article

JET: dynamic join-exit-tree amortization and scheduling for contributory key management

Authors:

K. J. R. LiuAuthors Info & Claims

IEEE/ACM Transactions on Networking (TON), Volume 14, Issue 5

Pages 1128 - 1140

https://doi.org/10.1109/TNET.2006.882851

Published: 01 October 2006 Publication History

Abstract

In secure group communications, the time cost associated with key updates in the events of member join and departure is an important aspect of quality of service, especially in large groups with highly dynamic membership. To achieve better time efficiency, we propose a join-exit-tree (JET) key management framework. First, a special key tree topology with join and exit subtrees is introduced to handle key updates for dynamic membership. Then, optimization techniques are employed to determine the capacities of join and exit subtrees for achieving the best time efficiency, and algorithms are designed to dynamically update the join and exit trees. We show that, on average, the asymptotic time cost for each member join/departure event is reduced to O(log (log n)) from the previous cost of O(log n), where n is the group size. Our experimental results based on simulated user activities as well as the real MBone data demonstrate that the proposed JET scheme can significantly improve the time efficiency, while maintaining low communication and computation cost, of tree-based contributory key management.

References

[1]

{1} M. J. Moyer, J. R. Rao, and P. Rohatgi, "A survey of security issues in multicast communications," IEEE Network, vol. 13, no. 6, pp. 12-23, Nov./Dec. 1999.

[2]

{2} S. Paul, Multicast on the Internet and its Applications. Boston, MA: Kluwer, 1998.

[3]

{3} L. Eschenauer and V. D. Gligor, "A key-management scheme for distributed sensor networks," in Proc. 9th ACM Conf. Computer and Communications Security, 2002, pp. 41-47.

[4]

{4} P. Judge and M. Ammar, "Gothic: A group access control architecture for secure multicast and anycast," in Proc. IEEE INFOCOM, 2002, pp. 1547-1556.

[5]

{5} R. Canetti, J. Garay, G. Itkis, D. Micciancio, M. Naor, and B. Pinkas, "Multicast security: A taxonomy and some efficient constructions," in Proc. IEEE INFOCOM, 1999, pp. 708-716.

[6]

{6} C. K. Wong, M. Gouda, and S. S. Lam, "Secure group communications using key graphs," IEEE/ACM Trans. Netw., vol. 8, no. 1, pp. 16-30, Feb. 2000.

[7]

{7} A. Perrig, D. Song, and J. D. Tygar, "ELK, a new protocol for efficient large-group key distribution," in Proc. IEEE Symp. Security Privacy, 2001, pp. 247-262.

[8]

{8} H. Harney and C. Muckenhirn, "Group Key Management Protocol (GKMP) Specification," RFC 2093, 1997.

[9]

{9} D. Wallner, E. Harder, and R. Agee, "Key management for multicast: Issues and architecture," Internet Draft, 1997 {Online}. Available: draft-wallner-key-arch-00.txt

[10]

{10} I. Chang, R. Engel, D. Kandlur, D. Pendarakis, and D. Saha, "Key management for secure Internet multicast using Boolean function minimization techniques," in Proc. IEEE INFOCOM, 1999, vol. 2, pp. 689-698.

[11]

{11} M. Steiner, G. Tsudik, and M. Waidner, "CLIQUES: A new approach to group key agreement," in Proc. 18th Int. Conf. Distributed Computing Systems, 1998, pp. 380-387.

[12]

{12} Y. Kim, A. Perrig, and G. Tsudik, "Simple and fault-tolerant key agreement for dynamic collaborative groups," in Proc. 7th ACM Conf. Computer and Communications Security, 2000, pp. 235-244.

[13]

{13} L. R. Dondeti and S. Mukherjee, "DISEC: A distributed framework for scalable secure many-to-many communication," in Proc. 5th IEEE Symp. Computer and Communications Security, 2000, pp. 693-698.

[14]

{14} S. E. Eldridge and C. D. Walter, "Hardware implementation of Montgomery's modular multiplication algorithm," IEEE Trans. Comput., vol. 42, pp. 693-699, Jun. 1993.

[15]

{15} H. Harney and C. Muckenhirn, "Group Key Management Protocol (GKMP) Architecture," RFC 2094, 1997.

[16]

{16} Y. Sun, W. Trappe, and K. J. R. Liu, "A scalable multicast key management scheme for heterogeneous wireless networks," IEEE/ACM Trans. Netw., vol. 12, no. 4, pp. 653-666, Aug. 2004.

[17]

{17} R. Molva and A. Pannetrat, "Scalable multicast security in dynamic groups," in Proc. 6th ACM Conf. Computer and Communications Security , 1999, pp. 101-112.

[18]

{18} S. Mittra, "Iolus: A framework for scalable secure multicasting," in Proc. ACM SIGCOMM, 1997, pp. 277-288.

