poster on "An Efficient Improved Group Key Agreement Protocol Based on Diffie-Hellman Key Exchange "
Download as PPTX, PDF0 likes491 views
This document summarizes a seminar presentation on an improved group key agreement protocol based on Diffie-Hellman key exchange. The presentation introduces traditional group key generation methods, then describes the new protocol. It has one node act as a manager to build a complete binary tree from other nodes' key information. This reduces the time complexity of group key generation from O(Nlog2N) to O(N). The protocol also efficiently handles dynamic adding and removing of nodes. It was analyzed to be secure against man-in-the-middle attacks when combined with digital signatures.
poster on "An Efficient Improved Group Key Agreement Protocol Based on Diffie-Hellman Key Exchange "
- 1. A seminar on An Efficient Improved Group Key Agreement Protocol Based on Diffie-Hellman Key Exchange Presented By: Jayant Rajurkar M-Tech (CSE) 1 1
- 2. Introduction • Traditional group key generating methods using binary-tree performs efficiently when adding or deleting nodes dynamically. • when dealing with group key among multinodes in the Internet, their time complexity grows to O(Nlog2N). • an improved group key agreement protocol based on Diffie-Hellman key exchange, which can reduce the time complexity of this situation to O(N).
- 3. ALGORITHM DESCRIPTIONS • This method of rapidly generating group key has a differences in both generating and maintaining procedures. • first there is a managing node which is responsible for gathering and dispatching information of generating group key. • second the algorithm is different between managing node and nonmanaging node to maintain its binary-tree.
- 4. Select Managing Node we should select one node as managing node preferred to select the computer with the strongest capability a s the managing node If the m nodes are equal in their computing capability, selection will be carried on according to IP addresses IP address is an unsigned 32 bits integer, so we can select the one with the smallest or the largest as the managing node.
- 5. Generate Complete Binary-tree by Managing Node each non-managing node sends its Diffie-Hellman key exchanging “ingredient” to the managing node After receiving m-1 pieces of ingredients from others and adding its own ingredient, the managing node can generate and maintain a complete binary-tree inside its memory, also calculate the group key using the binary tree.
- 6. DYNAMICALLY ADDING AND DELETING Nodes’ Dynamically Adding No matter whether it is the managing node or nonmanaging node, the updating operation for adding new node will be completed within log2N layers in itself binary-tree for each node. After updating itself, the managing node takes its responsibility to send necessary updating information packages to other non-managing nodes.
- 7. • Nodes’ Dynamically Deleting Deletion of Non-Managing Nodes: The deletion of non-managing nodes is similar to the adding, beginning with updating the information stored in the managing node, followed by sending the necessary information selected by managing node to every nonmanaging node. Deletion of Managing Node: Before deleting the managing node, a new managing node should be selected first based on the selection regulation. The previous managing node transfers its binary-tree structure to the new managing node using the old group key.
- 8. PERFORMANCE ANALYSES • This method starts computing after gathering all the needed information, which means that each inner node is calculated only once. • As a consequence, the time complexity is log2N rather than the traditional Nlog2N. • The average time complexity for non-managing • Nodes may be much smaller than log2N, because the information stored in each non-managing node is limited to the minimum received from the managing node after its selection, which largely reduces the time cost in the nonmanaging nodes.
- 9. SECURITY ANALYSES • In terms of traditional Diffie-Hellman key-exchange protocol, there is a well-known attack -- MITM (Man-InThe-Middle Attack) • The traditional MITM attack can hardly validate to this method of group key generation. • One improved MITM can hijack all the communicating paths between the managing node and other nonmanaging nodes, which works by hijacking the managing node. • we can use digital signature technology to defeat this attack. • Adding digital signature based authentication technology to the DH based key exchange protocol also has been quite common and sophisticated.
- 10. Conclusion • It can effectively reduce overlapping computing, decrease the packages sending times, and cut the time complexity from O(Nlog2N) of traditional binary-tree method down to O(N). • The non-managing nodes still maintain basic binary-tree structure, which enhances the speed of dynamically adding and deleting nodes. • Deals with MITM attack, and come up with an effective solution to this attack.
- 11. THANK YOU……