secure group communication related issues
play

Secure Group Communication Related Issues Presenter: Haiyan Cheng - PowerPoint PPT Presentation

Jul 27, 2023 •238 likes •444 views

Secure Group Communication Related Issues Presenter: Haiyan Cheng CS 6204, Spring 2005 1 Outlines Addresses relevant security issues for IP multicast network Investigates steps to create secure multicast sessions Group membership

  1. Secure Group Communication Related Issues Presenter: Haiyan Cheng CS 6204, Spring 2005 1

  2. Outlines ♦ Addresses relevant security issues for IP multicast network ♦ Investigates steps to create secure multicast sessions – Group membership – Key distribution ♦ Establishes a criteria to evaluate multicast keying architectures. CS 6204, Spring 2005 2

  3. Characteristics of Multicast ♦ Efficient data distribution ♦ Dynamic group membership ♦ Vulnerable to attack CS 6204, Spring 2005 3

  4. Security Services for Multicast ♦ Defining multicast by Access Control during registration ♦ Key management CS 6204, Spring 2005 4

  5. Threats to Multicast Communications ♦ Eavesdropping ♦ Unauthorized creation of data ♦ Unauthorized alteration of data ♦ Unauthorized destruction of data ♦ Denial of service ♦ Illegal use of data CS 6204, Spring 2005 5

  6. Fundamental Security Services ♦ Authentication—Assure host identity (only authorized hosts are permitted to join the secure group) ♦ Integrity—Assure traffic not altered ♦ Confidentiality—Assure information confidentiality – Encryption – Limiting the routing of session IP datagrams CS 6204, Spring 2005 6

  7. Implementation Details ♦ Initiator defines session requirements ♦ Initiator announces requirements to potential participants – Advertisement with SAP (Session Announcement Protocol) – Invitation with SIP (Session Initiation Protocol) CS 6204, Spring 2005 7

  8. Implementation Details ♦ Type of cryptographic algorithm ♦ Length of a crypto-period ♦ Key length ♦ Type of authentication mechanism used ♦ Other security related information describing the implementation details of a particular secure session CS 6204, Spring 2005 8

  9. Key Management Issues ♦ Key management ♦ Key distribution ♦ Access control for key material CS 6204, Spring 2005 9

  10. Secure Multicast Process Identify need for a secure session 1. Initiator defines the parameters 2. Initiator determines whether assistant is required 3. to perform the participant registration or key distribution functions. Announce session description to potential 4. participants Potential participant register for the secure 5. session Necessary maintenance operation can be 6. performed during the course of a secure session. CS 6204, Spring 2005 10

  11. Secure Multicast Criteria CS 6204, Spring 2005 11

  12. Key Distribution Architectures ♦ Manual Key Distribution ♦ Pairwise Keying ♦ Hierarchical trees ♦ Secure Lock ♦ Distributed Registration and Key Distribution (DiRK) CS 6204, Spring 2005 12

  13. Key Distribution Architectures ♦ Manual Key Distribution – Key generation and distribution functions are reside at a central KDC (Key Distribution Center). – Key material must be determined by the initiator in advance. – No computational load on individual participants. – Not scalable. – Slow response to dynamic user entries and exits from the secure multicast group. – New key material must be manually distributed to valid participants in case there’s a group key compromise. CS 6204, Spring 2005 13

  14. Key Distribution Architectures ♦ Pairwise Keying – CBT (Core Base Tree) architecture (proposed by Ballardie) • Initiator creates an Access Control List (ACL) and SA (Security Association) • ACL and SA are passed to the core • Core creates Group Traffic Encryption Key (GTEK) and Group Key-encryption-keys (GKEK) • Core distributes ACL, GTEK, GKEK to secondary routers. • Internet Security Association and Key Management Protocol (ISAKMP) is used to distribute keys between group members and the trusted routers. (guarantees the uniqueness of the session key between two entities.) CS 6204, Spring 2005 14

  15. Key Distribution Architectures ♦ Hierarchical Trees – A hierarchical tree of key-encryption-keys is created. – Participants store all keys within the tree between themselves and the root – Efficient removal of participant – Scalable CS 6204, Spring 2005 15

