共查询到19条相似文献,搜索用时 951 毫秒
1.
2.
TLCH协议是一个适用于安全组播通信且可扩展性较好的组播密钥管理协议。它基于LKH的思想,采用双层的控制者的层次结构,并使用单向函数进行密钥更新,达到了较低的计算开销。使用hash函数对TLCH组播密钥管理方案中成员加入时的密钥更新算法进行改进。与原来的TLCH相比,改进后的TLCH可以进一步降低了通信开销。 相似文献
3.
4.
移动自组网的组密钥链更新算法 总被引:1,自引:0,他引:1
针对移动自组网拓扑结构变化频繁,组密钥更新频率高,计算次数多,通信量巨大的特点,提出了一种新的组密钥管理算法-分布式组密钥链更新算法(DKCGR).基于密钥链和左/右向性密钥结构设计了DKCGR算法.通过相邻节点生成共享密钥建立一条循环的密钥链和向左或者向右方向生成若干共享密钥,完成组密钥的更新.同时,借鉴LKH的树形密钥方案,将密钥链用4叉树表示.实验结果表明:DKCGR算法随着加入节点的增多其计算次数将是一个常数,有效控制计算量.与传统的LKH相比节约了n/2(n指节点数)次通信量. 相似文献
5.
6.
7.
针对已有分布式组播路由算法在寻找QoS路由时的低成功率问题,本文提出了一种新的基于带宽和时延约束的分布式组播路由算法-QDMR(QoS-based Distributed Multicast Routing).在为新组播成员搜索连接到组播树的可行路径时,QDMR算法使用RBMF(Reverse Best Metric Forwarding)转发算法代替RPF(Reverse Path Forwarding)转发算法,从而优先搜索满足带宽和时延约束要求的路径,然后才考虑代价的优化.模拟分析表明,QDMR提高了路由搜索的成功率,并且降低了协议开销. 相似文献
8.
利用动态累加器的证人能够证明特定累加项是否参与累加的特性,实现了组成员身份认证,提出了一种新的支持节点动态增加和撤销的组密钥管理方案DAAG。在需要建立组密钥时,所有成员节点提供自己持有的累加项,参与累加计算。DAAG方案在保证成员节点证人机密性的基础上, 通过绑定证人与组密钥更新计算,限制了非成员节点对新密钥的计算能力。安全性和性能分析表明,DAAG方案虽比FM方案消耗更多的通信代价,但能够抵抗伪造、重放和共谋等恶意攻击,提供前后向安全性。 相似文献
9.
10.
基于LKH混合树的组播密钥更新方案 总被引:4,自引:0,他引:4
IP组播通信越来越得到广泛的应用,其密钥动态管理是一个值得关注的问题。本文主要对组播密钥更新方案进行分析,并对基于LKH密钥树的更新方案进行了改进。 相似文献
11.
Jian Zhou Meina Song Junde Song Xian-wei Zhou Liyan Sun 《Wireless Personal Communications》2014,77(1):269-287
In deep space delay tolerant networks rekeying expend vast amounts of energy and delay time as a reliable end-to-end communication is very difficult to be available between members and key management center. In order to deal with the question, this paper puts forwards an autonomic group key management scheme for deep space DTN, in which a logical key tree based on one-encryption-key multi-decryption-key key protocol is presented. Each leaf node with a secret decryption key corresponds to a network member and each non-leaf node corresponds to a public encryption key generated by all leaf node’s decryption keys that belong to the non-leaf node’s sub tree. In the proposed scheme, each legitimate member has the same capability of modifying public encryption key with himself decryption key as key management center, so rekeying can be fulfilled successfully by a local leaving or joining member in lack of key management center support. In the security aspect, forward security and backward security are guaranteed. In the efficiency aspect, our proposed scheme’s rekeying message cost is half of LKH scheme when a new member joins, furthermore in member leaving event a leaving member makes tradeoff between computation cost and message cost except for rekeying message cost is constant and is not related to network scale. Therefore, our proposed scheme is more suitable for deep space DTN than LKH and the localization of rekeying is realized securely. 相似文献
12.
We consider several distributed collaborative key agreement and authentication protocols for dynamic peer groups. There are several important characteristics which make this problem different from traditional secure group communication. They are: 1) distributed nature in which there is no centralized key server; 2) collaborative nature in which the group key is contributory (i.e., each group member will collaboratively contribute its part to the global group key); and 3) dynamic nature in which existing members may leave the group while new members may join. Instead of performing individual rekeying operations, i.e., recomputing the group key after every join or leave request, we discuss an interval-based approach of rekeying. We consider three interval-based distributed rekeying algorithms, or interval-based algorithms for short, for updating the group key: 1) the Rebuild algorithm; 2) the Batch algorithm; and 3) the Queue-batch algorithm. Performance of these three interval-based algorithms under different settings, such as different join and leave probabilities,is analyzed. We show that the interval-based algorithms significantly outperform the individual rekeying approach and that the Queue-batch algorithm performs the best among the three interval-based algorithms. More importantly, the Queue-batch algorithm can substantially reduce the computation and communication workload in a highly dynamic environment. We further enhance the interval-based algorithms in two aspects: authentication and implementation. Authentication focuses on the security improvement, while implementation realizes the interval-based algorithms in real network settings. Our work provides a fundamental understanding about establishing a group key via a distributed and collaborative approach for a dynamic peer group. 相似文献
13.
