Conference Paper

GKMPAN: An efficient group rekeying scheme for secure multicast in ad-hoc networks

Center for Secure Inf. Syst., George Mason Univ., Fairfax, VA, USA
DOI: 10.1109/MOBIQ.2004.1331709 Conference: Mobile and Ubiquitous Systems: Networking and Services, 2004. MOBIQUITOUS 2004. The First Annual International Conference on
Source: IEEE Xplore


We present GKMPAN, an efficient and scalable group rekeying protocol for secure multicast in ad hoc networks. Our protocol exploits the property of ad hoc networks that each member of a group is both a host and a router, and distributes the group key to member nodes via a secure hop-by-hop propagation scheme. A probabilistic scheme based on predeployed symmetric keys is used for implementing secure channels between members for group key distribution. GKMPAN also includes a novel distributed scheme for efficiently updating the predeployed keys. GKMPAN has three attractive properties. First, it is significantly more efficient than group rekeying schemes that were adapted from those proposed for wired networks. Second, GKMPAN has the property of partial statelessness; that is, a node can decode the current group key even if it has missed a certain number of previous group rekeying operations. This makes it very attractive for ad hoc networks where nodes may lose packets due to transmission link errors or temporary network partitions. Third, in GKMPAN the key server does not need any information about the topology of the ad hoc network or the geographic location of the members of the group. We study the security and performance of GKMPAN through detailed analysis and simulation.

Full-text preview

Available from:
  • Source
    • "• The study of group key management is no longer limited on IP multicast. Recently, several group key management schemes have been proposed for wireless networks such as mobile ad hoc networks [13] [29] and sensor networks [28]. "
    [Show abstract] [Hide abstract]
    ABSTRACT: Many multicast-based applications (e.g., pay-per-view, online auction, and teleconferencing) require a secure communication model to prevent disclosure of distributed data to unauthorized users. One solution for achieving this goal is to let all members in a group share a key that is used for encrypting data. To provide backward and forward confidentiality [23] (i.e., a new member should not be allowed to decrypt the earlier communication and a revoked user should not be able to decrypt the future communication), this shared group key should be updated and redistributed to all authorized members in a secure, reliable, and timely fashion upon a membership change. This process is referred to as group rekeying.
    Preview · Chapter · Jul 2010
  • Source
    • "The main objective of a secure group communication protocol is to ensure the data confidentiality against outsiders such that only legitimate group members can recover the group data. Existing solutions for wired networks [19] [20] [21] are not well suited for WMNs as they fail to take into consideration the multi-hop communication paradigm featured by WMNs, as well as the communication security among mesh clients within the coverage of a mesh router. These protocols also do not exploit unique features of WMNs, such as the broadcast nature of wireless communication . "

    Full-text · Article · Jan 2010
  • Source
    • "Zhu et al. [18] used the probabilistic approach to establish a pairwise key between the network nodes. Later, they introduced the GKMPAN, which is an efficient group rekeying scheme for secure multicast in ad-hoc networks protocol [19], which is considered the most complete work in the context of key management for ad hoc networks. The GKMPAN adopts a probabilistic key distribution technique, which is based on predeployed symmetric keys. "
    [Show abstract] [Hide abstract]
    ABSTRACT: It is well recognized that security is vital for the reliable operation of vehicular ad hoc networks (VANETs). One of the critical security issues is the revocation of misbehaving vehicles, which is essential for the prevention of malicious vehicles from jeopardizing the safety of other vehicles. In this paper, we propose an efficient decentralized revocation (EDR) protocol based on a novel pairing-based threshold scheme and a probabilistic key distribution technique. Because of the decentralized nature of the EDR protocol, it enables a group of legitimate vehicles to perform fast revocation of a nearby misbehaving vehicle. Consequently, the EDR protocol improves the safety levels in VANETs as it diminishes the revocation vulnerability window existing in conventional certificate revocation lists (CRLs). By conducting detailed performance evaluation, the EDR protocol is demonstrated to be reliable, efficient, and scalable.
    Preview · Article · Dec 2009 · IEEE Transactions on Vehicular Technology
Show more