140 likes | 224 Vues
Dynamic Conferences - Extension to Broadcasting Encryption -. 2005 . 11 . 18 By Abedelaziz Mohaisen. Reference. Perfectly-Secure Key Distribution for Dynamic Conferences, C. Blundo, A. De Santis, A. Herzberg, Sh. Kutten, U. Vaccaro, M Yung. Crypto’92, LNCS 740, PP. 471-486 -1993.
E N D
Dynamic Conferences - Extension to Broadcasting Encryption - 2005 . 11 . 18 By Abedelaziz Mohaisen
Reference Perfectly-Secure Key Distribution for Dynamic Conferences, C. Blundo, A. De Santis, A. Herzberg, Sh. Kutten, U. Vaccaro, M Yung. Crypto’92, LNCS 740, PP. 471-486 -1993 Good News ! Our Paper for EWSN’2006 was accepted by 3/3 reviewers voices (10/12), Conference Chances: 21/133 ->15% acceptance ratio. “Interesting use of hierarchical grid and detailed mathematical reasoning “
Contents Part I - Background • Interactive Vs Non-Interactive Key Distribution • Conference Key Distribution • Protocols for Key Distribution • P1: non-interactive k-secure t-conferences KDS • P2: onetime interactive k-secure t-conferences KDS • P3: non-interactive k-secure KDS for a communication structure C • Applications Part II – Slight modification • Motivation • Requirements • Comparable features. • Communication • Memory • Security
Types of KDS • Interactive KDS • Definition • Prosperities • Cost (C-S-C-M Cost) • Non-Interactive KDS • Definition • Prosperities • Cost (C-S-C-M Cost)
Applications • Client/Server applications • Multi-level Hierarchical Polynomial • Uses for Internetworking • Additional Control Variables • Time Stamps • Group Membership • Access Control Permissions
Part 2 • Motivation • Requirements • Comparable features. • Communication • Memory • Security
Motivation • Conceptually, the applied protocols for the KDS can be used for the BE. • Recall Protocol 1 of the non-interactive KDS, what is its problem ? • Don’t propose a solution for new parties joining the session greater than n.. • Uses an ID without pointing the cost of the ID storage for the huge network • However, Perfectly secure and efficient till some secure threshold value. Which value ? • modifications: • Consider: • For a system of n parties, that is dynamically change and has limited leaving parties. (what limit ?) • Cheap Memory Chips are available. (we don’t need to worry about the extra storage) • Communication reduction is much important than anything else. Why ?
We shall provide .. • For a comm. system of size n, each party in the system is provided by: • 2n-multivariable polynomial. (Symmetric) • Structural ID that can be used to generate other’s IDs • IDs of the Parties that are already out of the communication session. • The current size of the communication set. …..
Where is BE ? • The Central Server has monitoring information about the system. Possible? • Central Server Encrypt a message of size M by some key K. Which Key? • Broadcast the Encrypted Message (only the message) to all of the system parties. • Each party use its own key to encrypt the message, Which key? • Key Generation: • By the ID structure information, the size of the communication set, and the parties who’re not online now, each party constructs the different IDs, • Each party evaluate the different IDs in the 2n-multivariable polynomial, what about other available variables ? • Substitute the not-used variables using considerable constant, say 1. • This job is to performed on the parties and the server sides.
Comparable features • It will well-explain dynamic mechanisms for: • Joining. • Leaving. • Free Variables Evaluation. • What about the ID? • Cost of : • Communication • Memory • IDs + Polynomial + Leaving Parties … • Can’t be reduced ? • Security. • K+t+1 for the original one, what about our modification ?
Conclusion • Introduced KDS and Protocols Types • Introduced the KDS Protocols • Introduced a possibility to modify the KDS protocol and to use in BE. • Roughly we described the main points of our scheme. • Next Job Is… • Any Question …? • Comments ? • Thanks for listening.