Performance Optimization of Region-Based
Group Key Management in Mobile Ad Hoc
Networks
- Presentation by Scott Stewart, Arun Sudhir, and Morgan Yeh -
Authors include Jin-Hee Cho,
Ing-Ray Chen, Ding-Chau Wang
1
Overview
Introduction
 Related Work and Information
 Terminology and Background
 Performance Model and Analysis
 Example at Work
 Summary and Conclusion

2
Introduction

Security
 Information
transfer
 Node integrity

Communications
 Node

interactions
Wireless / Mobile
 Reliability
Introduction

PKI – Public Key Infrastructure


Confidentiality
Integrity



Authentication (not authorization)
Non-repudiation


Message integrity
The ability to prevent a user from refuting their self-identity or
transaction
Rekeying

To change the value of a cryptographic key that is being used in
an application of a cryptographic system
Introduction

Mobile Ad Hoc Network (MANET)
 Rapidly
deployable, but …
 Constrained resources (CPU, memory,
battery, bandwidth)
 Unreliable communication
 Frequent network topology changes due to
node mobility
Introduction

Group key
 group

members share a secret key
Backward secrecy
 Group
key rekeyed
 New members cannot decrypt previous messages

Forward secrecy
 Group
key rekeyed
 Members leaving cannot decrypt future
communications
Introduction

Group key management protocol
 An
algorithm that deals with the distribution,
updating, and revocation of group keys
 Some sort of certificate management system

Problem
 Many
existing group key management
protocols do not consider node mobility
Introduction

Proposal
 Region-based group key
 Decentralized control



management protocol
reduce group key management overhead
Make protocol scalable to large number of nodes in a group
Focus
 Security
for mobility-induced events (group
partitioning/merging)
 Optimal setting to maximize performance of system
 Show that region-based outperforms non-regionbased protocols
Related Work and Information

Group key management
 Centralized


Uses key controller for key management tasks
Not suitable for MANETs
 Decentralized

Divides a group into subgroups
 Distributed


No group key controller for group key management
Contributory group key generation by all members
Related Work and Information

IGKMP (Hardjono et al. and Zhang et al.)



HYDRA (Rafaeli et al.)



Intra-domain Group Key Management Protocol
Suitable for wired networks, not MANETs
Decentralized
Based on use of multiple groups controllers in a region
DEP (Dondeti et al.)



Dual Encryption Protocol
Decentralized
Multiple subgroup controllers
Related Work and Information

Existing works
 Considers
hierarchical clustering for grouping nodes
into clusters


Scalability
Efficiency
 Two-layer
hierarchical key management structure
(Rhee et al.)


Secure communications, used by UAVs
Many other researches, but many lack
maximized system performance identifiers and
proofs
Related Work and Information

Assumptions
 Nodes
are equipped with GPS
 Nodes self-organize and group themselves into
region-based subgroups


Saves energy by avoiding executing clustering algorithms
Derivation
 Based
off of IGKMP
 Adopt distributed key management within each region

Robustness, avoid singling out a particular node to act as key
controller
Related Work and Information

Distributed key management research

GDH


Octopus (Becker and Wille)


Distributed LKH
DOFT


Logical Key Hierarchy
DLKH (Rodeh et al.)


Based on DH (Diffie-Hellman) key exchange protocol
LKH


Group Diffie-Hellman
Distributed One-way Function Tree
Many known research incur high communication overheads
Related Work and Information

Goals
 Robustness
without sacrificing efficiency
 Utilize any known distributed key management
schemes
 Identify the optimal region size to minimize network
traffic incurred by key management operations and
mobility-induced events in MANETs

Optimal region size determined by GDH
 To
be shown …
Terminology and Background
Terminology and Background








KG
KRL
KRi
RVi
LV
GV
RLi
RMi,j
Group key
Leader key
Regional key in region i
Regional view in region i
Leader view
Group view
A leader in region i
A member j in region i
Terminology and Background
Terminology and Background
Bootstrapping
 Key management
 View management
 Rekeying protocol

Terminology and Background









Group member join
Group member leave
Group member leave by a leader member
Boundary crossing by a non-leader member
Boundary crossing by a leader member
Group member disconnection and reconnection
Leader election
Group partition
Group merge
Terminology and Background
Terminology and Background

System model







Nodes are randomly
distributed according to a
homogeneous spatial Poisson
process
Density = λ p
Operational area = A = Π r ^ 2
Average number of nodes = N
= ( λp)A
Rate of joining a group = λ
Rate of leaving a group = μ
Probabilities


Node in any group = λ / (λ+μ)
Node not in any group = μ /
(λ+μ)
Terminology and Background

System model
 R(n)
= 3n^2 + 3n + 1
 n = 3, 37 regions
 n = 2, 19 regions
 n = 1, 7 regions
 Total number of
regional boundary
edges = 6*R(n)
 Total number of
outward boundary
edges = 12n+6
Terminology and Background

System model
 Mobility
rate of a
node, where
there is only one
region = σ
 σn = (2n + 1) σ
PRM (n)
Terminology and Background

