Many modern computing environments involve dynamic peer groups. Distributed simulation, multi-user games, conferencing and replicated servers are just a few examples. Given the openness of today's networks, communication among group members must be secure and, at the same time, efficient. This paper studies the problem of authenticated key agreement in dynamic peer groups with the emphasis on efficient and provably secure key authentication, key confirmation and integrity. It begins by considering 2-party authenticated key agreement and extends the results to Group Diffie-Hellman key agreement. In the process, some new security properties (unique to groups) are discussed. 1 Introduction This paper is concerned with security services in the context of dynamic peer groups (DPGs). Such groups are common in many network protocol layers and in many areas of modern computing and the solution to their security needs, in particular key management, are still open research challenges [19]. Exa...

Multicast services and wireless interconnection networks are among the emerging technologies of the last decade. They drove the development of efficient one-to-many and many-to-many communication primitives and they raised the need for secure multicast services as well. On the other side, technology advances have made possible a wide spectrum of portable computing devices, ranging from fully equipped powerful laptop computers to hand held PDAs with non negligible interconnection and computing capabilities. A wealth of research has been separately performed in the areas of secure multicast and wireless interconnection networks. In this paper we investigate the issues of designing secure multicast services in wireless mobile environments for dynamic groups. We analyze the impact of host mobility on secure multicast and design protocols for key management in wireless environments for a variety of scenarios. Our solution relies on decoupling mobility management from group dynamic...

Establishing trust between a group of individuals remains a difficult problem. Prior works assume trusted infrastructure, require an individual to trust unknown entities, or provide relatively low probabilistic guarantees of authenticity (95% for realistic settings). This work presents SPATE, a primitive that allows users to establish trust via device mobility and physical interaction. Once the SPATE protocol runs to completion, its participants ’ mobile devices have authentic data that their applications can use to interact securely (i.e., the probability of a successful attack is 2 −24). For this work, we leverage SPATE as part of a larger system to facilitate efficient, secure, and user-friendly collaboration via email and file-sharing services. Our implementation of SPATE on Nokia N70 smartphones allows users to establish trust in small groups of up to eight users in less than one minute. The two example SPATE applications provide increased security with no overhead noticeable to users once keys are established.

We present a new secure authenticated group key exchange algorithm for large groups. The protocol

Establishing secure communication among a group of physically collocated people is a challenge. This problem can be reduced to establishing authentic public keys among all the participants – these public keys then serve to establish a shared secret symmetric key for encryption and authentication of messages. Unfortunately, in most real-world settings, public key infrastructures (PKI) are uncommon and distributing a secret in a public space is difficult. Thus, it is a challenge to exchange authentic public keys in a scalable, secure, and easy to use fashion. In this paper, we propose GAnGS, a protocol for the secure exchange of authenticated information among a group of people. In contrast to prior work, GAnGS resists Groupin-the-Middle and Sybil attacks by malicious insiders, as well as infiltration attacks by malicious bystanders. GAnGS is designed to be robust to user errors, such as miscounting the number of participants or incorrectly comparing checksums. We have implemented and evaluated GAnGS on Nokia N70 phones. The GAnGS system is viable and achieves a good balance between scalability, security, and ease of use. Categories and Subject Descriptors C.2.0 [Computer – Communication Networks]: General – security and protection;

Group communication is inherently a social activity. However, existing protocols for group key establishment often fail to consider important social dynamics. This paper examines the human requirements for wireless group key establishment. We identify seven social and situational factors which impact group formation. Using these factors, we examine the requirements of four common classes of group communications. Each scenario imposes a unique set of requirements on wireless group key establishment.

Establishing a secure communication channel among a group of people is highly desirable. Such a secure channel can be boostrapped by physically meeting and authentically exchanging public keys. Recently, a new class of group key exchange protocols [8,21] that leverage physical constraints on human mobility was proposed. In this paper, we present Ho-Po Key, a new protocol for the authentic exchange of information within a physically collocated group of people. Ho-Po Key introduces a novel technique for the verification of the security properties of the information collected by group members. Group members physically form a ring. The position in the ring of each member is randomly assigned based on the information collected from all members. While standing in the ring, members compare short word lists with their neighbors. The verification technique in Ho-Po Key detects attacks by both outsider and insider adversaries. Outsiders are detected by group members if they physically stand in the ring with other members. Similarly, attacks by insiders are detected since an insider is unable to stand simultaneously in two positions in the ring. We demonstrated that the verification within the ring is surprisingly easy and fast via user-studies. We implemented Ho-Po Key on Motorola A855 Droid and Apple iPhone 3GS smartphones. The iPhone application is submitted to the iPhone application store and is waiting for approval, whereas the Android application is freely available on the Android market store. 1.

A few group key protocols are analyzed, implemented and deployed, but the costs associated with them have been poorly understood. Their analysis of group key agreements performance is based on the cost of performing a single operation. In this paper we extend this analysis to examine the performance behavior of five group key protocols after execution of multiple operation. We report our experimental results for 100 operations consist of combinations of join, leave, mass join, mass leave, merge, and partition. In order to thoroughly compare the performance of five protocols, we simulate three group operations: join-leave-mass joinmass leave, merge-partition, and join-leave-mass join-mass leave-merge-partition to observe what is not apparent from the theoretical analysis. KEY WORDS group key management, group communications, cryptographic protocols 1

A large number of papers have proposed cryptographic protocols for establishing secure group communication. These protocols allow a set of group members to exchange or establish keys to encrypt and authenticate messages within the group. At the same time, individuals outside of the group cannot eavesdrop on group communication or inject messages. There have even been usability studies, demonstrating an average user can successfully complete some of these protocols. However, group protocols are rarely used in the real world. In this work, we conduct a survey to help uncover why the general population ignores such mechanisms for group communication. We also try to determine what protocols would best match respondents ’ current expectations for group protocols and methods for establishing trust. Survey results indicate that a group protocol that leverages location-limited channels, PKI, or Web-of-Trust authenticated public keys and allows addition and deletion of members fulfills the majority of users ’ expectations. 1

Abstract: Problem statement: As group key management extended into the area of large dynamic networks, complex issues emerged involving the many operations that run over several network topologies. The issues that occurred due to multiple topologies were also compounded by differing views of the network, taken at different time slices or positions within the network. This was especially complex when figuring in mobile, ad-hoc networks. View synchrony is the current operational technique, or assumption, applied to group key exchange protocols. However, before this analysis view synchrony was just that, an assumption and the literature for group key exchange lacked an inquiry into what could happen when view synchrony was removed. Current group key management protocols rely on view synchrony and yet all protocols vary in requisite operational descriptions and performance measures. In this study, a framework for group key management protocol operations and performance measures was defined and examined how that framework could be used to compare and contrast existing protocols with and, more importantly, without view synchrony. Approach: Current literature lacked categories by which to quantify the performance metric of the protocols. This study first defined the dynamic key operations that all protocols share. By these definitions, group key management protocols were directly compared. Once definitions existed, this study assembled a list