| Preface | p. vii |
| Introduction | p. 1 |
| Book Overview | p. 3 |
| Centralized Multi-user Key Management | p. 7 |
| Basic Multicast Information Theory | p. 7 |
| Overview of Multicast Key Management | p. 11 |
| Requirements for Centralized Group Key Management | p. 13 |
| Basic Polynomial Interpolation Scheme | p. 15 |
| Resistance to Attack | p. 17 |
| Anonymity Reduces Communication Overhead | p. 18 |
| Extending to a Scalable Protocol | p. 19 |
| Basic Protocol Primitives | p. 21 |
| Advanced Protocol Operations | p. 23 |
| Architectural Considerations | p. 26 |
| Optimization of Tree Degree for Communication | p. 26 |
| Binomial Occupancy Model | p. 30 |
| Communication Overhead | p. 32 |
| Computational Complexity | p. 35 |
| Chapter Summary | p. 36 |
| Group Key Agreement Techniques in Heterogeneous Networks | p. 39 |
| Introduction | p. 39 |
| Group DH Overview | p. 41 |
| Conference Trees and the Butterfly Scheme | p. 43 |
| Computational Considerations | p. 49 |
| Minimizing Total Cost | p. 49 |
| Budget Constraints | p. 51 |
| Combined Budget and Cost Optimization | p. 54 |
| Efficiency and Feasibility Evaluation | p. 56 |
| Comparison of Total Cost | p. 56 |
| Feasibility Comparison | p. 58 |
| System Sensitivity to False Costs | p. 62 |
| Sensitivity to Approximate Costs | p. 62 |
| Sensitivity to Costs from Untrusty Users | p. 64 |
| Chapter Summary | p. 68 |
| Optimizing Rekeying Costs in Group Key Agreement | p. 71 |
| Join-Exit Tree for Reducing Latency in Key Agreement Protocols | p. 72 |
| Time-efficiency Measurement | p. 72 |
| Join-Exit Tree (JET) Topology | p. 73 |
| The Join Tree Algorithm | p. 74 |
| The Exit Tree Algorithm | p. 80 |
| Performance Analysis | p. 83 |
| Optimizing Rekeying Cost | p. 85 |
| Performance Metric Review | p. 85 |
| PFMH Key Tree Structure and Basic Procedures | p. 87 |
| PACK: an PFMH tree-based contributory group key agreement | p. 97 |
| Performance Evaluation and Comparison | p. 107 |
| Contributory Group Key Agreement with Key Validation | p. 109 |
| Chapter Summary | p. 110 |
| Optimizing Multicast Key Management for Cellular Multicasting | p. 113 |
| Targeting Property of Rekeying Messages | p. 114 |
| Topology-aware Key Management | p. 115 |
| Topology-aware Key Management in Cellular Wireless Network | p. 115 |
| Key Tree Design | p. 116 |
| Performance Metrics | p. 117 |
| Handoff Schemes for TMKM Tree | p. 118 |
| Performance Analysis | p. 122 |
| Separability of the Optimization Problem | p. 126 |
| Optimizing TMKM Tree Design | p. 127 |
| Dynamic membership model | p. 128 |
| ALX tree structure | p. 129 |
| User subtree design | p. 132 |
| BS subtree design | p. 133 |
| SH subtree design | p. 134 |
| Performance Evaluation | p. 136 |
| One-SH systems | p. 136 |
| SH subtree design methods | p. 139 |
| Multiple-SH systems | p. 140 |
| Chapter Summary | p. 142 |
| Key Management and Distribution for Securing Multimedia Multicasts | p. 143 |
| A Basic Key Management Scheme | p. 145 |
| Key Refreshing | p. 146 |
| Member Join | p. 147 |
| Member Departure | p. 147 |
| Distribution of Rekeying Messages for Multimedia | p. 148 |
| Media-Independent Channel | p. 150 |
| Media-Dependent Channel | p. 152 |
| An Improved Rekeying Message Format | p. 155 |
| Basic Message Form | p. 156 |
| Security Analysis of Residue-based Method | p. 157 |
| Achieving Scalability | p. 163 |
| System Feasibility Study | p. 166 |
| Extensions to Multilayered Services | p. 169 |
| Chapter Summary | p. 170 |
| Hierarchical Access Control for Multi-Group Scenarios | p. 175 |
| Hierarchical Access Control: Problem Formulation | p. 176 |
| System description | p. 176 |
