Key Management
SoS Newsletter- Advanced Book Block
Successful key management is critical to the security of any cryptosystem. It is perhaps the most difficult part of cryptography including as it does system policy, user training, organizational and departmental interactions, and coordination between all of these elements and includes dealing with the generation, exchange, storage, use, and replacement of keys, key servers, cryptographic protocols, and user procedures. For researchers, key management is a challenge to create larger scale and faster systems to operate within the cloud and other complex environments, while ensuring validity and not adding weight to the process. The research cited here was presented or published in the first half of 2014.
- Talawar, S.H.; Maity, S.; Hansdah, R.C., "Secure Routing with an Integrated Localized Key Management Protocol in MANETs," Advanced Information Networking and Applications (AINA), 2014 IEEE 28th International Conference on , vol., no., pp.605,612, 13-16 May 2014. doi: 10.1109/AINA.2014.74 A routing protocol in a mobile ad hoc network (MANET) should be secure against both the outside attackers which do not hold valid security credentials and the inside attackers which are the compromised nodes in the network. The outside attackers can be prevented with the help of an efficient key management protocol and cryptography. However, to prevent inside attackers, it should be accompanied with an intrusion detection system (IDS). In this paper, we propose a novel secure routing with an integrated localized key management (SR-LKM) protocol, which is aimed to prevent both inside and outside attackers. The localized key management mechanism is not dependent on any routing protocol. Thus, unlike many other existing schemes, the protocol does not suffer from the key management - secure routing interdependency problem. The key management mechanism is lightweight as it optimizes the use of public key cryptography with the help of a novel neighbor based handshaking and Least Common Multiple (LCM) based broadcast key distribution mechanism. The protocol is storage scalable and its efficiency is confirmed by the results obtained from simulation experiments.
Keywords: cryptographic protocols; mobile ad hoc networks; public key cryptography ;routing protocols; MANET; broadcast key distribution mechanism; integrated localized key management protocol; intrusion detection system; key management protocol; mobile ad hoc network; neighbor based handshaking and least common multiple; public key cryptography; routing protocol; routing security; Ad hoc networks; Authentication; Mobile computing; Public key; Routing; Routing protocols ;Intrusion Detection System (IDS); Key Management; Mobile Ad hoc Network (MANET); Secure Routing (ID#:14-2149)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6838720&isnumber=6838626
- Zhang, Ying; Pengfei, Ji, "An Efficient And Hybrid Key Management For Heterogeneous Wireless Sensor Networks," Control and Decision Conference (2014 CCDC), The 26th Chinese , vol., no., pp.1881,1885, May 31 2014-June 2 2014. doi: 10.1109/CCDC.2014.6852476 Key management is the core to ensure the communication security of wireless sensor network. How to establish efficient key management in wireless sensor networks (WSN) is a challenging problem for the constrained energy, memory, and computational capabilities of the sensor nodes. Previous research on sensor network security mainly considers homogeneous sensor networks with symmetric key cryptography. Recent researches have shown that using asymmetric key cryptography in heterogeneous sensor networks (HSN) can improve network performance, such as connectivity, resilience, etc. Considering the advantages and disadvantages of symmetric key cryptography and asymmetric key cryptography, the paper propose an efficient and hybrid key management method for heterogeneous wireless sensor network, cluster heads and base stations use public key encryption method based on elliptic curve cryptography (ECC), while using symmetric encryption method between adjacent nodes in the cluster. The analysis and simulation results show that the proposed key management method can provide better security, prefect scalability and connectivity with saving on storage space.