Security model
 Secrecy
(non-repudiation), confidentiality,
integrity, and authentication
 Group key secrecy
 Forward/backward secrecy
 Key independence
Terminology and Background

Attack model
 Unauthorized
access to legitimate account
 Modify a data package to break data integrity
 Impersonating a group member
 Forge packets
Performance Model and
Analysis
Developed to evaluate network traffic cost
 Goal is to identify optimal region size
minimizing network traffic
 Derive a formula given a set of basic
parameter values
 Cost metric is total network traffic per time
unit

Performance Model and Analysis Total network traffic per time unit


Incurred in response to group key management events
Group merge/partition cost – Cost per time unit for dealing with
group partitioning and merging events




Regional mobility cost – Network response to mobility-induced
regional boundary crossing events
Group join/leave cost – Cost for handling group join or leave events


Re-keying the group key
Updating the group view
Includes cost caused by connection/disconnection events by group
members
Periodic Beaconing Cost – Maintaining view consistency by all
members through periodic beaconing

“I am alive”, “I-am-a-new-leader”
Performance Model and Analysis - State




Magnitude of cost depends on number of groups
Find average cost for the system in steady-state
probabilities for number of groups
Birth-death process used
Each state i represents i partitioned groups with
merging and partitioning rates
Cost for group merging and partitioning Ĉmp,i
Cost for group partition - Ĉpartition,i

Product of group-partitioning rate (λnp,i) and cost per
group partitioning event (Cnp,i)

Cnp,i covers 4 costs – Defined later





Cintra is cost for intra-region re-key & view update (explained later)
Cinter,i is cost for inter-region re-key & leader view update (later)
Cgroup,i is cost for group re-key and group view update (later)
is cost for a leader to change groups
is number of partitioned regions; r is radius of area;
s is radius of region
Cost for group merge - Ĉmerge,i

Product of group-merging rate (μnm,i) and cost per group
merging event (Cnm,i)

Cnm,i covers same 4 costs as Cnp,i



Only pertains to single merged group
is number of merged regions, similar to
Final equation for group merge/partition
Cost for regional boundary crossing - Ĉmobility,i

Traffic cost per time unit due to a regional boundary event
while the system has i groups

Two factors: Leader & Non-Leader Mobility
 Λm
is the aggregate regional mobility by nodes in the
system, given by σn × N
Cost for non-leader regional boundary
crossing 
Pnonleader is probability of a node being non-leader


Pnonleader = (N – Nleader)/N

N is total number of nodes in system

Nleader is total number of leaders in system
Cintra is cost for intra-region re-key & view update

is cost for updating a regional view

is cost for re-keying a regional key

Hregion is number of hops within a region;
s is radius of region; R is wireless per-hop
radio range
Cost for leader regional boundary crossing

Pleader is probability of a node being leader


Pleader = R(n)/N

R(n) is the total number of regions in the system

N is total number of nodes in system
Cinter,i is cost for inter-region communications

is cost for updating the leader view in a group

is cost for re-keying the leader key in a group

Hleader,i is number of hops among leaders

Radius of group approximated by r/√i
Cost for leader regional boundary crossing
Composed of four costs


Outgoing leader broadcasts two intent-to-leave messages to
regional members and other leaders

Incoming leader broadcast two “I-am-a-new-leader” messages to
its regional members and other leaders

Final equation for cost of regional boundary crossing
Cost for group join/leave - Ĉjoin/leave,i

Ĉjoin/leave,i = ΛJ × Cjoin,i + ΛL × Cleave,i
 Cjoin,i is
group join cost for i groups
 Cleave,i is
 ΛJ
group leave cost for i groups
and ΛL aggregate join/leave rates
Cost for group join - Ĉjoin,i

Regional update and group update

Ĉjoin,i = Cintra + Cgroup,i





Cintra is cost for intra-region re-key & view update
is number of bits required in a broadcast messages for
updating the group view for the leaders
is number of bits for updating the group view for
members in a region
is number of bits for re-keying the group key for
members in a region
Nregion, i is the number of regions in a group: R(n)/i
Cost for group leave - Ĉleave,i

Non-member leave and member-leave
 Pleader
& Pnon-leader are probabilities of a node being a leader
or non-leader
 Cintra is cost for intra-region re-key & view update
 Cinter,i is cost for inter-region re-key & leader view update
is cost for a leader to change groups

Cost for beaconing - Ĉbeacon,i


Includes cost in two levels

Intra-regional among region members for region view

Inter-regional among leaders for leader view
Ĉbeacon,i = [ΛRB × Malive × Hregion] + [ΛLB × Malive × Hleader,i]

Malive is number of bits in beacon message

Hregion is number of hops between a regional leader and a regional
member

Hleader,i is number of hops among leaders in a group when there are
i groups
Cost for beaconing - Ĉbeacon,i

