GROUP KEY SCHEMES FOR SECURITY IN MOBILE AD HOC NETWORKS

Li, Depeng

06 April 2010

In dynamic peer group communications, security has been in high demand by many applications in recent years. One of the more popular mechanisms to satisfy these security requirements is the group key scheme in which the group key is to be shared by each group communication participant. However, how to establish and manage the group key efficiently in order to protect such communications imposes new challenges - especially when such schemes are to be deployed on resource-limited networks such as Mobile Ad hoc Networks (MANETs). The basic needs of such network settings require that the group key schemes must demonstrate not only high performance but also fault-tolerance. Furthermore, to encrypt group communication messages efficiently is essential. Therefore, it is anticipated that the contributions of this thesis will address the development of lightweight and high performance key management protocols for group communications while guaranteeing the same level of security as other approaches. These contributions are listed below: First, two efficient individual rekey schemes, in which most group members process one-way hash functions and other members perform Diffie-Hellman operations, are proposed to obtain performance efficiency. Second, a periodic batch rekey scheme is proposed to handle the out-of-sync problem resulting from individual rekeying schemes in cases where there is a high rate of group member requests for joining/leaving. Third, scalable maximum matching algorithms (M2) are designed to incorporate a tree-based group key generation scheme to forward the partial keys to other group members. Fourth, a hybrid group key management architecture is proposed as well to combine the advantages of centralized and contributory group key schemes. Fifth, a Fast Encryption Algorithm for Multimedia (FEA-M) is enhanced to overcome the vulnerabilities of its original solution and its former improved variant. Performance analyses and experimental results indicate that the proposed approaches reduce computational costs and communication overhead as compared to other popular protocols.

contributory group communication

group key agreement

applied cryptography

wireless network communication

security technology

Protocols and algorithms for secure Software Defined Network on Chip (SDNoC)

Ellinidou, Soultana

16 February 2021

Under the umbrella of Internet of Things (IoT) and Internet of Everything (IoE), new applications with diverse requirements have emerged and the traditional System-on-Chips (SoCs) were unable to support them. Hence, new versatile SoC architectures were designed, like chiplets and Cloud-of-Chips (CoC). A key component of every SoC, is the on-chip interconnect technology, which is responsible for the communication between Processing Elements (PEs) of a system. Network-on-Chip (NoC) is the current widely used interconnect technology, which is a layered, scalable approach. However, the last years the high structural complexity together with the functional diversity and the challenges (QoS, high latency, security) of NoC motivated the researchers to explore alternatives of it. One NoC alternative that recently gained attention is the Software Defined Network-on-Chip (SDNoC). SDNoC originated from Software Defined Network (SDN) technology, which supports the dynamic nature of future networks and applications, while lowering operating costs through simplified hardware and software. Nevertheless, SDN technology designed for large scale networks. Thus, in order to be ported to micro-scale networks proper alterations and new hardware architectures need to be considered.In this thesis, an exploration of how to embed the SDN technology within the micro scale networks in order to provide secure and manageable communication, improve the network performance and reduce the hardware complexity is presented. Precisely, the design and implementation of an SDNoC architecture is thoroughly described followed by the creation and evaluation of a novel SDNoC communication protocol, called MicroLET, in order to provide secure and efficient communication within system components. Furthermore, the security aspect of SDNoC constitutes a big gap in the literature. Hence, it has been addressed by proposing a secure SDNoC Group Key Agreement (GKA) communication protocol, called SSPSoC, followed by the exploration of Byzantine faults within SDNoC and the investigation of a novel Hardware Trojan (HT) attack together with a proposed detection and defend method. / Doctorat en Sciences de l'ingénieur et technologie / info:eu-repo/semantics/nonPublished

Sciences de l'ingénieur

Software Defined Network-on-Chip

routing algorithms

NoC

Hardware Trojan

Byzantine Faults

Group Key Agreement

On Secure Administrators for Group Messaging Protocols

Balbas Gutierrez, David

January 2021

In the smartphone era, instant messaging is fully embedded in our daily life. Messaging protocols must preserve the confidentiality and authenticity of sent messages both in two-party conversations and in group chats, in which the list of group members may suffer modifications over time. Hence, a precise characterization of their security is required. In this thesis, we analyze the cryptographic properties that are desirable in secure messaging protocols, particularly in asynchronous group key agreement protocols. Our main contribution is a study of the administration of a messaging group, which is a common scenario in which a subset of the group members (the administrators) are the only users allowed to modify the group structure by adding and removing group members. As we discuss, enabling secure group administration mechanisms can enhance the security of messaging protocols. For this purpose, we introduce a new primitive which extends the continuous group key agreement (CGKA) primitive to capture secure administration, which we denote by administrated CGKA (A-CGKA). The definition is followed by a correctness notion and an informal security description. We present two constructions of our A-CGKA that can be built on top of any CGKA: individual admin signatures (IAS), and dynamic group signature (DGS), both constructed using signature schemes. Furthermore, we provide a detailed overview of secure group messaging in which we discuss group evolution, efficiency, concurrency, and different adversarial models. We introduce a novel CGKA correctness definition (in the so-called propose-and-commit paradigm), followed by a security game that incorporates the correctness properties. We also survey some variants of the TreeKEM protocol and compare their security. / I de smarta telefonernas tid är direktmeddelanden en självklar del av vår vardag. Meddelandeprotokoll måste upprätthålla konfidentialitet och autenticitet för skickade meddelanden både i tvåpartskonversationer samt i gruppchatter vars medlemslistor kan förändras över tid. Därför krävs en precis karaktärisering av deras säkerhet. I detta arbete analyserar vi de kryptografiska egenskaper som är önskvärda i meddelandeprotokoll med fokus på asynkrona gruppnyckelavtalsprotokoll (group key agreement protocols). Arbetets huvudsakliga bidrag till området är en studie av administrationen av en meddelandegrupp. Detta är ett vanligt förekommande scenario där endast en delmängd av gruppmedlemmarna (administratörerna) tillåts modifiera gruppens struktur genom att lägga till och ta bort medlemmar. Som diskuteras i arbetet kan användandet av säkra gruppadministrationsmekanismer (group administration mechanisms) förbättra säkerheten för meddelandeprotokoll. I detta syfte introducerar vi en ny kryptografisk primitiv vilken uttökar den s.k. “continuous group key agreement”-primitiven (CGKA) till att även innefatta säker administration. Denna primitiv kallar vi administrated CGKA (A-CGKA), vars definition följs av en korrekthetsdefinition och en informell säkerhetsbeskrivning. Vi presenterar två konstruktioner av A-CGKA som kan byggas ovanpå vilken CGKA som helst: individual admin signatures (IAS) och dynamic group signature (DGS), som båda konstrueras via signaturscheman. Utöver detta ger vi även en detaljerad överblick över säkra gruppmeddelanden i vilken vi diskuterar gruppevolution, effektivitet, samtidighet och olika fientliga modeller. Vi introducerar en ny definition av korrekthet för CGKA (vilket följer paradigmen propose-and-commit) följt av ett s.k. “security game” som inkorporerar korrekthetsegenskaperna. Vi undersöker även varianter av TreeKEM-protokollet och jämför deras säkerhet.

Computer Sciences

Datavetenskap (datalogi)