Keywords: Elliptic curve cryptography; Encryption; Energy consumption; Wireless sensor networks; Elliptic Curve Cryptography; Heterogeneous Wireless Sensor Networks; Key Management; Symmetric Encryption (ID#:14-2150)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6852476&isnumber=6852105
- Nicanfar, H.; Jokar, P.; Beznosov, K.; Leung, V.C.M., "Efficient Authentication and Key Management Mechanisms for Smart Grid Communications," Systems Journal, IEEE, vol.8, no.2, pp.629, 640, June 2014. doi: 10.1109/JSYST.2013.2260942 A smart grid (SG) consists of many subsystems and networks, all working together as a system of systems, many of which are vulnerable and can be attacked remotely. Therefore, security has been identified as one of the most challenging topics in SG development, and designing a mutual authentication scheme and a key management protocol is the first important step. This paper proposes an efficient scheme that mutually authenticates a smart meter of a home area network and an authentication server in SG by utilizing an initial password, by decreasing the number of steps in the secure remote password protocol from five to three and the number of exchanged packets from four to three. Furthermore, we propose an efficient key management protocol based on our enhanced identity-based cryptography for secure SG communications using the public key infrastructure. Our proposed mechanisms are capable of preventing various attacks while reducing the management overhead. The improved efficiency for key management is realized by periodically refreshing all public/private key pairs as well as any multicast keys in all the nodes using only one newly generated function broadcasted by the key generator entity. Security and performance analyses are presented to demonstrate these desirable attributes.
Keywords: authorization; cryptographic protocols; home networks; public key cryptography; smart power grids; authentication server; home area network; identity-based cryptography; initial password; key generator entity; key management protocol; management overhead; public key infrastructure; public-private key pairs; secure remote password protocol; smart grid communications; Enhanced identity-based cryptography (EIBC);key management; mutual authentication; secure remote password (SRP);security ;smart grid (SG); smart meter (SM) (ID#:14-2151)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6553352&isnumber=6819870
- Kodali, Ravi Kishore, "Key Management Technique for WSNs," Region 10 Symposium, 2014 IEEE , vol., no., pp.540,545, 14-16 April 2014. doi: 10.1109/TENCONSpring.2014.6863093 In Wireless sensor networks (WSNs), many tiny sensor nodes communicate using wireless links and collaborate with each other. The data collected by each of the nodes is communicated towards the gateway node after carrying out aggregation of the data by different nodes. It is necessary to secure the data collected by the WSN nodes while they communicate among themselves using multi hop wireless links. To meet this objective it is required to make use of energy efficient cryptographic algorithms so that the same can be ported over the resource constrained nodes. It is needed to create trust initially among the WSN nodes while using any of the cryptographic algorithms. Towards this, a key management technique needs to be made use of. Due to the resource constrained nature of the WSN nodes and the remote deployment of the nodes, an implementation of conventional key management techniques is infeasible. This work proposes a key management technique, with its reduced resource overheads, which is highly suited to be used in hierarchical WSN applications. Both Identity based key management (IBK) and probabilistic key pre-distribution schemes are made use of at different hierarchical levels. The proposed key management technique has been implemented using IRIS WSN nodes. A comparison of resource overheads has also been carried out.
Keywords: IBK; Key management; WSN; security (ID#:14-2152)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6863093&isnumber=6862973
- Jin Li; Xiaofeng Chen; Mingqiang Li; Jingwei Li; Lee, P.P.C.; Wenjing Lou, "Secure Deduplication with Efficient and Reliable Convergent Key Management," Parallel and Distributed Systems, IEEE Transactions on, vol.25, no.6, pp.1615,1625, June 2014. doi: 10.1109/TPDS.2013.284 Data deduplication is a technique for eliminating duplicate copies of data, and has been widely used in cloud storage to reduce storage space and upload bandwidth. Promising as it is, an arising challenge is to perform secure deduplication in cloud storage. Although convergent encryption has been extensively adopted for secure deduplication, a critical issue of making convergent encryption practical is to efficiently and reliably manage a huge number of convergent keys. This paper makes the first attempt to formally address the problem of achieving efficient and reliable key management in secure deduplication. We first introduce a baseline approach in which each user holds an independent master key for encrypting the convergent keys and outsourcing them to the cloud. However, such a baseline key management scheme generates an enormous number of keys with the increasing number of users and requires users to dedicatedly protect the master keys. To this end, we propose Dekey , a new construction in which users do not need to manage any keys on their own but instead securely distribute the convergent key shares across multiple servers. Security analysis demonstrates that Dekey is secure in terms of the definitions specified in the proposed security model. As a proof of concept, we implement Dekey using the Ramp secret sharing scheme and demonstrate that Dekey incurs limited overhead in realistic environments.
