enhanced security in intra-group … · work on thwarting chosen cipher text attacks is also...
TRANSCRIPT
http://www.iaeme.com/IJCIET/index.asp 911 [email protected]
International Journal of Civil Engineering and Technology (IJCIET)
Volume 8, Issue 11, November 2017, pp. 911–918, Article ID: IJCIET_08_11_091
Available online at http://http://www.iaeme.com/ijciet/issues.asp?JType=IJCIET&VType=8&IType=11
ISSN Print: 0976-6308 and ISSN Online: 0976-6316
© IAEME Publication Scopus Indexed
ENHANCED SECURITY IN INTRA-GROUP
COMMUNICATIONS
S. Sivasankari
Assistant Professor, Department of Information Technology,
SRM University, Kattankulathur, Tamil Nadu, India
G. Parimala
Assistant Professor, Department of Information Technology,
SRM University, Kattankulathur, Tamil Nadu, India
R. Sriram
M.Tech Graduate, SRM University, Kattankulathur, Tamil Nadu, India
ABSTRACT
Most of the communications in today’s world are carried-out over open networks.
Taking into account the openness of networks prevalent, communications amidst
group members must be protected, efficient and any technique applied should support
dynamism. Group key agreement (GKA) is widely employed for secure group
communications in modern collaborative and group-oriented applications. This work
proposes to study the problems of GKA in identity-based cryptosystems to address the
issues of round-efficiency, member-dynamism, and probably securing the key escrow,
that is, ensuring its freeness. The problem is resolved by proposing a one-round
dynamic asymmetric GKA[1]
protocol in which a set of participators are allowed to
build a common encryption key for the group, in run-time, that is, dynamically, and
each participator will have a different decryption key, which is a secret/known only by
self and no one else, in an identity-based cryptosystem. Knowing the group encryption
key, any “participator” can encrypt to the group members so that only the members
can decrypt. This protocol is built with a strongly non-forgeable, non-stateless and
identity-based batch-multi-signature scheme which supports communication between
the protocol participants.[2]
Key words: Batch signature, bilinear maps, hashing; k-bilinear Diffie-Hellman
exponent, Multi-party RSA.
Cite this Article: S. Sivasankari, G. Parimala and R. Sriram, Enhanced Security in
Intra-Group Communications. International Journal of Civil Engineering and
Technology, 8(11), 2017, pp. 911–918.
http://www.iaeme.com/IJCIET/issues.asp?JType=IJCIET&VType=8&IType=11
Enhanced Security in Intra-Group Communications
http://www.iaeme.com/IJCIET/index.asp 912 [email protected]
1. INTRODUCTION
Information exchanged between end parties are highly dependent on the nature and sensitivity
of the data transferred. It becomes extremely vital to secure this information and escort it
through an extremely trust-unworthy channel or communication medium. The medium is
highly susceptible to distortion, disturbances like interferences and certain protocols under use
are plagued with shortfalls and inadequacies. The ultimate aim of securing information is to
make the data/information unintelligible and/or un-interpretable by an attacker (passive or
active), while only the intended participant(s) or recipients(s) should be able to decipher the
information. Further, users may join and leave the group at any time. There is an increasing
need to address this requirement and it naturally follows that a trusted and a constant/static
user shall not be found at all points of time. The proposed system tries to achieve the
following primary goals, such as: user dynamicity; key escrow freeness; round-efficiency and
sender-unrestrictedness, using a multi-party RSA algorithm.
2. PROBLEM STATEMENT
Security in peer-to-peer systems [3]
is a much developed & well received/conceived
area/concept, but ensuring the safety of communications within a group needs to be explored.
Ensuring security of communication within a group is not a simple extension of secure two-
party communication. The most important distinctions are:
o Due to a larger number of participants and distances among them, protocol efficiency
is of greater concern here. [4]
o A two-party communication begins, lasts for a while, and ends, so it can be viewed as
a discrete phenomenon but communication in a group is more complicated: it begins,
changes happen (members leave and join) and the end might not be a well-defined
one. This is sometimes called group dynamics. [5]
A sender wishes to safely transmit the textual communication to many other recipients in the
same group. The fundamental problem lies in how the sender accomplishes this in a system
setting having the following issues [6]
:
o Non-availability of a fully trusted dealer to generate keys for the group of
participators;
o Agree on the generated key in one round without going in for any extra rounds (key
generation; distribution and agreement.
o Identification of sender of encrypted messages to the group members is hard;
o System needs to be free from key escrow;
o Support actor dynamism, which means, users may join/leave the group at any time.
