Conference Paper

GKMPAN: an efficient group rekeying scheme for secure multicast in ad-hoc networks

Center for Secure Inf. Syst., George Mason Univ., Fairfax, VA, USA
DOI: 10.1109/MOBIQ.2004.1331709 Conference: Mobile and Ubiquitous Systems: Networking and Services, 2004. MOBIQUITOUS 2004. The First Annual International Conference on
Source: IEEE Xplore

ABSTRACT We present GKMPAN, an efficient and scalable group rekeying protocol for secure multicast in ad hoc networks. Our protocol exploits the property of ad hoc networks that each member of a group is both a host and a router, and distributes the group key to member nodes via a secure hop-by-hop propagation scheme. A probabilistic scheme based on predeployed symmetric keys is used for implementing secure channels between members for group key distribution. GKMPAN also includes a novel distributed scheme for efficiently updating the predeployed keys. GKMPAN has three attractive properties. First, it is significantly more efficient than group rekeying schemes that were adapted from those proposed for wired networks. Second, GKMPAN has the property of partial statelessness; that is, a node can decode the current group key even if it has missed a certain number of previous group rekeying operations. This makes it very attractive for ad hoc networks where nodes may lose packets due to transmission link errors or temporary network partitions. Third, in GKMPAN the key server does not need any information about the topology of the ad hoc network or the geographic location of the members of the group. We study the security and performance of GKMPAN through detailed analysis and simulation.

1 Follower
  • Source
    [Show abstract] [Hide abstract]
    ABSTRACT: Many multicast-based applications (e.g., pay-per-view, online auction, and teleconferencing) require a secure communication model to prevent disclosure of distributed data to unauthorized users. One solution for achieving this goal is to let all members in a group share a key that is used for encrypting data. To provide backward and forward confidentiality [23] (i.e., a new member should not be allowed to decrypt the earlier communication and a revoked user should not be able to decrypt the future communication), this shared group key should be updated and redistributed to all authorized members in a secure, reliable, and timely fashion upon a membership change. This process is referred to as group rekeying.
    07/2010: pages 57-75;
  • Source
  • Source
    [Show abstract] [Hide abstract]
    ABSTRACT: It is well recognized that security is vital for the reliable operation of vehicular ad hoc networks (VANETs). One of the critical security issues is the revocation of misbehaving vehicles, which is essential for the prevention of malicious vehicles from jeopardizing the safety of other vehicles. In this paper, we propose an efficient decentralized revocation (EDR) protocol based on a novel pairing-based threshold scheme and a probabilistic key distribution technique. Because of the decentralized nature of the EDR protocol, it enables a group of legitimate vehicles to perform fast revocation of a nearby misbehaving vehicle. Consequently, the EDR protocol improves the safety levels in VANETs as it diminishes the revocation vulnerability window existing in conventional certificate revocation lists (CRLs). By conducting detailed performance evaluation, the EDR protocol is demonstrated to be reliable, efficient, and scalable.
    IEEE Transactions on Vehicular Technology 12/2009; DOI:10.1109/TVT.2009.2023662 · 2.64 Impact Factor

Preview (2 Sources)

Available from