| Security requirements | p. 177 |
| Data encryption and hierarchical key management | p. 178 |
| Centralized Multi-group Key Management Scheme | p. 179 |
| Independent key trees for hierarchical access control | p. 179 |
| Multi-group key management scheme | p. 179 |
| Performance Measures and Analysis | p. 184 |
| Storage overhead | p. 185 |
| Rekey overhead | p. 188 |
| Simulations and Performance Comparison | p. 189 |
| Statistical dynamic membership model | p. 189 |
| Performance with different group size | p. 191 |
| Scalability | p. 192 |
| Performance with different transition probability | p. 192 |
| Simulation of multi-service applications | p. 196 |
| Contributory Multi-group Key Management | p. 196 |
| Related Work | p. 199 |
| Chapter Summary | p. 200 |
| Protecting Membership Information in Secure Multicasting | p. 203 |
| GDI Disclosure in Centralized Key Management Schemes | p. 204 |
| Attack 1: Estimation of J(t[subscript 0], t[subscript 1]) and L(t[subscript 0], t[subscript 1]) from rekeying-message format | p. 205 |
| Attack 2: Estimation of the group size from the rekeying-message-size | p. 206 |
| Attack 3: Estimation of group size based on key IDs | p. 208 |
| Discussion on three attacks | p. 211 |
| GDI vulnerability in prevalent key management schemes | p. 212 |
| Defense Techniques | p. 213 |
| Optimization | p. 218 |
| The leakage of GDI | p. 218 |
| Communication Overhead | p. 220 |
| System Optimization | p. 221 |
| Simulations | p. 221 |
| GDI Disclosure and Protection in Contributory Key Management Schemes | p. 223 |
| Fully and Partially Contributory Key Management Schemes | p. 226 |
| GDI Disclosure in Contributory Key Management Schemes | p. 227 |
| The Cost of Preventing GDI leakage | p. 227 |
| More on GDI Leakage Problem | p. 228 |
| Chapter Summary | p. 228 |
| Reducing Delay and Enhancing DoS Resistance in Multicast Authentication | p. 231 |
| Background Literature and TESLA | p. 232 |
| Related Work | p. 232 |
| TESLA Overview | p. 234 |
| Examination of Trust in TESLA | p. 235 |
| Staggered TESLA: Multi-Grade Multicast Authentication | p. 236 |
| Format of the Packet | p. 237 |
| Multi-Grade Source Authentication | p. 238 |
| Reduced-Delay Multicast Authentication Schemes | p. 243 |
| Staggered TESLA with Proximity Protection | p. 243 |
| Distributed Key Distributors | p. 245 |
| Buffer Requirements and Tradeoffs | p. 246 |
| Simulations and Performance Analysis | p. 251 |
| Simulations on Multi-Grade Authentication | p. 251 |
| Performance Analysis of Staggered TESLA | p. 252 |
| Impact of the Locations of Adversaries | p. 255 |
| Simulation on Reducing Authentication Delay | p. 260 |
| Conclusion | p. 262 |
| An Authentication Service for Sensor and Ad Hoc Networks | p. 265 |
| Introduction | p. 265 |
| Hierarchical Sensor Network | p. 266 |
| TESLA and TESLA Certificates | p. 268 |
| TESLA Certs | p. 269 |
| Overview of the Authentication Framework | p. 270 |
| Certificates | p. 272 |
| Initial Certs | p. 272 |
| Runtime Certs | p. 273 |
| Certificate Renewal | p. 274 |
| Access Point | p. 274 |
| Sensor Node | p. 274 |
| Entity Authentication | p. 275 |
| Access Point | p. 275 |
| Forwarding Nodes | p. 275 |
| Sensor Nodes | p. 276 |
| Roaming and Handoff | p. 277 |
| Forwarding Nodes | p. 277 |
| Sensor Nodes | p. 277 |
| Data Origin Authentication | p. 278 |
| Sending Sensor Data in Weak Mode | p. 278 |
| Sending Sensor Data in Assured Mode | p. 279 |
| Evaluation | p. 280 |
| Security Analysis | p. 280 |
| Performance Analysis | p. 281 |
| Conclusion | p. 282 |
| References | p. 287 |
| Index | p. 301 |
| Table of Contents provided by Ingram. All Rights Reserved. |