[19]

{19} S. Banerjee and B. Bhattacharjee, "Scalable secure group communication over IP multicast," IEEE J. Sel. Areas Commun., vol. 20, no. 10, pp. 1511-1527, Oct. 2002.

[20]

{20} M. Waldvogel, G. Caronni, D. Sun, N. Weiler, and B. Plattner, "The VersayKey framework: Versatile group key management," IEEE J. Sel. Areas Commun., vol. 17, no. 9, pp. 1614-1631, Sep. 1999.

[21]

{21} W. Trappe, Y. Wang, and K. J. R. Liu, "Resource-aware conference key establishment for heterogeneous networks," IEEE/ACM Trans. Netw., vol. 13, no. 2, pp. 134-146, Feb. 2005.

[22]

{22} B. Sun, W. Trappe, Y. Sun, and K. J. R. Liu, "A time-efficient contributory key agreeement scheme for secure group communications," in Proc. IEEE Int. Conf. Communications, 2002, pp. 1159-1163.

[23]

{23} S. Zhu, S. Setia, and S. Jajodia, "Performance optimizations for group key management schemes," in Proc. 23rd Int. Conf. Distributed Computing Systems, 2003, pp. 163-171.

[24]

{24} Y. Mao, Y. Sun, M. Wu, and K. J. R. Liu, "Dynamic join-exit amortization and scheduling for time-efficient group key agreement," in Proc. IEEE INFOCOM, 2004, vol. 4, pp. 2617-2627.

[25]

{25} I. Ingemarsson, D. T. Tang, and C. K. Wong, "A conference key distribution system," IEEE Trans. Inf. Theory, vol. IT-28, no. 5, pp. 714-720, Sep. 1982.

[26]

{26} M. Steiner, G. Tsudik, and M. Waidner, "Diffie-Hellman key distribution extended to group communication," in Proc. 3rd ACM Conf. Computer and Communications Security, 1996, pp. 31-37.

[27]

{27} K. Becker and U. Wille, "Communication complexity of group key distribution," in Proc. 5th ACM Conf. Computer and Communications Security, 1998, pp. 1-6.

[28]

{28} M. Burmester and Y. Desmedt, "A secure and efficient conference key distribution system," in Proc. EUROCRYPT, 1994, vol. 950, LCNS, pp. 275-286.

[29]

{29} W. Diffie and M. Hellman, "New directions in cryptography," IEEE Trans. Inf. Theory, vol. IT-22, no. 6, pp. 644-654, Nov. 1976.

[30]

{30} J. L. Hennessy and D. A. Patterson, Computer Architecture: A Quantitative Approach, 2nd ed. San Mateo, CA: Morgan Kaufmann, 1996.

[31]

{31} T. H. Corman, C. E. Leiserson, and R. L. Rivest, Introduction to Algorithms, 2nd ed. Cambridge, MA: MIT Press/McGraw-Hill, 2001.

[32]

{32} MBone User Activity Data Mar. 2003 {Online}. Available: ftp://ftp.cc. gatech.edu/people/kevin/release-data

[33]

{33} K. C. Almeroth and M. H. Ammar, "Multicast group behavior in the Internet's multicast backbone (MBone)," IEEE Commun. Mag., vol. 35, no. 6, pp. 124-129, Jun. 1997.

[34]

{34} K. C. Almeroth, "A long-term analysis of growth and usage patterns in the multicast backbone (MBone)," in Proc. IEEE INFOCOM, Mar. 2000, vol. 2, pp. 824-833.

Cited By

Parthasarathi PShankar S(2021)Weighted Ternary Tree Approach for Secure Group Communication Among Mobile ApplicationsWireless Personal Communications: An International Journal10.1007/s11277-020-07049-z117:4(2809-2829)Online publication date: 1-Apr-2021
https://dl.acm.org/doi/10.1007/s11277-020-07049-z
Sayeekumar MKarthik GPuhazholi S(2019)RETRACTED ARTICLE: Hybrid intelligence system using fuzzy inference in cluster architecture for secured group communicationSoft Computing - A Fusion of Foundations, Methodologies and Applications10.1007/s00500-019-03817-723:8(2727-2734)Online publication date: 1-Apr-2019
https://dl.acm.org/doi/10.1007/s00500-019-03817-7
Vijayakumar PAzees MChang VDeborah JBalusamy B(2017)Computationally efficient privacy preserving authentication and key distribution techniques for vehicular ad hoc networksCluster Computing10.1007/s10586-017-0848-x20:3(2439-2450)Online publication date: 1-Sep-2017
https://dl.acm.org/doi/10.1007/s10586-017-0848-x
Show More Cited By

Index Terms

JET: dynamic join-exit-tree amortization and scheduling for contributory key management
1. Networks
  1. Network services
    1. Network management
2. Security and privacy
  1. Cryptography
    1. Public key (asymmetric) techniques
      1. Public key encryption