  16. Key Distribution Architectures ♦ Secure Lock – Use Chinese Remainder Theorem (CRT) to generate lock. – The lock is transmitted with each encrypted message. – Only users in the secure group can “unlock” the session key. – Flexible towards the dynamic addition and deletion of a group participant. – Not scalable for large group CS 6204, Spring 2005 16

  17. Key Distribution Architectures ♦ Distributed Registration and Key Distribution (DiRK) – A key distribution protocol designed for application over MBONE. – Active participant can help with registration and key distribution. – Hosts send registration request to request join session – Any active participant can respond. – Efficient due to the distributive nature – Highly scalable CS 6204, Spring 2005 17

  18. Key Distribution Architectures Comparison ♦ Manual Key Distribution— slow ♦ Pairwise Keying—linear efficiency for initial key and rekey ♦ Hierarchical trees—linear efficiency for initial key and logarithm rekey ♦ Secure Lock—linear efficiency for initial key and constant rekey ♦ Distributed Registration and Key Distribution (DiRK)—distributive linear efficiency for initial key and rekey (trust is a problem) CS 6204, Spring 2005 18

  19. Future Works ♦ Security application should be transparent to users. ♦ Should work efficiently with other required protocols. ♦ Focus on achieving a truly integrated security solution that functions together with non-security functions and exisiting multicast protocols. CS 6204, Spring 2005 19

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Secure Communication Secure Communication Lecture 14 Wrap-Up We saw... Symmetric-Key

Secure Communication Secure Communication Lecture 14 Wrap-Up We saw... Symmetric-Key

Secure Communication Secure Communication Lecture 14 Wrap-Up We saw... Symmetric-Key Components SKE, MAC Public-Key Components PKE, Digital Signatures Building blocks: Block-ciphers (AES), Hash-functions (SHA-3), Trapdoor PRG/OWP for PKE

1.07k views • 72 slides
A survey of Key Management for Secure Group Communication Sandro Rafaeli and David Hutchison

A survey of Key Management for Secure Group Communication Sandro Rafaeli and David Hutchison

A survey of Key Management for Secure Group Communication Sandro Rafaeli and David Hutchison Presented By: Anil Bazaz CS6204, Spring 2005 Intro: Group Communication Uses IP multicast to transmit data Does not limit access to data No

543 views • 19 slides
Series, April 12, 2016 Communication Access in the United States: Issues related to Education,

Series, April 12, 2016 Communication Access in the United States: Issues related to Education,

Welcome to USSAACs Webinar Series, April 12, 2016 Communication Access in the United States: Issues related to Education, Healthcare, and Justice Systems Presenters: India Ochs, Esq. & Barbara Collier, SLP Facilitator: Sarah Blackstone

543 views • 33 slides
Lab 2 Group Communication Desired group communication Multicast communication Andreas

Lab 2 Group Communication Desired group communication Multicast communication Andreas

Overview Introduction to group communication Lab 2 Group Communication Desired group communication Multicast communication Andreas Larsson Group membership service 2009-02-04 DSII: Group Comm. 2 A Distributed System in

415 views • 6 slides
Extremely Secure Communication Daniel Romo - daniel.romao@os3.nl Oil Company Oil Company What

Extremely Secure Communication Daniel Romo - daniel.romao@os3.nl Oil Company Oil Company What

Extremely Secure Communication Daniel Romo - daniel.romao@os3.nl Oil Company Oil Company What (almost) everyone knows: NSA collects traffic Confidential data can be compromised Backdoors in encryption-related software and hardware make it

583 views • 30 slides
Simple and Communication Complexity Efficient Almost Secure and Perfectly Secure Message

Simple and Communication Complexity Efficient Almost Secure and Perfectly Secure Message

Simple and Communication Complexity Efficient Almost Secure and Perfectly Secure Message Transmission Schemes Yvo Desmedt 1 , 2 Stelios Erotokritou 1 Reihaneh Safavi-Naini 3 1 Department of Computer Science University College London, UK 2

459 views • 33 slides
Secure Cryptographic Protocol Execution based on Runtime Verification Secure Communication in

Secure Cryptographic Protocol Execution based on Runtime Verification Secure Communication in

