Admission and Access Control in Secure Group Communication

1
Admission and Access Control in Secure
GroupCommunication

• Mini Project Presentation By
• Pratyush Chandra
• 03D05003
• Under Guidance of
• Prof. Bernard Menezes
• Nov. 20,2006

2
Overview of Talk

• Introduction to Secure Group Communication (SGC)
• Components of SGC
• Admission Control
• Group Key Management
• Authentication
• Access Control
• SGC based on hierarchical access control scheme
• Thought Scenario
• Framework
• Implementation
• Conclusion

3
Introduction

• Group applications and services are very common
  in today's computing.
• Examples of group application are multi-chat,
  video conferencing, multiplayer gaming,
  cooperative mirroring of information etc.
• Lot of popular Peer-to-Peer (P2P) networks such
  as Napster, Gnutella, KaZaA, Chord, Pastry,
  Tapestry, CAN, Tulip etc. have emerged.
• The popularity of the P2P group application
  prompts the need for specialized security
  services which makes P2P group security an
  important topic.

4
Components of SGC

• Admission Control
• How a new peer becomes a member of a secure
  group.
• Key Management
• Protocol used by group members to generate and
  distribute group keys.
• Authentication
• The authentication module verifies that a peer
  group member is who it claims to be.
• Access Control
• Only peers with appropriate attributes must be
  able to access different group services.

5
Group Key Management Protocols

• Protocols used for maintaining and distributing
  group keys are termed as Group Key Management
  Protocols (GKMP).
• Group keys can be used for making the
  communication secure among group members.
• The main concern is distribution of these
  cryptographic keys.

6
Categories of GKMP

• Centralized group key management protocols
• A single entity is employed for controlling the
  whole group.
• Decentralized group key management protocols
• The management of a large group is divided among
  subgroup managers, trying to minimize the problem
  of concentrating the work in a single place.
• Distributed group key management protocols
• There is no explicit Key Distribution Center
  (KDC), and the members themselves do the key
  generation. It is done by partial contribution of
  each members.

7
Requirements of GKMP

• Forward Secrecy
• Leaving member should not be able to access any
  future key and hence unable to decrypt any
  communication.
• Backward Secrecy
• Any new joining member should not have access to
  any previous keys.
• Collusion Freedom
• Current session key should not be deducible by
  any outsider.
• Key Independence
• Disclosure of a key should not compromise other
  keys.
• Minimal Delay
• Group key should be computed in minimal amount of
  time.

8
STR Protocol (Distributed GKMP)

• Why we have chosen ?
• It totally decentralized and based on equal
  contributions from all the members.
• It provides basic requirements like forward
  secrecy, backward secrecy and key independence.
• It also requires smaller number of unicasts and
  multicasts to compute a new group key after a
  member leave or join. Hence it is quite efficient
  for our thought scenario.

9
STR Protocol

• Unbalanced tree of height n-1 where n is current
  group size.
• Final group key
• Important Recurrence
• All bris and bkis are known to
• all members.

10
STR Protocol (Cont.)

• Initialization
• M1 computes
• M1 broadcasts all bkis to members
• Each member then computes the
• group key from bkis.
• For ex
• M3 computes

11
STR Protocol (Cont.)

• Join
• M5 broadcasts br5 to all members.
• Each member then computes
• new key.
• M4 sends all previous bris and bkis
• to M5 who then computes
• new key k5.

12
STR Protocol (Cont.)

• Leave
• If Mn leaves then Mn-1 takes
• responsibility to create new key.
• Everybody renumbers the node.
• Mn-1 selects new random key
• rn-1. Computes all bkis and
• broadcasts it to all members.

13
Thought Scenario

• Consider a scenario of multi chat application
  used in a university.
• A secure group is formed for this application.
• User may join this group based on their identity
  say Student, Professor and Director.
• Admission control requirements are as follows
• Identity of joining member should be verified.
• Majority of the current group members should
  agree on new members join request.
• A high hierarchy member may wish to join group at
  low hierarchical level. This should be
  acceptable.
• Access control requirements are as follows
• If a high profile user wants to join the group
  then he should be directly allowed.
• Conversations between one hierarchy members
  should not be understandable by other hierarchy.

14
Identity Verification

• There is a central server which maintains a list
  of all the Students, Professors and Directors.
• This server also keeps the public key of all the
  university people.
• People inside university can contact this server
  and verify anybodies identity as well as get
  public keys.

15
Joining and Admission Control

• N wishes to join the group and communicates with
  an existing member M.
• M firstly verifies the identity of N.
• Next it checks if the N's hierarchy level is
  higher than any of the existing members.
• If it is true then voting is not considered.
• Otherwise M initiates polling and collects votes
  from all the current group members.
• N is allowed to join only if total positive votes
  received are greater than a specified threshold T
  (say 50)
• Next a certificate credential is sent to the
  requester by group administrator G.