Keywords: cloud computing; private key cryptography; public key cryptography; storage management; Dekey; Ramp secret sharing scheme; baseline key management scheme; cloud storage; convergent encryption; data deduplication; reliable convergent key management; secure deduplication; security model; storage space reduction; Bismuth; Educational institutions;Encryption;Reliability;Servers;Deduplication;convergent encryption; key management; proof of ownership (ID#:14-2153)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6658753&isnumber=6814303
- Abdallah, W.; Boudriga, N.; Daehee Kim; Sunshin An, "An Efficient And Scalable Key Management Mechanism For Wireless Sensor Networks," Advanced Communication Technology (ICACT), 2014 16th International Conference on , vol., no., pp.687,692, 16-19 Feb. 2014. doi: 10.1109/ICACT.2014.6779051 A major issue to secure wireless sensor networks is key distribution. Current key distribution schemes are not fully adapted to the tiny, low-cost, and fragile sensors with limited computation capability, reduced memory size, and battery-based power supply. This paper investigates the design of an efficient key distribution and management scheme for wireless sensor networks. The proposed scheme can ensure the generation and distribution of different encryption keys intended to secure individual and group communications. This is performed based on elliptic curve public key encryption using Diffie-Hellman like key exchange and secret sharing techniques that are applied at different levels of the network topology. This scheme is more efficient and less complex than existing approaches, due to the reduced communication and processing overheads required to accomplish key exchange. Furthermore, few keys with reduced sizes are managed in sensor nodes which optimizes memory usage, and enhances scalability to large size networks.
Keywords: public key cryptography ;telecommunication network management; telecommunication network topology; telecommunication security; wireless sensor networks; Diffie-Hellman like key exchange; battery-based power supply; elliptic curve public key encryption; encryption keys; group communications; key distribution schemes; large size networks ;limited computation capability; network topology; processing overheads; reduced memory size; scalable key management mechanism; secret sharing techniques; secure wireless sensor networks; sensor nodes; Base stations; Elliptic curves; Public key; Sensors; Wireless sensor networks; Elliptic curve cryptography; Key management; Security; Wireless sensor networks (ID#:14-2154)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6779051&isnumber=6778899
- Vijayakumar, P.; Bose, S.; Kannan, A, "Chinese Remainder Theorem Based Centralized Group Key Management For Secure Multicast Communication," Information Security, IET , vol.8, no.3, pp.179,187, May 2014. doi: 10.1049/iet-ifs.2012.0352 Designing a centralized group key management with minimal computation complexity to support dynamic secure multicast communication is a challenging issue in secure multimedia multicast. In this study, the authors propose a Chinese remainder theorem-based group key management scheme that drastically reduces computation complexity of the key server. The computation complexity of key server is reduced to O(1) in this proposed algorithm. Moreover, the computation complexity of group member is also minimized by performing one modulo division operation when a user join or leave operation is performed in a multicast group. The proposed algorithm has been implemented and tested using a key-star-based key management scheme and has been observed that this proposed algorithm reduces the computation complexity significantly.
