共查询到16条相似文献,搜索用时 187 毫秒
1.
2.
TLCH协议是一个适用于安全组播通信且可扩展性较好的组播密钥管理协议。它基于LKH的思想,采用双层的控制者的层次结构,并使用单向函数进行密钥更新,达到了较低的计算开销。使用hash函数对TLCH组播密钥管理方案中成员加入时的密钥更新算法进行改进。与原来的TLCH相比,改进后的TLCH可以进一步降低了通信开销。 相似文献
3.
门限技术在组播密钥管理中的应用 总被引:1,自引:0,他引:1
目前组播协议以其节省带宽等优点被广泛认可,但在安全性和可靠性方面存在着一些问题。针对组播应用中所涉及到的密钥管理问题,提出一种运用动态门限技术和组播安全代理结合的方案,通过构建一个IP组播安全管理系统来实现组播密钥的分发和恢复,进而讨论了由成员加入和退出引起的密钥更新问题,最后针对该系统给出实验测试并讨论了采用此方案引起的更新代价,说明采用该方案可以较好地解决组播应用中的授权管理问题,实现安全组播。 相似文献
4.
一种新的基于身份的安全组播密钥协商方案 总被引:1,自引:0,他引:1
密钥管理是安全组播的难点。该文提出了一个新的基于身份的密钥协商方案,并具体地分析了子组之间的通信过程,以及组成员动态变化时密钥的更新过程。结果表明该方案满足密钥协商安全性要求,且在降低计算和通信代价方面取得了较好的效果。 相似文献
5.
安全组播通信使用组内所有成员共享的组密钥来加密通信内容.为了保障安全,密钥服务器需要在组成员关系改变时进行组密钥更新(rekey).由于组内成员关系的动态性和加解密操作的高代价,组密钥更新性能成为衡量组密钥管理性能的主要指标.基于密钥树(key tree)的组密钥更新方法已经被广泛地使用,并达到了对数级的组密钥更新代价.密钥树的结构需要保证平衡,否则最坏情况下组密钥更新的通信代价会达到O(n).该文提出了一种新的基于密钥树的路径洗牌算法PSA(Path Shuffling Algorithm),该算法能够将密钥树的平衡操作分散到一般的更新密钥操作中,减少了结构调整代价,从而提高了算法的性能.理论分析给出了该算法更新组密钥的平均通信代价,模拟实验也验证了这种算法更新组密钥的平均性能要优于其它同类算法. 相似文献
6.
7.
网络多媒体应用的发展,促使人们研究组播通信技术的各个方面。而使组播通信得到广泛应用的前提之一就是组播的安全。从不同的角度出发,组播安全需求表现不同。安全组播在于建立安全的群组和组播数据的机密性,组播密钥管理是安全组播的核心所在。 相似文献
8.
组播Internet密钥协商的研究与实现 总被引:2,自引:1,他引:1
IKE(Internet密钥变换)协议是IPSec协议族的重要组成之一,用于主机之间建立密钥和相关的安全参数,保护数据的传输安全。由于IKE设计之初致力于点对点之间的安全参数协商,应用于IP组播情况有许多局限之处。为了满足安全组播通信,提出了多点Internet密钥交换协议(MIKE)。MIKE基于IKE,用于多点间协商密钥和相关的安全参数。文章主要讨论了MIKE的功能和结构,根据实际的要求设计了一个MIKE的实现模型。 相似文献
9.
10.
IP组播建立在一个非封闭的传输系统上,为了实现安全组播,除了密钥加密信息,还需要下层的通讯子网提供支持,这样才能彻底实现安全封闭的组播通讯。其中讨论了一些流行的密钥管理框架,密钥更新方案以及用户管理机制。通过这些方案可以防止信息泄漏、Dos攻击、组攻击、伪造信息,从而实现了组播的安全通讯。 相似文献
11.
为了在IP组播中实现用户身份认证等安全管理,避免IP组播中的不安全因素,提出了一种运用门限技术和椭圆曲线密钥体制相结合的方案,构建一个IP组播服务系统并在其上分层实现了组播密钥的分发与恢复。最后通过实验测试给出了此方案的管理代价,证明了此方案可以很好地实现IP组播应用中的密钥管理,有效地解决了用户身份认证和授权管理问题,实现了安全IP组播。 相似文献
12.
