(on-line
(on-lineTrusted
TrustedEntities
Entitiesvs.
vs.off-line
off-lineTrusted
TrustedEntities)
Entities)
Wire-line
MANETs
ƒTrusted Entities are not available at all times
because:
ƒStable infrastructure
ƒNot stable infrastructure
ƒInfinite power
ƒDynamic changes in the network
ƒTwo unknown nodes can trust each
other anytime through Trusted
Entities
(OFT)
1.00E+10
Figure 3: OFT is by far the worst. MOT has the best Figure 4: (O) is by far the worst. MOT is the winner
performance as far as Initial Comm/tion, then MO for addition computation, MO and OFT behave
similarly. Same graph for deletion when d=4
secret n : gn1 , gn2 , gn1 n2
n1
Entity Authentication
ƒEffects:
(MOT)
(OFT)
w68
6
(MO)
1.00E+13
1.00E+12
ƒGroup Formation Operations: Bootstrapping, Key Generation-Distribution,
because:
18
(MOT)
:g
7
ƒ On-line and known Trusted Entities
14
(MO)
t n N ni+
cre ni- 1
..
se
7
MAC
address Squad 054
(O)
(O)
1.00E+13
w9,11
3
3
Build Group
w11,14
Overall GSCs Addition Computation vs. Group Size, d=4
(log. Scale)
1.00E+14
w13,14
11
(OFT)
1.00E+16
1.00E+15
w11,12
4
(MOT)
Group Size (n)
1.00E+16
13
w4,16
w23
14
11
4
Authenticate
16
2 w2,16
12
15
Squad054
certificate
CA2
w12
13
1
(MO)
Figure 2: MO & (O) are by far the worst. MOT
reduces overhead to almost half in regard to OFT
Overall GSCs Initiall Computation vs. Group Size, d=6 (log.
Scale)
..
n2
w12,13
12
(O)
G r o u p S iz e ( n )
Figure 1: MO is by far the worst. MOT along with
(O) are the winners, followed closely by OFT
w13,17
17
w16,17
1
17
1 .0 0 E+0 6
20
00
ƒFlexibility: Select Key Generation/Distribution Subgroup Protocols Freely
ƒIndependence of Subgroups: Different Key Generation Protocols May Be
Applied to Each Subgroup
ƒLocalization: Subgroups Deployed in a Relatively Restricted Network Area
ƒAdaptability: No Restrictions on Subgroup Size subject to Network Topology
ƒEfficiency: Less Comm/tion OH & Bandwidth Consumption per Subgroup
ƒRobustness: Faulty Subgroup Leaders Tolerated or Replaced Dynamically
Leader
Election
certificate
1 .0 0 E+0 7
Advantages
Advantages
Problem Specification: Roadmap for Group & Key Establishment &
for Group Security Maintenance in a MANET
CA1
( O FT)
1.00E+17
Key Management
Bootstrapping
( M O T)
10
00
0
Application:
Secure the
WEP of MAC
for MAN ETs
(MO)
60
00
ƒRobust: handles the dynamics of the network
ƒScalable: handles successfully a large number of nodes
(O)
1 .0 0 E+0 8
00
Storage, Delay Costs) low as possible
9.00E+06
8.00E+06
7.00E+06
6.00E+06
5.00E+06
4.00E+06
3.00E+06
2.00E+06
1.00E+06
1.00E+03
1 .0 0 E+0 9
00
ƒEfficient: overhead caused by security (Comm/tion, Computation,
ƒ GDH.2 based 2d-Octopus (MO): Maintains 2nd Step Intact, Substitutes the
Centralized Scheme of the 1st & 3d Step with GDH.2. The Mn Member of GDH.2
becomes Subgroup Leader for MO
a ab"z = a N
Subgroup Key Becomes:
ƒ TGDH based 2d-Octopus (MOT): Maintains 2nd Step Intact, Substitutes the
Centralized Scheme of the 1st & 3d Step with TGDH. The sponsor of TGDH
becomes Subgroup Leader for MOT
Subgroup Key Becomes: a x y = a N
00
recipients, and only they must “read” it)
Addition Communication vs. Group Size , d=3
1 .0 0 E+1 0
60
ƒSecure: enables/protects data exchange (it reaches all intended
Generation
Generationfor
forprotocols
protocolsOFT,
OFT,MO,
MO,MOT
MOT&
&original
originalOctopus
Octopus
I n it i a l C o m m u n ic a t io n v s . G r o u p S iz e , d =6 ( lo g . S c a le )
20
Management Schemes in MANETs, for Secure Group Comm/tions
Application:
Secure Routing
for MAN ETs
Step
StepI:I:Comparative
ComparativePerformance
PerformanceEvaluation
Evaluationof
ofKey
Key
10
ƒObjective: Construct Secure, Efficient, Robust & Scalable Key
Secure, efficient, scalable Group
Communications for MANETs
Results
Key
KeyGeneration-Distribution
Generation-DistributionApproach:
Approach:Octopus
OctopusBased
BasedProtocols
Protocols
Problem Specification
ƒEffects
ƒUnknown nodes do not have access on
demand to Trusted Entities
ƒEstablishment of trust between them is a
difficult task
Entity
EntityAuthentication
AuthenticationApproaches
Approachesfor
forMANETs
MANETs
ƒModification of Lamport Hash for Entity Authentication/Re-Authentication
Original Lamport: Simple Password Protocol for Wire-Line Network, Prevents
Eavesdropping, Impersonation, Replay Attacks. No Mutual Authentication
Our Modification: Suitable in MANETs, Eliminate Man-In-the-Middle Attack:
STEP 1: Authenticated DH key Exchange at Bootstrapping, Obtain Secret
Key, use it to Exchange Initial Quantities <n,xn>.
STEP K (>1): Apply Original Lamport
ƒModified Merkle Trees (MMT) for (Re)Authentication, Privileges Update/
Revocation
Assumption: Hierarchical Structure. Group Divided to Subgroups. MMT
Applied per Subgroup and a per Subgroup CA Generated
How it works: Member i Creates Secret Share mi from 2-Party DH Exchange
with Leader. Leader Hashes these Values, and Sends Back to Node logN Values
Figure1: Initial Communication vs. Group size, d=6
for authenticated O and MOT, compared to OFT.
O and MOT achieve almost the same lowest cost
Figure2: GSC comp. cost of authenticated
(O), MOT, O. Despite the two added
services, MOT still performs best
CONCLUSIONS
CONCLUSIONS––FUTURE
FUTURE WORK
WORK
ƒContinue Design & Develop Efficient, Robust & Scalable Algorithms
for Key Generation-Distribution, Entity Authentication, Steady State
Operations of Key Management (KM)
ƒDevelop Analytical Mobility Models from Realistic Mobility Patterns,
Incorporate them in KM, Evaluate Effect of Mobility on KM Schemes
ƒImplementation of KM in Linux Platforms, to be Tested Over AODV