Keywords: communication complexity; multicast communication; multimedia communication; telecommunication security; Chinese remainder theorem; centralized group key management; computation complexity; secure multimedia multicast communication (ID#:14-2155)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6786958&isnumber=6786849
- Buchade, AR.; Ingle, R., "Key Management for Cloud Data Storage: Methods and Comparisons," Advanced Computing & Communication Technologies (ACCT), 2014 Fourth International Conference on , vol., no., pp.263,270, 8-9 Feb. 2014. doi: 10.1109/ACCT.2014.78 Cloud computing paradigm is being used because of its low up-front cost. In recent years, even mobile phone users store their data at Cloud. Customer information stored at Cloud needs to be protected against potential intruders as well as cloud service provider. There is threat to the data in transit and data at cloud due to different possible attacks. Organizations are transferring important information to the Cloud that increases concern over security of data. Cryptography is common approach to protect the sensitive information in Cloud. Cryptography involves managing encryption and decryption keys. In this paper, we compare key management methods, apply key management methods to various cloud environments and analyze symmetric key cryptography algorithms.
Keywords: cloud computing; cryptography; storage management; cloud computing paradigm; cloud data storage; cloud service provider; data security; decryption key management; encryption key management; potential intruders; sensitive information protection; symmetric key cryptography algorithms; Cloud computing; Communities; Memory; Organizations; Public key; Servers; Key management; applications; cloud scenarios; onsite cloud ;outsourced cloud; public cloud; symmetric key (ID#:14-2156)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6783462&isnumber=6783406
- Lalitha, T.; Devi, AJ., "Security in Wireless Sensor Networks: Key Management Module in EECBKM," Computing and Communication Technologies (WCCCT), 2014 World Congress on , vol., no., pp.306,308, Feb. 27 2014-March 1 2014. doi: 10.1109/WCCCT.2014.12 Wireless Sensor Networks (WSN) is vulnerable to node capture attacks in which an attacker can capture one or more sensor nodes and reveal all stored security information which enables him to compromise a part of the WSN communications. Due to large number of sensor nodes and lack of information about deployment and hardware capabilities of sensor node, key management in wireless sensor networks has become a complex task. Limited memory resources and energy constraints are the other issues of key management in WSN. Hence an efficient key management scheme is necessary which reduces the impact of node capture attacks and consume less energy. By simulation results, we show that our proposed technique efficiently increases packet delivery ratio with reduced energy consumption.
Keywords: telecommunication network management; telecommunication security; wireless sensor networks; EECBKM; WSN communication; energy constraint; energy consumption; key management module; limited memory resource; node capture attack; packet delivery ratio;s ecurity information; wireless sensor network; Authentication; Cryptography; Nickel; Routing; Routing protocols; Wireless sensor networks; Authentication; Key Management; Security (ID#:14-2157)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6755165&isnumber=6755083
- Gandino, F.; Montrucchio, B.; Rebaudengo, M., "Key Management for Static Wireless Sensor Networks With Node Adding," Industrial Informatics, IEEE Transactions on , vol.10, no.2, pp.1133,1143, May 2014. doi: 10.1109/TII.2013.2288063 Wireless sensor networks offer benefits in several applications but are vulnerable to various security threats, such as eavesdropping and hardware tampering. In order to reach secure communications among nodes, many approaches employ symmetric encryption. Several key management schemes have been proposed in order to establish symmetric keys. The paper presents an innovative key management scheme called random seed distribution with transitory master key, which adopts the random distribution of secret material and a transitory master key used to generate pairwise keys. The proposed approach addresses the main drawbacks of the previous approaches based on these techniques. Moreover, it overperforms the state-of-the-art protocols by providing always a high security level.