Secure Cryptographic Protocol Execution based on Runtime Verification Secure Communication in the Quantum Era (SPS G5448) February 5th, 2020 Christian Colombo Mark Vella Cryptographic Protocols Design Proofs to validate design against

467 views • 20 slides
communication and collaboration models CSCW Issues and Theory All com puter system s have group

communication and collaboration models CSCW Issues and Theory All com puter system s have group

chapter 14 communication and collaboration models CSCW Issues and Theory All com puter system s have group im pact not just groupware Ignoring this leads to the failure of system s Look at several levels minutiae to large scale

329 views • 13 slides
WORKING GROUP AWARENESS-RAISING ON DRUG-RELATED ISSUES IN EDUCATIONAL SETTINGS Meeting of the

WORKING GROUP AWARENESS-RAISING ON DRUG-RELATED ISSUES IN EDUCATIONAL SETTINGS Meeting of the

WORKING GROUP AWARENESS-RAISING ON DRUG-RELATED ISSUES IN EDUCATIONAL SETTINGS Meeting of the Heads of National Drug Law Enforcement Agencies - Africa (HONLAF) Dar Es Salaam, 19 September 2018 Sylv ylvie ie Ber Bertr trand He Head, , He

520 views • 38 slides
Secure and Privacy Preserving Vehicular Communication Systems: Identity and Credential Management

Secure and Privacy Preserving Vehicular Communication Systems: Identity and Credential Management

KTH ROYAL INSTITUTE OF TECHNOLOGY Secure and Privacy Preserving Vehicular Communication Systems: Identity and Credential Management Infrastructure Mohammad Khodaei Networked Systems Security Group (NSS) November 1, 2016 July 2, 2018

1.03k views • 38 slides
Variant-Related Issues Variant TLD Issues Project Goal

Variant-Related Issues Variant TLD Issues Project Goal

Variant-Related Issues Variant TLD Issues Project Goal Iden0fy and agree on issues related to variants that should be included in the report 2

218 views • 10 slides
CURRENT ISSUES IN FLORIDA LAND USE LAW ISSUES IN FLORIDA LAND USE LAW Florida Land Use Law

CURRENT ISSUES IN FLORIDA LAND USE LAW ISSUES IN FLORIDA LAND USE LAW Florida Land Use Law

CURRENT ISSUES IN FLORIDA LAND USE LAW ISSUES IN FLORIDA LAND USE LAW Florida Land Use Law Overview Issues related to Developments of Regional Impact (DRIs) Issues related to Comprehensive Land Use Planning Issues related to

495 views • 31 slides
Interprocess Communication Primitives Message Passing: issues Communication

Interprocess Communication Primitives Message Passing: issues Communication

CPSC-662 Distributed Computing Interprocess Communication Interprocess Communication Primitives Message Passing: issues Communication Schemes Reading: Colouris, Chapter 4 Interprocess Communication (IPC) communicate by

372 views • 6 slides
Secure Communication Hacking/Hustling Workshop @ Eyebeam About me Liz! She/Her Electrical

Secure Communication Hacking/Hustling Workshop @ Eyebeam About me Liz! She/Her Electrical

Secure Communication Hacking/Hustling Workshop @ Eyebeam About me Liz! She/Her Electrical Engineer/Embedded developer Teaching for a while Overview Signal is one example of a third-party app for secure texting. Well go over what it does

819 views • 32 slides
TLS/SSL TLS (Transport Layer Security) A suite of protocols to provide secure communication

TLS/SSL TLS (Transport Layer Security) A suite of protocols to provide secure communication

TLS/SSL TLS (Transport Layer Security) A suite of protocols to provide secure communication Confidentiality by applying block & stream ciphers - Integrity with MACs - Authenticity with certificates - Predecessor: SSL (secure

557 views • 13 slides
Secure Computation with Low Communication from Cross-checking Dov Gordon (George Mason U.)

Secure Computation with Low Communication from Cross-checking Dov Gordon (George Mason U.)

