• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.3
• /
• pp.101-110
• /
• 2003

Secure and reliable group communication is an increasingly active research area prompted by the growing popularity of many types of group-oriented and collaborative applications. The central challenge is secure and efficient group key management. While centralized methods are often appropriate for key distribution in large multicast-style groups, many collaborative group settings require distributed key agreement techniques. Most of prior group key agreement protocols have been focused on reducing the computational costs. One exception is STR protocol that optimizes communicational cost. On the other hand, it requires O(n) number of modular exponentiations. In this paper, we propose a new group key agreement protocol that modifies STR protocol by utilizing pairing based cryptography. The resulting protocol reduces computational cost of STR protocol while preserving the communication cost.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2002.11b
• /
• pp.841-844
• /
• 2002

이 논문에서는 동적이고 규모가 큰 그룹에 대해서 한명의 그룹 관리자가 존재하면서, 특별히 새로운 그룹키가 갱신될 때마다 새로운 정보를 받기 힘든 구성원, 즉 스테이트리스 리시버(stateless receiver)에게 적합한 방법을 제안한다. 이 방법은 구성원에게 각각 한 개씩 주어지는 개인키를 전송하는 메시지를 제외한 다른 모든 메시지들에는 암호화 과정이 요구되지 않는다. 즉, 갱신된 그룹키를 공유하기 위해 필요한 계산은 단지 O($log_2$n) 번의 해쉬함수 계산과 배타적 논리합(XOR)을 수행하는 것이며, 그룹키를 갱신하기 위해 필요한 정보는 암호화될 필요없는 멀티캐스트 메시지와 그룹에 추가될 때 그룹 관리자로부터 받은 초기값이다. 또한 제안하는 방법은 새롭게 추가된 사람이 이전의 그룹키에 대한 어떠한 정보도 알 수 없으며(후방보호 : Backward Secrecy), 삭제되는 사람 역시 이후의 새로운 그룹키에 대한 정보를 알 수 없다(전방보호 : Forward Secrecy). 또한 제안된 방법에 게시판이 이용된다면, 각 그룹의 구성원은 어떠한 멀티캐스트 메시지없이 단지 자신의 초기 개인키만으로 필요한 모든 노드키들을 계산할 수 있다.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.12 no.1
• /
• pp.436-444
• /
• 2011

As practical use degree of multicasting increase, security for multicast is recognized as an important issue. Previous research in the area of secure multicast has mainly focused on group key management. The most important thing about the security of multicast is that only authorized members of this group will be able to access the data. The member of access to multicast communication is to use cryptography with a common shared session encryption key. We propose decentralized group key management based on agent for dynamic multicast with large groups and frequent joins or leaves in this paper. Whole group divide to several subgroup using agent technology and each agent manage members of each subgroup. Also, when rekeying updates that using one-way hash function can prevent the key exposure, and reduce the key distribution delay.

• The KIPS Transactions:PartC
• /
• v.11C no.4
• /
• pp.409-418
• /
• 2004

Multicast services are provided on the Internet in fast increasing . Therefore it is important to keep security for multicast communication. Member leaving is deeply associated with scalability problem for group key management. If one member of the group is removed, new group key has to be generated and distributed to all remaining members of group. Minimizing the number of messages and operation cost for generation of the composite keys are important evaluating criteria of multicast key management scheme since generation and distribution of new keys for rekeying require expensive operation. Batch removal can reduce these important parameters rather than removing members sequentially In fashion one after another. In this paper, Hamming distance is calculated between eve교 members to be removed. The members with Hamming distance less than threshold are selected for rekeying procedure. With running the round assignment algorithm In the case of removing several members simultaneously, our model has advantages of reducing the number of message and operation cost for generation of the composite keys and eliminating possibility of collusion attack for rekeying.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2000.04a
• /
• pp.711-714
• /
• 2000

본 논문에서는, 기존의 멀티캐스트 그룹 키 관리 기법들을 고찰하여 멀티캐스트의 보안성의 필수 요건들을 살펴보고, 이를 기준으로, 안전한 IP 멀티캐스트 구조의 구성 요소들과 단방향 함수를 사용하는 상향식 키 트리를 결합한 안전한 인터넷 멀티캐스트 그룹키 관리 기법을 제안한다. 기존 IPSEC 인터넷 프로토콜의 표준안을 그대로 따르면서 그룹 인증 및 회원 개인 인증이 가능하며, 그룹 구성의 유동성에 대해 확장성이 보장되고, 효율적인 키 재구성 비용과 전방(forward) 및 후방(backward) 보안성이 지원되는 것이 특징이다. 그리고, 새로운 인터넷 멀티캐스트 기법의 성능을 분석하고, 다른 멀티캐스트 기법들과 성능상의 차이점을 비교해 본다.