In this paper, we present a secure group key management scheme for hierarchical mobile ad hoc networks. Our approach aims to improve both scalability and survivability of group key management for large-scale wireless ad hoc networks. To achieve our goal, we propose the following approaches: (1) a multi-level security model, which follows a modified Bell-La Padula security model that is suitable in a hierarchical mobile ad hoc networking environment, and (2) a decentralized group key management infrastructure to achieve such a multi-level security model. Our approaches reduce the key management overhead and improve resilience to any single point failure problem. In addition, we have developed a roaming protocol that is able to provide secure group communication involving group members from different groups without requiring new keys; an advantage of this protocol is that it is able to provide continuous group communication even when the group manager fails. 相似文献
13.
Abbas Mehdizadeh Raja Syamsul Azmir Raja Abdullah Fazirulhisyam Hashim Borhanuddin Mohd Ali Mohamed Othman Sabira Khatun 《Wireless Personal Communications》2013,73(3):967-991
Multicast is an efficient way to reduce the required bandwidth of transmitting data simultaneously to a group of users in wireless IPv6 networks. Nevertheless, multicast suffers from two main drawbacks which can be looked from two perspectives, namely security and QoS. With regard to security, the main challenge is to provide security protection to multicast data, which can be achieved by using a secure key management process. Considering a highly dense environment where connection of users to the network is changing frequently due to join or leave operations, key updating approach may burden a network devices with a huge amount of complex encryption/decryption processes. From the QoS perspective, multicast transmission over WLAN offers a tradeoff between the transmission rate and the coverage. The transmission rate of multicast is confined by the user with the lowest data rate in the group which is called fixed base rate problem. To address the above mentioned problems, we propose and implement a lightweight key management and data delivery scheme for multicast over wireless IPv6 networks. The proposed solution is envisaged to reduce the complexity of key updating, while at the same time is able to address the fixed base rate problem. The performance evaluation (by means of analytical and test-bed implementation) of the proposed key management method indicates its efficiency in reducing communication, computation, and storage costs, while maintaining both forward and backward securities. Moreover, the proposed data delivery method is able to improve the throughput and QoS, with low packet loss and transmission delay. 相似文献
14.
Security represents one of the major current obstacles to the wider deployment of IP multicast. The present work identifies and discusses various concepts and issues underlying multicast security. A classification of the current issues is provided, covering some core problems, infrastructure problems, and certain complex applications that might be built atop secure ip multicast. Three broad core problems are defined, namely fast and efficient source authentication for high data-rate applications, secure and scalable group key management techniques and the need for methods to express and implement policies specific to multicast security. The infrastructure problem areas cover the issues related to the security of multicast routing protocols and reliable multicast protocols. The topic of complex application covers more advanced issues, typically relating to secure group communication at (or above) the session layer which may be built using an eventual secure multicast infrastructure. A brief summary of the relevant developments, including those in the ietf, is provided. 相似文献
15.
Secure and reliable group communication is an active area of research. Its popularity is fuelled by the growing importance of group-oriented and collaborative applications. The central research challenge is secure and efficient group key management. The present paper is based on the huddle hierarchy based secure multicast group key management scheme using the most popular absolute encoder output type code named gray code. The focus is of twofolds. The first fold deals with the reduction of computation complexity which is achieved in this protocol by performing fewer multiplication operations during the key updating process. To optimize the number of multiplication operations, the fast Fourier transform, divide and conquer approach for multiplication of polynomial representation of integers, is used in this proposed work. The second fold aims at reducing the amount of information stored in the Group Center and group members while performing the update operation in the key content. Comparative analysis to illustrate the performance of various key distribution protocols is shown in this paper and it has been observed that this proposed algorithm reduces the computation and storage complexity significantly. 相似文献
16.
Melisa Hajyvahabzadeh Elina Eidkhani Seyedeh Anahita Mortazavi Alireza Nemaney?Pour 《Telecommunication Systems》2012,51(2-3):115-123
This paper presents a new group key management protocol, CKC (Code for Key Calculation) for secure IP multicast. In this protocol which is based on logical key hierarchy, only the group key needs to be sent to new member at join. Then, using the group key current members and the new member calculate the necessary keys by node codes and one-way hash function. A?node code is a random number assigned to each node to help users calculate necessary keys. Again, at leave server just sends the new group key to the remaining members. By this key, members calculate necessary keys using node codes and one-way hash function. The security of the keys is based on one-wayness of hash function. The results show that CKC reduces computational and communication overhead, and message size largely at join without increasing them at leave. 相似文献