Ĉbeacon,i = [ΛRB × Malive × Hregion] + [ΛLB × Malive × Hleader,i]
 ΛRB
is overall beacon rate in the system by all members
at the intra-regional level
 ΛLB
is overall beacon rate in the system by all leaders
at the inter-regional level
 Obtained
my multiplying beaconing intervals (TRB, TLB)
by the number of members and leaders, respectively
Region-based key agreement protocol:
An example
GDH.3
- fixed size messages
- constant number of exponentiation operations by each participant
- ideally suited for mobile devices with low computational capabilities
Parameterizing intra-regional communication cost based on GDH.3
Consider a region:
Each participant shares a common base α and keeps its secret share Ni.
Parameterizing intra-regional communication cost based on GDH.3
Stage 1: Upflow: Collect contributions from M1 to Mm-1
intra
members
Contribution to C rekey : 1 * v ( N region
–2)
Parameterizing intra-regional communication cost based on GDH.3
Stage 2: Broadcast from Mm-1
intra
Contribution to C rekey : H region * v
Parameterizing intra-regional communication cost based on GDH.3
Stage 3: Unicasts from Mi
intra
members
Contribution to C rekey : Hregion * v ( Nregion
–1)
Parameterizing intra-regional communication cost based on GDH.3
Stage 4: Broadcast from Mm
intra
members
Contribution to C rekey : Hregion * v ( Nregion
–1)
GDH: New member join scenario
M m+1 joins the group.
Stage 1: Unicast from Mm+1
Stage 2: Broadcast from Mm
In the event of a member leaving, only the above stage is executed.
If Mm leaves, Mm-1 distributes the subkeys.
Parameterizing inter-regional communication cost based on GDH.3
Stages are the same as in the regional case.
Assuming i groups, for any of the i groups, we have:
Stage 1:unicast
Contribution to C
inter
rekey,i
stage1(GDH)
: Hleader
Stage 2: broadcast
inter
Contribution to C rekey,i : Hleader,i
* v ( Nregion,i
–2)
* v
Stage 3: unicast
stage3(GDH)
inter
Contribution to C rekey,i : Hleader,i
* v
Stage 4: broadcast
inter
Contribution to C rekey,i : Hleader,i * v ( Nregion,i
–1)
Where..
Hleader,i
stage1(GDH)
Hleader
=
r/ (R√i )
=
2s / R
stage3(GDH)
Hleader,i
=
Parameterizing the per-group merging/partitioning rates at state i.
A simulation of the model is run.
Number of merging and partitioning events during time T are collected.
Si - Sojourn time that the system is in state i.
Nnm,i – number of merging events when there are i groups
Nnp,i – number of merging events when there are i groups
Merging rate:
μnm,i = Nnm,i / Si
Partitioning rate:
λnm,i = Nnp,i / Si
Simulation results – Group merging rate
Simulation results – Group partitioning rate
NUMERICAL ANALYSIS
Overall cost (Cˆtotal) vs. number of regions (Nregion) as a function of mobility rate (σ)
Overall cost (Ctotal) in no region vs. in 37 regions as a function of mobility rate (σ)
Breakdown of Cˆmobility,Cˆjoin/leave,Cˆbeacon, and Cˆmp vs. number of regions (Nregion).
Cˆmobility,Cˆjoin/leave,Cˆbeacon, and Cˆmp under no region vs. under optimal region size.
Overall cost (Cˆtotal) vs. number of regions (Nregion) as a function of node density ( λp).
Overall cost (Cˆtotal) under no region vs. under optimal region size as a function of node density ( λp)
Overall cost (Cˆtotal) vs. number of regions Nregion as a function of λ :μ
λ:μ – Group join/ Group leave
Overall cost (Cˆtotal) under no region vs. under optimal region size as a function of λ :μ
λ :μ – Group join/ Group leave
SIMULATION USING SMPL
SIMULATION USING SMPL
Node lifecycle events: GROUP JOIN, GROUP LEAVE, BEACON, MOBILITY
GROUP MERGE, GROUP PARTITION
Mobility is modeled by Random Waypoint Mobility (RWM)
S(σ) = 2r / expntl(1/σ)
r – MANET area radius,
expntl(1/σ) -random distribution with mean σ.
GROUP JOIN and GROUP LEAVE are assumed to be markovian with rates
λ and μ respectively. BEACONs are periodic
Batch Mean Analysis is used with 10 batches; each batch having 200,000
observations.
Results are obtained with 95% confidence and 10% accuracy level from
the true mean. Also, the first 200 values of the first batch are discarded.
SIMULATION RESULT:
Overall cost (Cˆtotal) vs. number of regions (Nregion) as a function of node density ( λp).
SIMULATION vs ANALYSIS
Curves bear a very close resemblance
The slight difference is due to using RWM for mobility rates in simulation.
Also, the analysis uses mathematical equations while the simulation keeps
track of each node's location to calculate the hops.
SUMMARY
A scalable and efficient region-based secure group key management protocol
to support secure group communications in MANETs.
Reduces network communication costs, but also provides robust security properties.
The optimal region size minimises overall network traffic and is a trade-off between
intra and inter regional overheads
Its also dependent on system parameters like node density, mobility rate and the
group join and leave rates.
FUTURE WORK
Consider energy consumption issues
Consider insider attacks and intrusion detection
Questions or Comments?