Keywords: cryptographic protocols; random processes; telecommunication network management; telecommunication security; wireless sensor networks; eavesdropping; hardware tampering; protocol; random seed distribution; secure communication; security threat; static wireless sensor network; symmetric encryption; symmetric key management scheme; transitory master key; Cryptography; Informatics; Knowledge engineering; Materials; Protocols; Wireless sensor networks; Key management; random key distribution; transitory master key; wireless sensor networks (WSNs) (ID#:14-2158)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6651779&isnumber=6809862
- Young Sil Lee; Alasaarela, E.; HoonJae Lee, "Secure Key Management Scheme Based On ECC Algorithm For Patient's Medical Information In Healthcare System," Information Networking (ICOIN), 2014 International Conference on , vol., no., pp.453,457, 10-12 Feb. 2014. doi: 10.1109/ICOIN.2014.6799723 Recent advances in Wireless Sensor Networks have given rise to many application areas in healthcare such as the new field of Wireless Body Area Networks. The health status of humans can be tracked and monitored using wearable and non-wearable sensor devices. Security in WBAN is very important to guarantee and protect the patient's personal sensitive data and establishing secure communications between BAN sensors and external users is key to addressing prevalent security and privacy concerns. In this paper, we propose secure and efficient key management scheme based on ECC algorithm to protect patient's medical information in healthcare system. Our scheme divided into three phases as setup, registration, verification and key exchange. And we use the identification code which is the SIM card number on a patient's smart phone with the private key generated by the legal use instead of the third party. Also to prevent the replay attack, we use counter number at every process of authenticated message exchange to resist.
Keywords: body area networks; health care; medical information systems; message authentication; public key cryptography; ECC algorithm; WBAN; authenticated message exchange; healthcare system; patient medical information protection; secure key management scheme; wireless body area networks; wireless sensor networks; Elliptic curve cryptography ;Elliptic curves; Medical services; Sensors; Wireless sensor networks; Elliptic curve Cryptography; body area sensor network security; healthcare security; key management; secure communication (ID#:14-2159)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6799723&isnumber=6799467
- Pura, Mihai Lica; Buchs, Didier, "A Self-Organized Key Management Scheme For Ad Hoc Networks Based On Identity-Based Cryptography," Communications (COMM), 2014 10th International Conference on , vol., no., pp.1,4, 29-31 May 2014. doi: 10.1109/ICComm.2014.6866683 Abstract: Ad hoc networks represent a very modern technology for providing communication between devices without the need of any prior infrastructure set up, and thus in an "on the spot" manner. But there is a catch: so far there isn't any security scheme that would suit the ad hoc properties of this type of networks and that would also accomplish the needed security objectives. The most promising proposals are the self-organized schemes. This paper presents a work in progress aiming at developing a new self-organized key management scheme that uses identity based cryptography for making impossible some of the attacks that can be performed over the schemes proposed so far, while preserving their advantages. The paper starts with a survey of the most important self-organized key management schemes and a short analysis of the advantages and disadvantages they have. Then, it presents our new scheme, and by using informal analysis, it presents the advantages it has over the other proposals.
Keywords: ad hoc networks; identity based cryptography; key management; security; self-organization (ID#:14-2160)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6866683&isnumber=6866648
- Tang, S.; Xu, L.; Liu, N.; Huang, X.; Ding, J.; Yang, Z., "Provably Secure Group Key Management Approach Based upon Hyper-Sphere," Parallel and Distributed Systems, IEEE Transactions on, vol. PP, no.99, pp.1,1, January 2014. doi: 10.1109/TPDS.2013.2297917 This supplementary file consists of three sections. In Section I, a theorem is presented to prove that the number of points on a hyper-sphere over finite field GF(p) is at least pN1 for a given hyper-sphere determined by C = (c0; c1; : : : ; cN) 2 GF(p)N+1 and R 2 GF(p), where p is a prime. In Section II, a concrete algorithm to find a point on a hyper-sphere is constructed. In Section III, two lemmas and a theorem are proposed and proven, then the security of the proposed group key management scheme is proven formally.
