slide 1 comparison of inter-area rekeying algorithms for secure mobile group communication c....

slide 1

Comparison of Inter-Area Rekeying Comparison of Inter-Area Rekeying Algorithms for Secure Mobile Group Algorithms for Secure Mobile Group

CommunicationCommunication

C. Zhang*, B. DeCleene+, J. Kurose*, D. Towsley*

* Dept. Computer Science University of Massachusetts/Amherst Amherst MA USA

+ ALPHATECH Burlington MA USA

Performance 2002 in Rome

slide 2

Overview

introduction: hierarchical key management in a mobile environment

four key management algorithmsperformance modelsresultssummary

slide 3

Scenario: many mobile nodes requiring encrypted communication symmetric data key used for encryption rekey when member joins domain (backward confidentiality) rekey when member leaves domain (forward confidentiality)

Scalable, Secure Group Management

Q: How to perform scalable rekeying given mobility?

DKD

… …

AKD 1 AKD 3 AKD 7 AKD 8

slide 4

AKD 1 AKD 3 AKD 7 AKD 8

Efficient, scalable, secure group management

Hierarchical key distribution: domain divided into areas area key distributor (AKD) distributes data key within area per-area key to encrypt rekeying within area exploit multicast communication within area

DKD

… …

transferleavejoin

Q: key management given mobility in/out/among areas

slide 5

Overview

introduction: hierarchical key distribution in a mobile environment

four key management algorithmsperformance modelsresultssummary and future work

slide 6

SR: Static Rekeying

inter-AS communication during rekeying: inter-AS multicast

AKD AKD

Static (SR)

node always belongs to same area

move

data key

AS 1 AS 2

performance degradation: multiple data keys sent to an AS ( …)

slide 7

BR: Baseline Rekeying

Baseline Rekeying (BR) AS = area move between ASs = transition between areas

AKD AKD

join

transfer

leave

data key

AS 2AS 1

inter-area-transfer implemented as domain leave/join domain leave: area key rekey, data key rekey domain join : area key rekey, data key rekey

slide 8

IR: Immediate Rekeying

Immediate Rekeying (IR) no data key rekeying during transition area keys ( ) are rekeyed

credentials passed between AKDs to implement transfer of security relationship

AKD AKD data key

AS 2AS 1

join

transfer

leave

slide 9

FEDRP: First Entry Delayed Rekey (Periodic)

First Entry Delayed Rekey (FEDRP)area key rekeyed only on first entry to area and domain

leave holding the area key

AKD AKDdata key

AS 2AS 1

transfer

periodic rekey (optional): bound outside member area key holding time

no area key rekey for visit other than 1st time

no area key rekeying when transferring outmobile holds area keys while moving within domain

slide 10

Overview

introduction: hierarchical key distribution in a mobile environment

four key management algorithmsperformance modelsresultssummary and future work

slide 11

Analysis Overview

Performance metrics:communication:

key-related msg rate within AS i

key-related msg rate out of AS i

computation: area key rekey rate

security: #(area keys) held by area member

Modeling approach:

M areas Poisson arrivals () of

new members to domain exponential sojourn

time within AS inter-AS member

mobility: Markov process

slide 12

Analysis Details model each AS as M/M/∞ queue

1/i (i {1,…,M}) : average sojourn time in AS i per visit

state i (i {1,…,M}) : inside domain, in AS i state M+1: outside domain

P = [pi,j] (i,j {1,…,M+1}) : state transition probability

= [i ] (i {1,…,M}) : area key periodic rekey interval (FEDRP)

compute occupancy probabilities for AS i

achieve performance metric of interest

slide 13

Analysis Summary:

SR, BR, IRclosed form solutions

FEDRPfurther assumptions needed: (domain leave

and period rekey) area rekeying is Poissonsolved as a fixed point problem

validated by DaSSF simulator

slide 14

Overview

introduction: hierarchical key distribution in a mobile environment

four key management algorithmsperformance modelsresultssummary

slide 15

100

1000

10000

100000

1 10 100 1000

avg #ASs visited per member

msg

ra

te w

ith

in A

S i

SRBRIRFEDRP 1/δ=0FEDRP 1/δ=100FEDRP 1/δ=1000

Message Rate within an AS

FEDRP(1/δ=0): smallest msg rate, except with high mobility

M=16, =100, 1/ = 1, HOMOGEMEOUS

10m

100m

1kmFoot Urban HWY

Foot Urban HWY

Foot Urban

slide 16

Message Rate out of an AS

SR: higher inter-AS communication

0

50

100

150

200

250

1 10 100

avg #ASs visited per member

msg

ra

te o

ut

of

AS i

SR

FEDRP

slide 17

Area Key Rekey Rate

FEDRP: rekey rate bounded by 2+1/i

1

10

100

1000

10000

1 10 100 1000

avg #ASs visited per member

area

key

rek

ey r

ate

of a

rea

i

SR BR,IRFEDRP 1/δ=0 FEDRP 1/δ=100FEDRP 1/δ=1000

1200=2*100+1000

300=2*100+100

200=2*100+0

slide 18

Average #Area Keys held by a member

FEDRP: # area keys held small except with high mobility

1

1.5

2

2.5

3

3.5

4

1 10 100

avg #ASs visited per member

av

g #

are

a k

eys

hel

d b

y a

mem

ber

FEDRP 1/δ=0

FEDRP 1/δ=100

FEDRP 1/δ=1000

slide 19

10

100

1000

10000

1 10 100

avg #ASs visited per member

area

rek

ey r

ate

of a

rea

i

IR AIR BIR CFEDRP 1/δ=0 AFEDRP 1/δ=0 BFEDRP 1/δ=0 C

• same trend as homogeneous case• small difference among areas

Heterogeneous Case : 2D Random Walk

thus far: “transporter” mobility model - member can move directly from any AS to any other AS

2D random walk: only move to neighboring AS

IR

FEDRP

A B

B C

B A

C B

B C

A B

C B

B A

slide 20

Summary

performance analysis of four inter-area rekey algorithms addressing the mobility issue

analytic performance models modeling heterogeneous mobility such as “2D random walk” FEDRP has lowest communication costs, and low

computation costs FEDRP allows to hold small number of area keys SR performs better in highly mobile scenarios

cost: higher inter-AS communication

slide 21

Thanks

slide 22

Applications

large scale military

law enforcement

disaster recovery

business

slide 23

Future Work

data throughput

impact of loss and latency

authentication overhead

effect of LKH

slide 24

Thanks