Secure Computation with Low Communication from Cross-checking Dov Gordon (George Mason U.) Samuel Ranellucci (Unbound Tech) Xiao Wang (MIT & Boston U.) Secure Computation 4 parties each hold private data. They wish to compute C(x 1

414 views • 24 slides
Formal Fault Analysis of Branch Predictors: Attacking countermeasures of Asymmetric key ciphers

Formal Fault Analysis of Branch Predictors: Attacking countermeasures of Asymmetric key ciphers

Formal Fault Analysis of Branch Predictors: Attacking countermeasures of Asymmetric key ciphers Sarani Bhattacharya and Debdeep Mukhopadhyay Indian Institute of Technology Kharagpur PROOFS 2016 August 20, 2016 PROOFS 2016 Sarani Bhattacharya

591 views • 42 slides
On Key Assignment for Hierarchical Access Control Jason Crampton Keith Martin Peter Wild

On Key Assignment for Hierarchical Access Control Jason Crampton Keith Martin Peter Wild

On Key Assignment for Hierarchical Access Control Jason Crampton Keith Martin Peter Wild Information Security Group Royal Holloway University of London 19th Computer Security Foundations Workshop Introduction On Key Assignment for

1.27k views • 26 slides
MTH314: Discrete Mathematics for Engineers Lecture 8: Public-Key Cryptography Dr Ewa Infeld

MTH314: Discrete Mathematics for Engineers Lecture 8: Public-Key Cryptography Dr Ewa Infeld

MTH314: Discrete Mathematics for Engineers Lecture 8: Public-Key Cryptography Dr Ewa Infeld Ryerson University Dr Ewa Infeld Ryerson University MTH314: Discrete Mathematics for Engineers Chinese Remainder Theorem Think of a number x such that

774 views • 56 slides
GENERAL SHAREHOLDERS MEETING BUSINESS YEAR 2013 NORTH AMERICAN FACTORY SOUTH AFRICAN FACTORY

GENERAL SHAREHOLDERS MEETING BUSINESS YEAR 2013 NORTH AMERICAN FACTORY SOUTH AFRICAN FACTORY

GENERAL SHAREHOLDERS MEETING BUSINESS YEAR 2013 NORTH AMERICAN FACTORY SOUTH AFRICAN FACTORY RAW MATERIALS DEPOT STAINLESS STEEL COLD ROLLED SHEET PRICES AISI 304 2.0 mm Euros/Mt 3,500 EUROPEAN MARKET 3,000 2,500 Extra de Aleacin

479 views • 46 slides
A Survey of Computational Assumptions on Bilinear and Multilinear Maps Allison Bishop IEX and

A Survey of Computational Assumptions on Bilinear and Multilinear Maps Allison Bishop IEX and

A Survey of Computational Assumptions on Bilinear and Multilinear Maps Allison Bishop IEX and Columbia University Group Basics There are two kinds of people in this world. Those who like additive group notation, and those who like

657 views • 31 slides
9. Public-key cryptography December 20, 2019 Slides by Marta Arias, Jos Luis Balczar, Ramon

9. Public-key cryptography December 20, 2019 Slides by Marta Arias, Jos Luis Balczar, Ramon

CAI: Cerca i Anlisi dInformaci Grau en Cincia i Enginyeria de Dades, UPC 9. Public-key cryptography December 20, 2019 Slides by Marta Arias, Jos Luis Balczar, Ramon Ferrer-i-Cancho, Ricard Gavald, Department of Computer Science,

630 views • 37 slides
ASPPH Presents Webinar: Managing Compliance Challenges Involving Global Collaborators Method for

ASPPH Presents Webinar: Managing Compliance Challenges Involving Global Collaborators Method for

ASPPH Presents Webinar: Managing Compliance Challenges Involving Global Collaborators Method for Submitting Questions/Comments Moderator Penny Gordon-Larsen, PhD Associate Dean for Research Professor, Department of Nutrition UNC Gillings

1.24k views • 58 slides
Large-Scale Data Engineering Some notes on Access Patterns, Latency, Bandwidth + Tips for

Large-Scale Data Engineering Some notes on Access Patterns, Latency, Bandwidth + Tips for

Large-Scale Data Engineering Some notes on Access Patterns, Latency, Bandwidth + Tips for practical event.cwi.nl/lsde Memory Hierarchy event.cwi.nl/lsde Hardware Progress Transistors CPU performance event.cwi.nl/lsde RAM,Disk Improvement

1.23k views • 21 slides

More recommend