GKMPAN

An efficient group rekeying scheme for secure multicast in ad-hoc networks

Sencun Zhu, Sanjeev Setia, Shouhuai Xu, Sushil Jajodia

Research output: Contribution to journalArticle

21 Citations (Scopus)

Abstract

We present GKMPAN, an efficient and scalable group rekeying protocol for secure multicast in ad hoc networks. Our protocol exploits the property of ad hoc networks that each member of a group is both a host and a router, and distributes the group key to member nodes via a secure hop-by-hop propagation scheme. A probabilistic scheme based on pre-deployed symmetric keys is used for implementing secure channels between members for group key distribution. GKMPAN also includes a novel distributed scheme for efficiently updating the pre-deployed keys. GKMPAN has three attractive properties. First, it is significantly more efficient than group rekeying schemes that were adapted from those proposed for wired networks. Second, GKMPAN has the property of partial statelessness; that is, a node can decode the current group key even if it has missed a certain number of previous group rekeying operations. This makes it very attractive for ad hoc networks where nodes may lose packets due to transmission link errors or temporary network partitions. Third, in GKMPAN the key server does not need any information about the topology of the ad hoc network or the geographic location of the members of the group. We study the security and performance of GKMPAN through detailed analysis and simulation; we have also implemented GKMPAN in a sensor network testbed.

Original languageEnglish (US)
Pages (from-to)301-325
Number of pages25
JournalJournal of Computer Security
Volume14
Issue number4
DOIs
StatePublished - Jan 1 2006

Fingerprint

Ad hoc networks
Network protocols
Testbeds
Routers
Sensor networks
Servers
Topology

All Science Journal Classification (ASJC) codes

  • Software
  • Safety, Risk, Reliability and Quality
  • Hardware and Architecture
  • Computer Networks and Communications

Cite this

Zhu, Sencun ; Setia, Sanjeev ; Xu, Shouhuai ; Jajodia, Sushil. / GKMPAN : An efficient group rekeying scheme for secure multicast in ad-hoc networks. In: Journal of Computer Security. 2006 ; Vol. 14, No. 4. pp. 301-325.
@article{80d364e25414437390e1e436ed3f9d0a,
title = "GKMPAN: An efficient group rekeying scheme for secure multicast in ad-hoc networks",
abstract = "We present GKMPAN, an efficient and scalable group rekeying protocol for secure multicast in ad hoc networks. Our protocol exploits the property of ad hoc networks that each member of a group is both a host and a router, and distributes the group key to member nodes via a secure hop-by-hop propagation scheme. A probabilistic scheme based on pre-deployed symmetric keys is used for implementing secure channels between members for group key distribution. GKMPAN also includes a novel distributed scheme for efficiently updating the pre-deployed keys. GKMPAN has three attractive properties. First, it is significantly more efficient than group rekeying schemes that were adapted from those proposed for wired networks. Second, GKMPAN has the property of partial statelessness; that is, a node can decode the current group key even if it has missed a certain number of previous group rekeying operations. This makes it very attractive for ad hoc networks where nodes may lose packets due to transmission link errors or temporary network partitions. Third, in GKMPAN the key server does not need any information about the topology of the ad hoc network or the geographic location of the members of the group. We study the security and performance of GKMPAN through detailed analysis and simulation; we have also implemented GKMPAN in a sensor network testbed.",
author = "Sencun Zhu and Sanjeev Setia and Shouhuai Xu and Sushil Jajodia",
year = "2006",
month = "1",
day = "1",
doi = "10.3233/JCS-2006-14401",
language = "English (US)",
volume = "14",
pages = "301--325",
journal = "Journal of Computer Security",
issn = "0926-227X",
publisher = "IOS Press",
number = "4",

}

GKMPAN : An efficient group rekeying scheme for secure multicast in ad-hoc networks. / Zhu, Sencun; Setia, Sanjeev; Xu, Shouhuai; Jajodia, Sushil.

In: Journal of Computer Security, Vol. 14, No. 4, 01.01.2006, p. 301-325.

Research output: Contribution to journalArticle

TY - JOUR

T1 - GKMPAN

T2 - An efficient group rekeying scheme for secure multicast in ad-hoc networks

AU - Zhu, Sencun

AU - Setia, Sanjeev

AU - Xu, Shouhuai

AU - Jajodia, Sushil

PY - 2006/1/1

Y1 - 2006/1/1

N2 - We present GKMPAN, an efficient and scalable group rekeying protocol for secure multicast in ad hoc networks. Our protocol exploits the property of ad hoc networks that each member of a group is both a host and a router, and distributes the group key to member nodes via a secure hop-by-hop propagation scheme. A probabilistic scheme based on pre-deployed symmetric keys is used for implementing secure channels between members for group key distribution. GKMPAN also includes a novel distributed scheme for efficiently updating the pre-deployed keys. GKMPAN has three attractive properties. First, it is significantly more efficient than group rekeying schemes that were adapted from those proposed for wired networks. Second, GKMPAN has the property of partial statelessness; that is, a node can decode the current group key even if it has missed a certain number of previous group rekeying operations. This makes it very attractive for ad hoc networks where nodes may lose packets due to transmission link errors or temporary network partitions. Third, in GKMPAN the key server does not need any information about the topology of the ad hoc network or the geographic location of the members of the group. We study the security and performance of GKMPAN through detailed analysis and simulation; we have also implemented GKMPAN in a sensor network testbed.

AB - We present GKMPAN, an efficient and scalable group rekeying protocol for secure multicast in ad hoc networks. Our protocol exploits the property of ad hoc networks that each member of a group is both a host and a router, and distributes the group key to member nodes via a secure hop-by-hop propagation scheme. A probabilistic scheme based on pre-deployed symmetric keys is used for implementing secure channels between members for group key distribution. GKMPAN also includes a novel distributed scheme for efficiently updating the pre-deployed keys. GKMPAN has three attractive properties. First, it is significantly more efficient than group rekeying schemes that were adapted from those proposed for wired networks. Second, GKMPAN has the property of partial statelessness; that is, a node can decode the current group key even if it has missed a certain number of previous group rekeying operations. This makes it very attractive for ad hoc networks where nodes may lose packets due to transmission link errors or temporary network partitions. Third, in GKMPAN the key server does not need any information about the topology of the ad hoc network or the geographic location of the members of the group. We study the security and performance of GKMPAN through detailed analysis and simulation; we have also implemented GKMPAN in a sensor network testbed.

UR - http://www.scopus.com/inward/record.url?scp=33750258287&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=33750258287&partnerID=8YFLogxK

U2 - 10.3233/JCS-2006-14401

DO - 10.3233/JCS-2006-14401

M3 - Article

VL - 14

SP - 301

EP - 325

JO - Journal of Computer Security

JF - Journal of Computer Security

SN - 0926-227X

IS - 4

ER -