Keywords: Algorithm design and analysis; Concrete; Educational institutions; Galois fields; Protocols; Security; Vectors (ID#:14-2161)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6714432&isnumber=4359390
- Jian Zhou, Liyan Sun, Xianwei Zhou, Junde Song, "High Performance Group Merging/Splitting Scheme for Group Key Management," Wireless Personal Communications: An International Journal, Volume 75 Issue 2, March 2014, Pages 1529-1545. doi>10.1007/s11277-013-1436-x The group merging/splitting event is different to the joining/leaving events in which only a member joins or leaves group, but in the group merging/splitting event two small groups merge together into a group or a group is divided into two independent parts. Rekeying is an importance issue for key management whose target is to guarantee forward security and backward security in case of membership changes, however rekeying efficiency is related to group scale in most existing group key management schemes, so as to those schemes are not suitable to the applications whose rekeying time delay is limited strictly. In particular, multiple members are involved in the group merging/splitting event, thus the rekeying performance becomes a worried problem. In this paper, a high performance group merging/splitting group key management scheme is proposed based on an one-encryption-key multi-decryption-key key protocol, in the proposed scheme each member has an unique decryption key that is corresponding to a common encryption key so as to only the common encryption key is updated when the group merging/splitting event happens, however the secret decryption key still keeps unchanged. In efficiency aspect, since no more than a message on merging/splitting event is sent, at time the network load is reduced since only a group member's key material is enough for other group members to agree a fresh common encryption key. In security aspect, our proposed scheme achieves the key management security requirements including passive security, forward security, backward security and key independence. Therefore, our proposed scheme is suitable to the dynamitic networks that the rekeying time delay is limited strictly such as tolerate delay networks.
Keywords: Group key management, Group merging/splitting operation, One-encryption-key multi-decryption-key key protocol, Rekeying, Time delay (ID#:14-2162)
URL: http://dl.acm.org/citation.cfm?id=2583852.2583893&coll=DL&dl=GUIDE&CFID=397708923&CFTOKEN=12634367 or http://dx.doi.org/10.1007/s11277-013-1436-x
- Vanga Odelu, Ashok Kumar Das, Adrijit Goswami, "A Secure Effective Key Management Scheme For Dynamic Access Control In A Large Leaf Class Hierarchy," Information Sciences: an International Journal, Volume 269, June, 2014, Pages 270-285. doi>10.1016/j.ins.2013.10.022 Lo et al. (2011) proposed an efficient key assignment scheme for access control in a large leaf class hierarchy where the alternations in leaf classes are more frequent than in non-leaf classes in the hierarchy. Their scheme is based on the public-key cryptosystem and hash function where operations like modular exponentiations are very much costly compared to symmetric-key encryptions and decryptions, and hash computations. Their scheme performs better than the previously proposed schemes. However, in this paper, we show that Lo et al.'s scheme fails to preserve the forward security property where a security class C"x can also derive the secret keys of its successor classes C"j's even after deleting the security class C"x from the hierarchy. We aim to propose a new key management scheme for dynamic access control in a large leaf class hierarchy, which makes use of symmetric-key cryptosystem and one-way hash function. We show that our scheme requires significantly less storage and computational overheads as compared to Lo et al.'s scheme and other related schemes. Through the informal and formal security analysis, we further show that our scheme is secure against all possible attacks including the forward security. In addition, our scheme supports efficiently dynamic access control problems compared to Lo et al.'s scheme and other related schemes. Thus, higher security along with low storage and computational costs make our scheme more suitable for practical applications compared to other schemes.