Maintenance of the group is a trustworthy dealer‟s duty in a system performing broadcast
encryption. Forward secrecy and/or key escrow freeness cannot be offered by some broadcast
encryption systems that are free from trusted dealers.
3. MATHEMATICAL BACKGROUND
This section strives to brief the underlying, fundamental concepts from the branch of
mathematics, which are involved in and thus helps in explaining the key features of the work
proposed herein.
3.1. Principle strength of RSA algorithm
A well-known fact and most important strength of RSA algorithm is: the difficulty in
factoring a large number in to its prime factors, that is, the prime factorization of a very large
S. Sivasankari, G. Parimala and R. Sriram
http://www.iaeme.com/IJCIET/index.asp 913 [email protected]
composite number (into its constituent prime factors). So, in line with the fundamental
requirement of the AGKA protocol, a set of keys (prime numbers, basically) are
chosen/derived as the individual(„s) private keys and the common public key is formed from
these private keys, according to the most fundamental principles of public-key cryptography
and the RSA algorithm. It is also implied or worth noting that the common public key is the
group encryption key and the set of keys derived above, are the respective decryption keys (of
each user/group member), which is also essentially obtained in one round and thus round
efficient. An extension to RSA algorithm is also proposed in this work.
3.2. Concept of bilinear maps[7]
Three kinds of object: groups, rings, and fields are dealt with, in Abstract algebra.
A group is defined as: a set of elements, together with an operation performed on pairs of
these elements such that[8]
:
o The result of the operation, when given two elements of the set as arguments, lies in
the same set always. This is called closure property.
o The set has some element e such that for any other element of the set x, e op x = x op
e = x, op is the operation(group).
o Every element of the set has an inverse element. If we take any element of the set p,
there is another element q such that p op q = q op p = e.
o The operation is associative. For any three elements of the set, (a op b) op c always
equals a op (b op c).
o There is an element called the generator, which generates all the other elements of the
group on application of the group operation, op.
G1 and G2 -> two multiplicative groups of order q AND g is the generator of G1.
Under the multiplication mod 9, the group of units U(Z9), is the group of all
integers relatively prime to 9, that is, U9 = 1, 2, 4, 5, 7, 8. Modulo 9 is the base of every
arithmetic here. Generator for U(Z9) cannot be 7, since 7^i mod 9 | i∈N=7,4,1 (not all
numbers relatively prime to 9 are here); but 2 can be, because:
2^i mod 9 | i∈N=2,4,8,7,5,1.
A bilinear map ˆe : G1 × G1 → G2 will satisfy these properties[10][12]
:
o Bilinearity ensures ˆe(g^α, g^β) is equal to ˆe(g, g)^(α*β)for all α, β∈Zq*.
o Non-degeneracy property states: there exist u,v∈ G1; such that ˆe(u, v) is not 1.
o Computability property mandates that ˆe(u, v) can be computed using an existing and
efficient algorithm, for any u,v∈ G1.
The constructions‟ security is based on the hardness assumptions on the computational Diffie-
Hellman (CDH) and k-bilinear Diffie-Hellman exponent (BDHE) problems.
CDH Problem: Though g,gα,g
βare known for unknown α,β∈Zq, computing g
αβ is hard.
k-BDHE Problem: Knowing - g, h &gi= gα^i
in G1 for i = 1, 2, . . . , k, k+2, . . . , 2k -
computing [ ˆe(g, h)α^k+1
] is hard.
4. PROPOSED SYSTEM
This project work proposes to develop a system that regulates the group communication with
special attention paid to communication by a user who is not deemed to be a protocol
participant while striving to achieve the aforementioned goals of: user dynamicity; key
Enhanced Security in Intra-Group Communications
http://www.iaeme.com/IJCIET/index.asp 914 [email protected]
escrow freeness; round-efficiency and sender-un-restrictedness, for the regular, protocol
participants. Work on thwarting chosen cipher text attacks is also proposed to be taken into
consideration, if time permits. The proposed system is to be designed to ensure certain
essential features like: achieving information/key secrecy and also implement known-key
security by implementing a time-based sessioning approach and using a multi-party RSA
algorithm. The figure 4.1 alongside shows the basic structure of the system.