Recommendations

Huffman-based join-exit-tree scheme for contributory key management

Time efficiency in key establishment and rekeying is one of the major problems contributory key management schemes strive to address. Some schemes have been put forward to improve time efficiencies of key establishment and key update, yet they did not ...
Efficient and accurate identification of missing tags for large-scale dynamic RFID systems
Abstract
The future real-world applications is bound up with Radio frequency identification (RFID) technology as it develops dramatically fast, especially in the field of warehouse management and inventory control, etc. In such applications, identifying ...
A Dynamic Tree Topology-based Method for Secure Transmission of Ciphertext Data in the Cloud for the Internet of Things for Electric Power
AITC '24: Proceedings of the 2024 International Conference on Artificial Intelligence of Things and Computing

Due to the lack of rationality of channel resource allocation in the transmission phase, the effect of transmission has certain limitations, therefore, a study on the secure transmission of ciphertext data in the cloud of power Internet of Things (IoT) ...

Comments

Information & Contributors

Information

Published In

cover image IEEE/ACM Transactions on Networking

IEEE/ACM Transactions on Networking Volume 14, Issue 5

October 2006

226 pages

ISSN:1063-6692

Issue’s Table of Contents

Publisher

IEEE Press

Publication History

Published: 01 October 2006

Published in TON Volume 14, Issue 5

Author Tags

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

15
Total Citations
View Citations
303
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 07 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

Parthasarathi PShankar S(2021)Weighted Ternary Tree Approach for Secure Group Communication Among Mobile ApplicationsWireless Personal Communications: An International Journal10.1007/s11277-020-07049-z117:4(2809-2829)Online publication date: 1-Apr-2021
https://dl.acm.org/doi/10.1007/s11277-020-07049-z
Sayeekumar MKarthik GPuhazholi S(2019)RETRACTED ARTICLE: Hybrid intelligence system using fuzzy inference in cluster architecture for secured group communicationSoft Computing - A Fusion of Foundations, Methodologies and Applications10.1007/s00500-019-03817-723:8(2727-2734)Online publication date: 1-Apr-2019
https://dl.acm.org/doi/10.1007/s00500-019-03817-7
Vijayakumar PAzees MChang VDeborah JBalusamy B(2017)Computationally efficient privacy preserving authentication and key distribution techniques for vehicular ad hoc networksCluster Computing10.1007/s10586-017-0848-x20:3(2439-2450)Online publication date: 1-Sep-2017
https://dl.acm.org/doi/10.1007/s10586-017-0848-x
Wu QQin BZhang LDomingo-Ferrer JFarras OManjon J(2016)Contributory Broadcast Encryption with Efficient Encryption and Short CiphertextsIEEE Transactions on Computers10.1109/TC.2015.241966265:2(466-479)Online publication date: 1-Feb-2016
https://dl.acm.org/doi/10.1109/TC.2015.2419662
Qin BWang LWang YWu QShi WLiang B(2016)Versatile lightweight key distribution for big data privacy in vehicular ad hoc networksConcurrency and Computation: Practice & Experience10.1002/cpe.357728:10(2920-2939)Online publication date: 1-Jul-2016
https://dl.acm.org/doi/10.1002/cpe.3577
He SWu QQin BLiu JLi Y(2016)Efficient group key management for secure big data in predictable large-scale networksConcurrency and Computation: Practice & Experience10.1002/cpe.357428:4(1174-1192)Online publication date: 25-Mar-2016
https://dl.acm.org/doi/10.1002/cpe.3574
Wu QQin BZhang LDomingo-Ferrer JManjón J(2013)Fast transmission to remote cooperative groupsIEEE/ACM Transactions on Networking10.1109/TNET.2012.220820121:2(621-633)Online publication date: 1-Apr-2013
https://dl.acm.org/doi/10.1109/TNET.2012.2208201
Wu QQin BZhang LDomingo-Ferrer JFarràs O(2011)Bridging broadcast encryption and group key agreementProceedings of the 17th international conference on The Theory and Application of Cryptology and Information Security10.1007/978-3-642-25385-0_8(143-160)Online publication date: 4-Dec-2011
https://dl.acm.org/doi/10.1007/978-3-642-25385-0_8
Ji YSeo S(2010)Optimizing the batch mode of group rekeyingProceedings of the 29th conference on Information communications10.5555/1833515.1833767(1846-1854)Online publication date: 14-Mar-2010
https://dl.acm.org/doi/10.5555/1833515.1833767
Ji YSeo S(2009)DAKSProceedings of the 28th IEEE conference on Global telecommunications10.5555/1811681.1811756(2266-2271)Online publication date: 30-Nov-2009
https://dl.acm.org/doi/10.5555/1811681.1811756
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Issue’s Table of Contents