16
Access Control

• Achieved by maintaining different keys (Kl) for
  different hierarchical level.
• All the members from level Hl communicate among
  themselves by encrypting messages with Kl.
• When N joins group rekeying is done for N's
  hierarchical level (Hl).
• Used STR distributed key management protocol.
• When N joins/leaves the group, controller
  corresponding to level Hl manages the rekeying
  operation.

17
Implementation

• We implemented these admission and access control
  policies using Java programming language.
• Our application is developed on top of JXTA
  technology.
• JXTA provides base level framework for forming
  virtual P2P groups, advertising and receiving
  events.

18
Implementation

• Group Initialization
• Group administrator G initializes a new secure
  group and regularly publishes the group
  advertisement into the network. The group
  advertisement contains description and membership
  policy of that group.
• We defined a new membership policy based on X509
  certificate verification.
• Since an X509 certificate is issued as credential
  by group administrator G, the admission control
  is controlled by this new membership policy.
• Also the X509 certificate is sent in a secure
  manner by encrypting it with RSA public key of
  requester N. This RSA public key is retrieved
  from the central server.

19
Implementation

• Searching Group Advertisements
• Each member in the secure group broadcasts the
  group advertisement as well as personal
  advertisements.
• Personal advertisement contains the contact
  information of that peer.
• So if a new member N finds a personal
  advertisement from a existing member M of group
  then N can directly send a join request to M.

20
Implementation

• Processing Join Request (Phase I)
• On receiving join request, M communicates with
  central server for identity verification. Based
  on static admission policy either N is directly
  allowed or voting is carried out.
• Both the processes, contacting central server and
  voting is carried out in a secure manner by
  encrypting communication with receivers RSA
  public key. If N is allowed then G issues a X509
  certificate to N.
• N plugs this X509 certificate into the membership
  service of group. The membership service verifies
  whether this certificate is issued by G only. On
  successful verification N can listen and send
  messages within the new group joined.

21
Implementation

• Processing Join Request (Phase II)
• Issuing X509 certificate is only one half the
  portion of member join.
• On a successful member join using X509
  credential, group rekey at level Hl is performed
  by a series of unicasts and multicasts.
• Finally member communicate using DES encryption
  with key Kl corresponding to their level. This
  completes the join process.

22
Implementation Results
23
Conclusion from Implementation

• Unicasting is made very efficient in JXTA.
• Multicasting is not very reliable.
• Many a time multicasts is not received by group
  members. This makes the rekeying algorithm as
  well as communication messages slow and error
  prone.
• Refresh rate also effects the rekey protocol.

24
Conclusion

• We have attempted to make the framework as
  decentralized as possible, which avoids single
  point of failure and enforce equal trust among
  group members.
• Notion of subgroups for different hierarchies is
  achieved by maintaining separate keys at each
  level.
• This saves the time against forming a new group
  altogether for accessing new restricted group
  services.

25
Future Work

• We would try to incorporate dynamic admission and
  access control policies into our existing
  framework.
• Currently rekeying is done at particular
  hierarchy level Hl of joining/leaving level. This
  can be modified to series of rekeying for all the
  levels Hi lt Hl. This will enable all the low
  hierarchy level group services accessible by
  group members.
• We also intend to minimize the number of rekeying
  operations in a join process. Instead of rekeying
  on each join, a batch rekeying concept can be
  introduced.

26
Bibliography

• 1 Y.Kim,A. Perrig, and G. Tsudik,Communication
  -Efficient group Key Agreement," IFIP SEC, June
  2001.
• 2 Yu Zhang, Xianxian Li, Jinpeng Huai and
  Yunhao Liu, Access Control in Peer-to-Peer
  Collaborative Systems," 25th IEEE International
  Conference on Distributed Computing Systems
  Workshops, 2005.
• 3 Michael Steiner, Gene Tsudik and Michael
  Waidner,Die-Hellman Key Distribution Extended to
  Group Communication," ACM Conference on Computer
  and Communications Security, 1996.
• 4 Yacine Challal and Hamida Seba, Group Key
  Management Protocols A Novel Taxonomy".
• 5 Nitesh Saxena, Gene Tsudik and Jeong Hyun
  Yi, Admission Control in Peer-to-Peer Design
  and Performance Evaluation," Proceedings of the
  1st ACM workshop on Security of ad hoc and sensor
  networks,2003
• 6 Li Gong, Project JXTA A Technology
  Overview, http//www.jxta.org/project/www/docs/Te
  chOverview.pdf, 2002.
• 7 Sun Microsystems Project JXTA v2.3.xJava
  Programmer's Guide," http//www.jxta.org/, 2005

27
Screen Shots
28
Screen Shots
29
Screen Shots
30
Screen Shots
31
Screen Shots
32
Screen Shots
33
Screen Shots