When a user wishes to join as a participator a request is sent to the KGC/group manager,
who holds the system parameters from the setup; extract and agreement phases.
The join request is sent to each other participator in the group by the new entrant. Then
each of the other participators in the group computes the requisite system parameters to
uniquely identify and also to communicate with the new participator in the group, in the
future/ until the user remains in the group. Until a participant issues the leave request to all the
participants, he/she continues to be in the group.
Figure 4.1
Now encryption can happen with the group encryption key while decryption can be done
using the distinct, unique private decryption key that each participator possesses, and thus
there is/are intra-group communication(s).
Once a participator decides to leave the group, the group manager/KGC sends the leaving
request of the specific participator to all other existing participators in the group, for them to
update their respective tables.
4.1. Implementation methodology
The communications are comprised of one to many communication(s).
The inbuilt, random number generation function, is used to generate keys.
A new participant sends a join request to the group manager.
Participants stay/receive and send messages.
The group manager broadcasts the leaving request of a participant.
S. Sivasankari, G. Parimala and R. Sriram
http://www.iaeme.com/IJCIET/index.asp 915 [email protected]
4.2. Phases of development[9]
1. Setup: The list of system parameters is deduced as per the formal definitions:
ϒ =( q,G1,G2, ˆe, g, gpub, H1 ∼H5, l0).
H1~H5 refers to the pairing based hash functions.[3,9,11]
2. Extract: The KGC/manager computes:
idi, j,0 = H1(I Di , j, 0)idi, j,1 = H1(I Di , j, 1); for 1 ≤ j ≤ N.
->N private keys si, j,0=idκi, j,0 , si, j,1 = id
κi, j,1j∈1,...,N are given as the output of this phase.
3. Agreement: The group manager:
->Computes and Publishes: σi= (I Di , ιi , ri , ui , zi, j j∈1,...,n, j ≠i ).
->Tables required by each participant and the manager, for communication, are derived.
4. Leave: When the l-th participant leaves the group, the group manager broadcasts the
information of the participant‟s exit from the group/protocol run, to the other participants.
->Publish: (I Dt , ιt , rl , ul , zl, j j∈1,...,n, j ≠l ).
-> Each participant updates the elements in the l-th row of the table maintained by them with
the computed agreement parameters/values.
5.Join: Joining the group as the l-th participant, a user issues a joining request to the other
participants of the group. So:
->(I DI , ιI , rI , uI , zI, j j∈1,...,n, j ≠l ) – the parameters, are computed and published.
->The elements/contents of the l-th row of its table is updated by the group manager.
6. Generate Encryption key: A common group encryption key is generated by the group
manager and made known to all. A multi-party RSA is implemented with help of the
generated keys.
-> An entity calculates:
idi,ιi ,0 = H1(I Di , ιi , 0),
idi,ιi ,1 = H1(I Di , ιi , 1),
v = H2(isid),
f j= H3(isid, j ),
ϖi=H4(isid, I Di , ιi , ri , ui ) ; for j ∈ 1, 2, i ∈ 1, . . . , n.
-> Compute: ᵟ (0=abort; 1= encryption key)
7. Generate Decryption key:
-> Each participant Uicomputes w .
->Check whether :ˆe(di , g) == Ω .
i .Abort if the equation does not hold.
8. Encrypt and Decrypt message(s)-have their usual meanings.
5. RESULTS AND ANALYSIS
First of all, the basic system parameters are derived for generating the keys from a set of pre-
assumed entities and mathematical concepts.
Screen 1: Deriving the system parameters.
[ϒ = (q, G1, G2, ˆe, g, gpub, H1 ∼H5[3]
, l0)]
Enhanced Security in Intra-Group Communications
http://www.iaeme.com/IJCIET/index.asp 916 [email protected]
Screen 2: The keys for each of the participants‟ communication are computed by the key
generation centre.
Screen 3: The parameters for generating the signature under the identity based batch multi-
signatures scheme are obtained and tabulated.
σi= (I Di , ιi , ri , ui , zi, j j∈1,...,n, j ≠i ).