• Journal of the Korea Computer Industry Society
• /
• v.3 no.9
• /
• pp.1235-1244
• /
• 2002

This paper proposes a group key management protocol for a secure of all the multicast user in PIM-SM multicast group communication. With prosed architect, subgroups for multicast secure group management will be divided by RP (Rendezvous-Point) unit and each RP has a subgroup manager. Each subgroup manager gives a secure key to it's own transmitter md the transmitter compress the data with it's own secure key from the subgroup manager. Before the transmitter send the data to receiver, the transmitter prepare to encrypt a user's service by sending a encryption key to the receiver though the secure channel, after choking the user's validity through the secure channel. As the transmitter sending a data after then, the architecture is designed that the receiver will decode the received data with the transmitter's group key. As a result, the transmitting time is shortened because there is no need to data translation by group key on data sending and the data transmition is possible without new key distribution at path change to SPT (Shortest Path Tree) of the router characteristic. Additionally, the whole architecture size is samller than the other multicast secure architecture by using the conventional PIM-SIM routing structure without any additional equipment.

• Journal of KIISE:Information Networking
• /
• v.34 no.4
• /
• pp.296-304
• /
• 2007

This paper deals with essentially secure group management and key transfer methods in a wireless sensor network environment. To provide an efficient security service to a widespread network with a large number of sensor nodes, the network has to be made up by several security groups, and Group Key distribution and group management are needed. In this paper we propose a mechanism for efficiently constructing and managing a security node by constructing a group using an algorithm to construct a logical group. Previous Group Key Transport method has special condition. When Base Station transports Group Key, all sensor nodes must share Secret Key with Base Station before it is intended to be deployed. Hence, we also propose a Key transport mechanism without sharing Secret Key between Base Station and sensor node.

• Journal of Korea Multimedia Society
• /
• v.12 no.4
• /
• pp.540-549
• /
• 2009

An arbitrary mobile device configures Ad-hoc network to provide the transmission of a data and services using wireless communications. A mobile device requires authentication and encryption key management to securely communicate in the Ad-hoc network. This paper examines the trend of the authentication in the Ad-hoc network and the group key management and suggests the plan for ID-based mutual authentication and group key establishment. ID-based mutual authentication in proposed scheme uses zero knowledge in the absence of shared information and is applied to establish a session key and group key. In addition, the proposed scheme is applied to Ad-hoc network to increase the efficiency and the safety of security technology.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2006.05a
• /
• pp.983-986
• /
• 2006

Self-healing 키 분배 방법은 불안정한 채널에서 규모가 크고 동적인 그룹에 적합하다. 제한된 전력과 컴퓨팅 능력을 가진 다수의 노드들을 기반으로 하는 센서네트워크 환경에서 self-healing 키 분배 방법은 효율적인 키 분배를 제공할 수 있는 접근법이다. 더불어 local collaboration은 같은 그룹에 속한 노드들이 서로 협력하여 그룹 키를 보호하고 침입자에 의해 손상된 노드를 발견할 수 있는 유용한 방법이다. 본 논문에서는 기존의 self-healing 키 분배 방법을 보완하여 센서네트워크 환경에 적용하기 위하여 임의의 변수를 적용한 지역적 협력(local collaboration)을 사용한다. 결과적으로 그룹 단위로 키를 안전하게 분배 및 관리를 할 수 있으며 센서 노드들 간의 통신비용 및 메모리에 대한 효율성 향상을 가져올 수 있음을 실험을 통하여 검증한다.

• Convergence Security Journal
• /
• v.13 no.4
• /
• pp.47-52
• /
• 2013

VANET(Vehicular Ad-hoc Network) is a kind of ad hoc networks which is consist of intelligence vehicular ad nodes, and has become a hot emerging research project in many fields. It provides traffic safety, cooperative driving and etc. but has also some security problems that can be occurred in general ad hoc networks. In VANET, it has been studies that group signature method for user privacy. However, among a group of group key generation phase and group key update phase, RSU(Road-Side Unit) and the computational overhead of the vehicle occur. In this paper, we propose an efficient group key management techniques with CBF(Counting Bloom Filter). Our group key management method is reduced to the computational overhead of RSU and vehicles at the group key generation and renewal stage. In addition, our method is a technique to update group key itself.