Secure Services for Group CLIQUES: Comm unication Gene Tsudik - - PowerPoint PPT Presentation

secure services for group cliques comm unication gene
SMART_READER_LITE
LIVE PREVIEW

Secure Services for Group CLIQUES: Comm unication Gene Tsudik - - PowerPoint PPT Presentation

Sep 05, 2023 255 likes •382 views

Secure Services for Group CLIQUES: Comm unication Gene Tsudik gts@isi.edu D ARP A High Condence Net w o rking W o rkshop, 06/12/98, Ro ckp o rt, MA. USC Info rmation Sciences Institute D ARP A High Condence

slide-1
SLIDE 1 CLIQUES: Secure Services for Group Comm unication Gene Tsudik gts@isi.edu D ARP A High Condence Net w
  • rking
W
  • rkshop,
06/12/98, Ro ckp
  • rt,
MA. USC Info rmation Sciences Institute
slide-2
SLIDE 2 D ARP A High Condence Net w
  • rking
W
  • rkshop,
06/12/98. 1 The Setting Dynamic P eer Groups (DPGs):
  • Relatively
small (100s
  • f
memb ers)
  • No
Hiera rchy
  • F
requent Memb ership Changes
  • Elected
  • r
App
  • inted
(but not p ermanent) Group Controller Notable Examples:
  • Replicated
Servers
  • Group-w
  • rk
  • Video/audio
Conferencin g
  • Ad
Ho c Net w
  • rks
USC Info rmation Sciences Institute Gene Tsudik
slide-3
SLIDE 3 D ARP A High Condence Net w
  • rking
W
  • rkshop,
06/12/98. 2 DPG Memb ership Op erations

Member Addition Member Exclusion Group Fusion Group Fission Mass Join Mass Leave Group Genesis (IKA)

USC Info rmation Sciences Institute Gene Tsudik
slide-4
SLIDE 4 D ARP A High Condence Net w
  • rking
W
  • rkshop,
06/12/98. 3 The Problem Ho w to maintain securit y with constantly changing memb ership ? Securit y Services in DPG setting:
  • Authentic,
p rivate communication within group
  • Authentic,
p rivate communication with
  • utsiders
  • Authentication
avo rs: any memb er
  • r
sp ecic memb er
  • Group
signatures
  • Non-repudiation
  • f
Memb ership Observations:
  • Centralized
(TTP) app roaches do not w
  • rk
w ell
  • Simple
extensions
  • f
2-pa rt y metho ds a re inecient
  • Key
Agreement { most basic service
  • NOTE:
Key Distribution 6= Key Agreement USC Info rmation Sciences Institute Gene Tsudik
slide-5
SLIDE 5 D ARP A High Condence Net w
  • rking
W
  • rkshop,
06/12/98. 4 V a riables Key Agreement:
  • IKA:
Initial Key Agreement (group genesis, re-k ey)
  • AKA:
Auxilia ry Key Agreement (memb ership changes)
  • Centralized:
Key Distribution/T ransp
  • rt
  • Contributo
ry: Equal Sha re b y Every
  • ne
Design P a rameters:
  • Die-Hellman
mo del
  • Contributo
ry KA
  • Group
Controller (xed
  • r
  • ating)
  • No
a p rio ri
  • rdering
  • No
p
  • licy
assumptions!
  • No
reliance
  • n
lo cal environment USC Info rmation Sciences Institute Gene Tsudik
slide-6
SLIDE 6 D ARP A High Condence Net w
  • rking
W
  • rkshop,
06/12/98. 5 Progress... Publication s:
  • \Die-Hellman
Key Distribution Extended to Groups", 1996 A CM CCCS.
  • \CLIQUES:
A New App roach to Group Key Agreement", 1998 IEEE ICDCS.
  • \Authenticated
Group Key Agreement and F riends", 1998 A CM CCCS.
  • \Key
Agreement in Dynamic P eer Groups", in submission.
  • \An
Ecient Group Signature Metho d", in submission.
  • \Group
Ba rter: Multi-P a rt y F air Exchange..." 1998 Financial Cryptography . Real W
  • rk:
  • CLIQUES
T
  • lkit:
JA V A, C/C++ (under dev.)
  • Collab
  • ration
with JHU (SPREADS, COMMEDIA)
  • Collab
  • ration
with IBM Resea rch (RS6K, etc.)
  • ISI's
GLOBUS Metacomputing p roject Eagerly lo
  • king
fo r
  • ther
collab
  • ration
  • pp
  • rtunities!!!
USC Info rmation Sciences Institute Gene Tsudik
slide-7
SLIDE 7 D ARP A High Condence Net w
  • rking
W
  • rkshop,
06/12/98. 6 Memb ership Changes Proto cols:
  • Memb
er Addition
  • Memb
er Deletion
  • Mass
Join *
  • Mass
Leave *
  • Group
F usion Prop erties:
  • Key
Indep endence
  • Securit
y equivalent to IKA (p
  • ly
. ind.)
  • Fixed/Floating
Controller
  • Any
  • ne
can b e group controller (subject to p
  • licy)
  • Group
controller can b e easily excluded USC Info rmation Sciences Institute Gene Tsudik
slide-8
SLIDE 8 D ARP A High Condence Net w
  • rking
W
  • rkshop,
06/12/98. 7 Authenticated Key Agreement Proto cols:
  • A-DH:
2-pa rt y , 2-round, PFS, KKA-resistant
  • A-GDH.2:
n-pa rt y , n-round, A-DH/GDH.2 blend M n
  • !
M i auth.
  • SA-GDH.2:
n-pa rt y , n-round M i $ M j auth. Prop erties:
  • Inherited:
Key Indep endence, P assive A ttack Resistance
  • PFS
  • KKA
Resistance
  • Key
Conrmation
  • Key
Integrit y (???)
  • Group
Integrit y
  • (P
a rtial) Entit y Authentication USC Info rmation Sciences Institute Gene Tsudik
slide-9
SLIDE 9 D ARP A High Condence Net w
  • rking
W
  • rkshop,
06/12/98. 8 Authenticated Key Agreement