Screen 4: A menu-driven screen to obtain the user/participant choice of operation is
formulated. The menu/choice decides the further course of action. According to the input
given by the user/participant, the corresponding actions take place. The flow of operations
occur as per the choice of the user.
S. Sivasankari, G. Parimala and R. Sriram
http://www.iaeme.com/IJCIET/index.asp 917 [email protected]
Screen 5: The screen shows the result of the encryption and decryption phases.
6. CONCLUSIONS
The problems of round-efficiency, member-dynamism, and probably securing the key escrow,
that is, ensuring its freeness, is rectified by putting in place a single round, non-static, protocol
yielding a key for asymmetric communication within a group, which allows the set of
participators to establish a common, non-secret encryption key for the group, dynamically.
Each member will have a unique, not to-be disclosed decryption key in the cryptosystem that
is identity-based. With the knowledge of the group encryption key, every participator can
communicate the encrypted messages to other members of the group and decryption can be
done only by these members. This protocol is built with a strongly non-forgeable, non-
stateless and session-time-based structure where the protocol participators communicate [10]
.
The proposal of multi-party RSA algorithm aids in key management.
REFERENCES
[1] Lei Zhang,Qianhong Wu, Josep Domingo-Ferrer, Bo Qin, and Zheming Dong “Round
Efficient and Sender-Unrestricted Dynamic Group Key Agreement Protocol for Secure
Group Communications”, IEEE Transactions On Information Forensics And Security,
Vol. 10, No. 11, November 2015.
[2] Q. Wu, Y. Mu, W. Susilo, B. Qin, and J. Domingo-Ferrer,“Asymmetric group key
agreement,” in Proc. 28th Annu. Int. Conf. Theory Appl. Cryptograph.Techn.
EUROCRYPT), 2009, pp. 153–170.
Enhanced Security in Intra-Group Communications
http://www.iaeme.com/IJCIET/index.asp 918 [email protected]
[3] Dan Boneh; Ben Lynn &HovavShacham (2004)."Short Signatures from the Weil
Pairing".Journal of Cryptology. 17: 297–319. doi:10.1007/s00145-004-0314-9.
[4] Text on basics of curves in cryptography -- Noel Michael McCullagh‟s work on
“Cryptographic Applications of Bilinear Maps”,Dublin City University, October 2005.
[5] Ben Lynn,”The Implementation Of Pairing-Based Cryptosystems”, 2007, in the
Committee On Graduate Studies of STANFORD UNIVERSITY.
[6] Jean-Claude Bajard and Nadia El Mrabet, “Pairing in Cryptography: an Arithmetic Point
of View”, October 2007.
[7] Michael Steiner, Gene Tsudik and Michael WaidnerKey, “Agreement in Dynamic Peer
Groups”, IEEE Transactions On Parallel And Distributed Systems, Vol. 11, No. 8, August
2000.
[8] Group, Fields and Rings in mathematics and cryptography from the Quadibloc website
(www.quadibloc .com/math/abaint.htm).
[9] D. Boneh and A. Silverberg, “Applications of multilinear forms to cryptography,”
Contemp. Math., vol. 324, no. 1, pp. 71–90, 2002.
[10] L. Chen and C. Kudla, “Identity based authenticated key agreement protocols from
pairings,” in Proc. 16th IEEE Comput. Security Found. Workshop (CSFW), Jun./Jul. 2003,
pp. 219–233.
[11] Deepa Lakshmi, P., Praveen, J. S., Venkatraman, V. and Dr. Manoharan, N. A Review on
Data Security in Distributed System. International Journal of Computer Engineering and
Technology, 6(10), 2015, pp. 13-16.
[12] Dr. Md. Tabrez Quasim and Mohammad. Meraj, Big Data Security and Privacy: A Short
Review, International Journal of Mechanical Engineering and Technology, 8(4), 2017, pp.
408- 412
[13] A. Viji Amutha Mary, Dr. T. Jebarajan. A Novel Data Perturbation Technique With
Higher Security, International Journal of Computer Engineering and Technology, 3(2),
2012, pp. 126-132.
[14] Pragya Gajbhiye, Varsha Sharma and Vivek Sharma, A Context Based Application
Deployment in Android for Data Security. International Journal of Advanced Research in
Engineering and Technology, 8(4), 2017, pp 83–94.