P.Naga Jyothi.et. al. / International Journal of Engineering Science and Technology Vol. 2(4), 2010, 570-573
GENERATING SECURE GROUP KEY
USING
m-ARY BASED
KEY TREE STRUCTURE
IN
SENSOR
NETWORKS
P.NAGA JYOTHI* , M.SUPRAJA* , S.SURESH**
*
Department of Information Technology , GITAM University, Visakhapatnam. **
M.R.College of Pharmacy,Vizianagaram. ABSTRACT
In the security scenario , security became a critical concern in various applications of sensor networks like pay-per-view, distribution of digital media, military, distributed information gathering, environment monitoring, patient monitoring and tracking etc., require Secure Group Communication (SGC) in sensor networks. A scalable SGC model ensures that whenever there is a membership change, new group key is computed and distributed to the remaining members in the group with minimal computation and communication cost. Handling member removal is more complex than member join event in any SGC model. The proposed scheme minimizes storage as well as communication and computation cost of end user (i.e., sensor nodes). To distribute new Group Key, one way hash functions and simple XOR operations are used.
Keywords: SecureGroup Communication, Sensor node, Group Key, Hash function. 1. Introduction
Sensor networks usually consist of a large set of distributed low power sensors scattered over the area to be monitored. The sensors have the ability to gather data and process and forward it to central node for further processing. Sensor networks are used in many applications like military sensing and tracking, environment monitoring, patient monitoring and tracking. The energy constrained nature of the sensor networks and deployment of sensor nodes in a hostile environment makes the problem of providing security to sensor networks. In a sensor network operating, we should encrypt each message from central node and every data reports from sensor nodes to central node and messages exchanged among sensor nodes to protect the message from possible enemy eavesdroppers.
To setup such a secure group, each secure multicast group is associated with one or more trusted servers responsible for managing membership to the group called as key server. When a client wants to join the group, the client and key server mutually authenticate using an authentication protocol. If the client is permitted to join the group, the key server provides it with the required keys. The keys sent to the client include the group key which is shared by all members of the group and auxiliary keys. The key server is also responsible for handling client removal and leaving event. Leaving is initiated by a client and is important in applications such as pay-per-view where a client leaving a group would like to ensure that it is no longer charged for usage. Removal of group member is usually initiated by a key server and is important in cases where the particular group member loses the access control privileges.
To prevent a new user (join operation) from reading past communications (backward access control) and a departed user (leave operation or removal) from reading future communications (forward access control), the key server has to change the group key (rekey operation) whenever group membership changes.
P.Naga Jyothi.et. al. / International Journal of Engineering Science and Technology Vol. 2(4), 2010, 570-573
Figure1: Architecture for Secure Group Key Management Scheme in Sensor Networks
The topics of key management for multiparty communications in general networks are studied and one of efficient key tree based group key management technique called Logical Key Hierarchy (LKH) is discussed[1,2,3,4,5,6]. A key update in this scheme requires O(log2 N) messages where N is the size of the group. In this scheme each user has to store log2 N keys (i.e., keys along the path from leaf to the root) and the key server has to maintain a tree of O (N) keys.
The scheme proposed in uses the LKH scheme and uses a binary tree, but with only two keys at every level. This reduces total number of keys at the server from O (N) to O (h) where h is the height of the tree. But storage at each user remains at O (log2 N). The scheme discussed and extends the scheme to m-ary tree instead of binary tree, which reduces the user side storage from O (log2 N) as to O (logm N)[2]. In tree based key management schemes each user shares a key called private key with the key server and key at the root of the tree is the group key which is shared by all users in the group. Other keys (other than private key and group key) are called auxiliary keys (key encryption keys) which are known only for certain subset of users and are used to encrypt new group key whenever there is a group membership change.
In this paper, a tree-based key management technique for SGC in sensor networks. The scheme uses m-ary tree and at each level m keys are maintained. Whenever a node is compromised new group key is selected and distributed to other nodes. The encryption keys that are required to send new group key GK1 securely are computed. The new group key is distributed to group members without performing any encryptions. Our scheme distributes new group key to the remaining group members with minimum number of messages as compared to the scheme in [7]. In our scheme, in order to avoid the leaving members using auxiliary keys to learn the new group key, auxiliary keys are also updated.
2. Motivation
In [4] binary tree structure is used. When the group is large, the number of levels in the binary tree will be more, which increases number of keys at user, extending the scheme to m-ary tree will reduce the height of the tree reducing number of keys at each user. At the same time we should consider server side storage i.e., number of keys
P.Naga Jyothi.et. al. / International Journal of Engineering Science and Technology Vol. 2(4), 2010, 570-573 at every level of the key tree. In [8] two keys are maintained at every level of the key tree, extending the scheme to m-ary tree will result in maintaining m keys.