Keywords: Access control, Hash function, Hierarchy, Key management, Security, Symmetric-key cryptosystem (ID#:14-2163)
URL: http://dl.acm.org/citation.cfm?id=2598931.2599025&coll=DL&dl=GUIDE&CFID=397708923&CFTOKEN=12634367 or http://dx.doi.org/10.1016/j.ins.2013.10.022
- Alireza T. Boloorchi, M. H. Samadzadeh, T. Chen, "Symmetric Threshold Multipath (STM): An Online Symmetric Key Management Scheme," Information Sciences: an International Journal, Volume 268, June, 2014, Pages 489-504. doi>10.1016/j.ins.2013.12.017 The threshold secret sharing technique has been used extensively in cryptography. This technique is used for splitting secrets into shares and distributing the shares in a network to provide protection against attacks and to reduce the possibility of loss of information. In this paper, a new approach is introduced to enhance communication security among the nodes in a network based on the threshold secret sharing technique and traditional symmetric key management. The proposed scheme aims to enhance security of symmetric key distribution in a network. In the proposed scheme, key distribution is online which means key management is conducted whenever a message needs to be communicated. The basic idea is encrypting a message with a key (the secret) at the sender, then splitting the key into shares and sending the shares from different paths to the destination. Furthermore, a Pre-Distributed Shared Key scheme is utilized for more secure transmissions of the secret's shares. The proposed scheme, with the exception of some offline management by the network controller, is distributed, i.e., the symmetric key setups and the determination of the communication paths is performed in the nodes. This approach enhances communication security among the nodes in a network that operates in hostile environments. The cost and security analyses of the proposed scheme are provided.
Keywords: Multipath communication, Online key distribution, Symmetric key management, Threshold secret sharing (ID#:14-2164)
URL: http://dl.acm.org/citation.cfm?id=2598944.2599220&coll=DL&dl=GUIDE&CFID=397708923&CFTOKEN=12634367 or http://dx.doi.org/10.1016/j.ins.2013.12.017
- Holger Kuehner, Hannes Hartenstein, "Spoilt for Choice: Graph-Based Assessment Of Key Management Protocols To Share Encrypted Data," CODASPY '14 Proceedings of the 4th ACM conference on Data and Application Security And Privacy, March 2014, Pages 147-150. doi>10.1145/2557547.2557583 Sharing data with client-side encryption requires key management. Selecting an appropriate key management protocol for a given scenario is hard, since the interdependency between scenario parameters and the resource consumption of a protocol is often only known for artificial, simplified scenarios. In this paper, we explore the resource consumption of systems that offer sharing of encrypted data within real-world scenarios, which are typically complex and determined by many parameters. For this purpose, we first collect empirical data that represents real-world scenarios by monitoring large-scale services within our organization. We then use this data to parameterize a resource consumption model that is based on the key graph generated by each key management protocol. The preliminary simulation runs we did so far indicate that this key-graph based model can be used to estimate the resource consumption of real-world systems for sharing encrypted data.
Keywords: key management protocols, workloads (ID#:14-2165)
URL: http://dl.acm.org/citation.cfm?id=2557547.2557583&coll=DL&dl=GUIDE&CFID=397708923&CFTOKEN=12634367 or http://doi.acm.org/10.1145/2557547.2557583
- Damiano Macedonio, Massimo Merro, "A Semantic Analysis Of Key Management Protocols For Wireless Sensor Networks," Science of Computer Programming, Volume 81, February, 2014, Pages 53-78. doi>10.1016/j.scico.2013.01.005 Gorrieri and Martinelli's timed Generalized Non-Deducibility on Compositions (tGNDC) schema is a well-known general framework for the formal verification of security protocols in a concurrent scenario. We generalise the tGNDC schema to verify wireless network security protocols. Our generalisation relies on a simple timed broadcasting process calculus whose operational semantics is given in terms of a labelled transition system which is used to derive a standard simulation theory. We apply our tGNDC framework to perform a security analysis of three well-known key management protocols for wireless sensor networks: @mTESLA, LEAP+ and LiSP.
Keywords: Key management protocol, Process calculus, Security analysis, Wireless sensor networks (ID#:14-2170)
URL: http://dl.acm.org/citation.cfm?id=2565891.2566132&coll=DL&dl=GUIDE&CFID=397708923&CFTOKEN=12634367 or http://dx.doi.org/10.1016/j.scico.2013.01.005
Note:
Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to SoS.Project (at) SecureDataBank.net for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.