CLIQUES: Security for Dynamic Peer Groups CLIQUES: Gene Tsudik - - PowerPoint PPT Presentation

▶

Apr 16, 2023 323 likes •444 views

CLIQUES: Security for Dynamic Peer Groups CLIQUES: Gene Tsudik Yongdae Kim Formation Member add Member leave Group fusion Giuseppe Ateniese Damian Group fission Hasse 4/ 11/ 99 1 Background Targeted environment

SLIDE 1

4/ 11/ 99 1

CLIQUES: CLIQUES: Security for Dynamic Peer Groups

Formation Member add Member leave Group fusion Group fission Gene Tsudik Damian Hasse Giuseppe Ateniese Yongdae Kim

SLIDE 2

4/ 11/ 99 2

Problem:

Relatively small groups
Dynamic membership
No hierarchy
Many-to-Many
Collaborative applications

Targeted environment how to obtain security in peer groups with dynamic dynamic membership and decentralized decentralized control?

Background

SLIDE 3

4/ 11/ 99 3

Decentralized authenticated group key agreement

with provable security based on group Diffie-Helman: each member contributes equally to group key

Membership changes: single member, many members

and sub-groups

Membership authentication: based on knowledge of

key-share

Authenticated join/ leave: requires long-term DH

credentials

Certification infrastructure
Reliable group communication subsystem
Membership Authorization / Access control

Other pieces of the puzzle

Security Services Provided

SLIDE 4

4/ 11/ 99 4

Initial Key Agreement [ stw96]
Auxiliary Key Agreement (membership changes) [ stw98]
Authenticated Key Agreement [ ast98]
JAVA implementation (rel. 0.0)
C implementation (rel. 0.1) coupled with JHU’s SPREAD
CLQ_API: coding completed (rel. 1.0) mid-Feb
Testing and integrating with SPREAD [ tbd99]
Current performance results (0.024sec/ exp!!! Yuck...)
Integration with TOTEM on-going (LBL)
Integration with AKENTI: near future

STATUS

SLIDE 5

4/ 11/ 99 5

Proposed Architecture

SLIDE 6

4/ 11/ 99 6

CLQ_API prerequisites

Underlying group communication subsystem must provide reliable synchronized event notification for:

group joins
group leaves
partitions
node failures or disconnects
merges (partition heals)

merges (partition heals)

SLIDE 7

4/ 11/ 99 7

CLQ_API

called by a new group member who received a NEW_MEMBER message from the current controller. clq_ join clq_ join (ctx, member_name, group_name, input, output); called by the current controller to hand over group context to a new member (who becomes next controller). clq_ pass_ ctx clq_ pass_ ctx (ctx, member_name, output); called by every member upon reception of a KEY_UPDATE_MESSAGE from the current group controller clq_ update_ ctx clq_ update_ ctx (ctx, input);

SLIDE 8

4/ 11/ 99 8

CLQ_API (contd)

called by every group member after member leaves or partition occurs; removes all valid members in member_list from the group_member_list. Only controller gets output token clq_ leave clq_ leave (ctx, member_list[ ] , output); called only by controller when group_secret needs to be updated. clq_ refresh_ key clq_ refresh_ key (ctx, output);

SLIDE 9

4/ 11/ 99 9

Almost done...

Lessons learned, challenges and directions:

Paper protocols < > real protocols
Incremental formation of groups
Security, group comm not a simple composition
Difficulty of handling many merging sub-groups
Group size limits (100?)
other DH-like keys
elliptic curve duals
Two-tiered groups (few senders, many receivers)
Group membership policy (Auth + AC)
Group certification: group key, membership, etc.
Dynamic membership?
Individual vs opaque certificates?

SLIDE 10

4/ 11/ 99 10

Last chart...

Tech Transfer:

IBM
JHU
LBNL (DoE)
IRTF-> IETF?

CLIQUES web page: http: / / www.isi.edu/ div7/ cliques

API documentation
Publications
Presentations

API code by request from gts@isi.edu Collaborators:

IBM Research, Johns Hopkins, LBNL, Nortel

SLIDE 11

4/ 11/ 99 11