For a group size n, if d is the height of the binary tree, it results in storing 2*d keys at the server. For the same value of n, if d1 is the height of the m-ary tree, then m*d1 keys are to be stored at the server. We can have the relation,
n = 2d = md d1 = d/log2 m
Number of keys at server in m-ary tree in terms of d can be represented as m*(d/log2 m), which illustrates that as m increases, number of keys at server will increases, which violates our motto. Hence in order to maintain minimum number of keys both at user and server, following relation has to be satisfied:
( m*d/log2 m) ≤ 2*d which is true only if m ≤ 4. 3. Model and Notations
Figure.2: Key tree structure showing UIDs and keys of users in the group, auxiliary keys and group key
Keys:
Sensor nodes S0, S4, S8, S12 are assigned with key K0 Sensor nodes S1, S5, S9, S13 are assigned with key K1 Sensor nodes S2, S6, S10, S14 are assigned with key K2 Sensor nodes S3, S7, S11, S15 are assigned with key K3
Auxiliary Keys: K10, K11, K12, K13 are auxiliary keys at level 1
GK : is the Group Key shared by all the sensor nodes S0 through S15 4. Procedure for finding new Secret Key
Using Hash function the method used to communicate the new secret key is as follows: central node computes the hash ([9, 10] of a shared key (i.e., key known to central node and authorized node) say ks i.e., H(ks) of the encryption key and XOR’s with new secret key knew to be communicated.
kcomm H(ks) knew
P.Naga Jyothi.et. al. / International Journal of Engineering Science and Technology Vol. 2(4), 2010, 570-573 After getting kcomm nodes having ks compute H(ks) and XOR’s with kcomm which yields new secret key knew. i.e., knew H(ks) kcomm
5. Key Distribution
The encryption keys computed using the method of [11] are used to communicate new group key to the existing nodes without actually performing any encryption. Messages send by central node to group members by using the hash of the encryption keys that are known to compromised nodes. Hence using the keys of the compromised nodes it is not possible to get any information regarding new group key. In order to avoid attackers decrypting any message in the next time interval we perform two operations. First, each remaining node along with path from the leaving point will compute new auxiliary key using the method, F ( auxiliary key, new group key ) ( auxiliary key) XOR ( new group key ). Second, every key used to compute the hash value is incremented by one (1). In this scheme to communicate new group key securely we are not using any encryption instead all communications are by using hash values and XOR operations which will reduce the communication overhead i.e., rekeying cost is reduced.
6. Member Removal (Leave)
A. Single Member Removal:
If a single member wants to leave the multicast group voluntarily or is removed from the group, a new group key must be computed and distributed to the remaining members in the group, so that leaving member will not be able to decrypt the future messages. The rekeying method used when a single member leaves the group is similar to the one used in [12]. In fig.1 if the node S2 leaves, the rekey message to distribute new group key, GK1 is
[ {GK1}K0 ║ {GK1}K1 ║ {GK1}K3 ║ {GK1}K11 ║ {GK1}K12 ║{GK1}K13 ]
After distributing new group key to remaining members in the multicast group securely, auxiliary keys are updated using the function F as follows:
F ( auxiliary key, new group key ) ( auxiliary key) XOR ( new group key ) B. Cumulative Member Removal:
Any number of members can leave the multicast group from any position in the m-ary tree. Protocol 2 in [5] handles the computation of encryption keys for cumulative removal of arbitrary members.
Conclusion
To achieve message confidentiality in Secure Group Communication we require a group key and the group key should be updated whenever a node is compromised. In our scheme server is required to store (log2 N * m) keys, along with the Group Key GK, where as the scheme in [7] requires O ( N ) keys to be stored at the server. The binary tree concept discussed in [8] is efficiently extended to m-ary tree in this paper with reduced storage at user side. New Group Key is distributed to the existing nodes using hash functions and XOR operations.
References
[1] A.Bellardie,”Scalable Multicast Key Distribution” RFC 1949, May 1996.
[2] Debby M. Wallner, Eric J. Harder, Ryan C. Agee,”Key Management for Multicast: Issues and Architectures”,Informational RFC, draft-Wallner-key-archootxt ,Jjuly ,1997.
[3] H.Harney, C.Muckenhirn, ”Group Key ManagementProtocol (GKMP) Architecture”, RFC 2094, July,1997. [4] H.Harney, C.Muckenhirn, ”Group Key Management Protocol (GKMP) Specifications”, RFC 2093, July,1997. [5] D.McGrew and A. Sherman. ”Key establishment in large dynamic groups using one way function trees”.. Available
athttp://www.cs.umbc.edu/ sherman/papers/itse.ps, May 1998.
[6] A.Perrig, D.Song and J.Tygar, ”ELK: A new protocol for efficient large-group key distribution”.In Proceedings of the 2001 IEEE symposium on Security and Privacy, 2001.
[7] Chung kei wong, Mohamed Gouda, and Simon S Lam, “Secure Group Communication Using Key Graphs”, proceedingsof
ACMSIGCOMM, Vancouver, British Columbia, September 1998.
[8] I.Chang, R.Engel, D.Kandlur, D.Pendarakis and D.Daha. “Key management for secure internet secure internet multicast using Boolean function minimization techniuue”. ACM SIGCOMM’99. March 1999.
[9] R.Rivest. The MD5 message-digest algorithm. RFC 1321,April 1992. [10] N.F.P.180-1. Secure hash standard.Draft, NIST, May 1994.
[11] A.Chandha, Y.Liu and S.K.Das, “Group Key distribution via local collaboration in wireless sensor networks”, in IEEE International Conference on Sensor and AdHoc Communications and Networks(SECON), 2006.
[12] A.S.Poornima, R.Aparna and B.B.Amberker. “Storage and Rekeying cost for Cumulative Member removal in Secure Group
communication “, International Journal of computer Science and Network security, Vol. 7 No. 9 pp. 21, 2-218,2007.