r1 r2r3r4 GROUP CONTROLLERS

α α

1 2 3 4 K14 r1

α

r2

α

r1r2

α

r1r2

α

r1r3

α

r2r3

α

r1r2r3

α

r1r3r4

α

K24 r1r2r4

α

K34 r1

α

1 2 3 4 K12 r1

α

K13 r1

α

K14 r1

α

K12 r2

α

K21 r1r2

α

K13K23 r1r2

α

K14K24 r1r2

α

K13K23 r1r3

α

K12K32 r2r3

α

K21K31 r1r2r3

α

K14K24K34 r2r3r4

α

K21K31K41 r1r3r4

α

K12K32K42 r1r2r4

α

K13K23K43

USC Info rmation Sciences Institute Gene Tsudik
slide-10
SLIDE 10 D ARP A High Condence Net w
  • rking
W
  • rkshop,
06/12/98. 9 Group Signatures

Register Member Member sign verify Anyone Signed message Group Manager Group Manager enroll "plaintiff" Signed message

  • pen

− GM cannot cheat − Members cannot cheat − Outsiders cannot cheat − No coalitions − Easy Registration − Efficient Sign, Verify, Open * Exclusion not worked out yet...

USC Info rmation Sciences Institute Gene Tsudik
slide-11
SLIDE 11 D ARP A High Condence Net w
  • rking
W
  • rkshop,
06/12/98. 10 On-going and F uture W
  • rk
  • Memb
er (entit y) authentic ati
  • n
  • Encryption
fo r/within group
  • Authenticati
  • n
  • f
sp ecic and anonymous group memb ers
  • CLIQUES
T
  • lkit
available 1998
  • API
denition, p erfo rmance measurements, integration exp erience
  • Group
Signatures CLIQUES HOME P A GE: www.isi.edu//div7//cl iq ues USC Info rmation Sciences Institute Gene Tsudik