Numerous emerging applications, such as teleconferencing, board meetings, pay-per-view and scientific discussions, rely on a secure group communication model. Scalable group rekeying is an important issue in the secure group communication model as the nature of the group is dynamic. The number of encryptions performed and rekey messages constructed should be minimized to carry out updating of the group key, and secure delivery of the group key should be carried out in an efficient manner. In this paper, we propose a new scheme to manage the secure group using the binomial key tree approach. In this scheme, the number of encryptions performed and rekey messages constructed during membership change are fewer compared to the scheme proposed by Wong and others. Further, it is not required to balance the tree after each membership change. We show that, for a large group, the average encryption cost and rekey message cost are independent of the size of the group for join operation and logarithmic in size of the group for leave operation. Hence our scheme is scalable. Copyright © 2010 John Wiley & Sons, Ltd. 相似文献
14.
Secure multicast applications require key management that provides access control. In wireless networks, where the error rate is high and the bandwidth is limited, the design of key management schemes should place emphasis on reducing the communication burden associated with key updating. A communication-efficient class of key management schemes is those that employ a tree hierarchy. However, these tree-based key management schemes do not exploit issues related to the delivery of keying information that provide opportunities to further reduce the communication burden of rekeying. In this paper, we propose a method for designing multicast key management trees that match the network topology. The proposed key management scheme localizes the transmission of keying information and significantly reduces the communication burden of rekeying. Further, in mobile wireless applications, the issue of user handoff between base stations may cause user relocation on the key management tree. We address the problem of user handoff by proposing an efficient handoff scheme for our topology-matching key management trees. The proposed scheme also addresses the heterogeneity of the network. For multicast applications containing several thousands of users, simulations indicate a 55%-80% reduction in the communication cost compared to key trees that are independent of the network topology. Analysis and simulations also show that the communication cost of the proposed topology-matching key management tree scales better than topology-independent trees as the size of multicast group grows. 相似文献
15.
Wireless mesh networks facilitate the development of the many group oriented applications by extending the coverage area of
the group communication. Group communication in a wireless mesh network is complicated due to dynamic intermediate mesh points,
access control for communications between different administrative domains, and the absence of a centralized network controller.
In this study, we propose a topology-matching decentralized multi-service group key management scheme for wireless mesh networks.
It allows service providers to update and deliver their group keys to valid members in a distributed manner using the identity-based
encryption scheme. The analysis result indicates that the proposed scheme has advantages with regard to the rekeying cost
and storage overhead for a member and a mesh point in multi-sender group communication environments. The stateless property
is also achieved such that a stateless member, who could not be constantly online, can easily decrypt the rekeying messages
without recording the past history of transmission. 相似文献
16.
Some multi communication networks don’t provide a reliable link for group key management, so as to implementing rekeying is failure frequently. To deal with the question, this paper presents a novel group key management scheme for non-reliable link networks, a ciphertext encrypted a secret shared key can be decrypted with any legitimate members whose scale is more than the threshold value, even if part of members’ links aren’t reliable. In rekeying process, each key fragment is divided into two parts with he shared production mechanism, so as to the member’s independent key fragments still keep unchanged, but imperative updated key belongs to the group manager. Therefore, in efficient aspect, the message and computation cost of rekeying is reduced, and the dependence of the reliable channel is reduced; in the security aspect, our proposed scheme can guarantee forward security and backward security, and secure against collusion attack even if the number of leaving member is more than the threshold value. Therefore, our proposed scheme is suitable to the non-reliable link networks. 相似文献
17.
18.
Advances in wireless communications and mobile computing have led to the emergence of group communications and applications
over wireless. In many of these group interactions, new members can join and current members can leave at any time, and existing
members must communicate securely to achieve application-specific missions or network-specific functionality. Since wireless
networks are resource-constrained, a key challenge is to provide secure and efficient group communication mechanisms that
satisfy application requirements while minimizing the communication cost. Instead of individual rekeying, i.e., performing
a rekey operation right after each join or leave request, periodic batch rekeying has been proposed to alleviate rekeying
overhead in resource-constrained wireless networks. In this paper, we propose an analytical model to address the issue of
how often batch rekeying should be performed. We propose threshold-based batch rekeying schemes and demonstrate that an optimal
rekey interval exists for each scheme. We further compare these schemes to identify the best scheme that can minimize the
communication cost of rekeying while satisfying application requirements when given a set of parameter values characterizing
the operational and environmental conditions of the system. In a highly dynamic wireless environment in which the system parameter
values change at runtime, our work may be used to adapt the rekeying interval accordingly. 相似文献
19.
一种基于时间结构树的多播密钥管理方案 总被引:3,自引:0,他引:3
随着Internet的发展,多播通信技术得到了广泛的应用.其中组密钥管理是多播安全的核心问题.文中在分析已有研究的基础上,提出了一种基于时间结构树的密钥管理方案,采用周期性的密钥更新机制,通过安全滤波器分配新的组密钥,大大减少了密钥更新时的传输消息,提高了密钥更新的效率,实现密钥更新的可靠性. 相似文献