Secure group communication services promote the deployment of traditional and new multi-party applications in networks such as video conferencing or large scale distance education. Confidentiality and authenticity combined in an intelligent group communication service with good scalability properties and efficient employment of the network infrastructure meet the needs of users and providers. Future generation networks such as mobile ad hoc networks
challenge the research community even more for a commitment both to preserve the privacy of the users and to secure the network infrastructure of the provider. While other approaches focus either on the establishment of traditional security services - i.e. confidentiality, integrity and availability - in groups or on the anonymisation of point-to-point communication, this thesis introduces a self-contained approach to guarantee privacy preservation in closed groups, an infrastructure for secure and anonymous group communication.
The work first introduces an application independent framework for secure group communication. This framework fills the gap between different single, isolated proposals and the complete multicast application. The devised engineering approach is demonstrated in two ways: (1)Three kind of applications, i.e. a single sender, multiple receiver broadcast scenario, a highly dynamic, decentralised game, and a small scale, many-to-many workflow application, rely on the
framework to provide a secure multicast service managing the access, the technical aspects of the group membership, and the network service. (2) The newly proposed secure group management scheme called Semsomm can be compared in a fair and efficient way to other approaches in the literature by simply plugging the respective implementations into the framework.
In the second part, the design of Semsomm is detailed. The main strategy of Semsomm is twofolded. First,intermediate nodes of the multicast distribution tree are used as untrusted relaying nodes in order to overcome the need to re-key the entire group upon each membership change. Second, the traffic encryption key is periodically renewed and redistributed to legitimate group members, thus inhibiting any collusion attack. It is shown that Semsomm scales to very large groups while preserving perfect forward secrecy of the multicasted information, i.e. only actual members of the group can understand it, thanks to its multiple encryption method.
The third contribution of this thesis consists in the design and implementation of a secure and anonymous group infrastructure, in other words, only users who fulfil certain conditions are allowed to join the secure anonymous group, non-members of the group cannot understand the data, and the identity of a member cannot be disclosed to outsiders of the group. Additionally, the member may hide its identity to other group members. The designed infrastructure, the Secure ANonymous GRoup InfrAstructure (SANGRIA), builds on top ofunicast anonymity and is extended with the needed secure multicast functionality. It is shown in the context of multimedia applications how this infrastructure can be used.
Finally, the implementations are evaluated and discussed. Semsomm proves to achieve the scalability and security goals claimed, esp. the swift execution of the join and leave operations are confirmed. On the other hand, the evaluation of the infrastructural costs for group anonymity shows promising results. The impact of anonymisation depends on the configuration of the anonymising network that must be traded for the desired resistance against attacks on anonymity.
Available at Shaker.
A limited version is in preparation.
Top of page
Secure and Anonymous Multicast Framework
Nathalie Weiler, Bernhard Plattner
In Proceedings of IFIP Conference on Communications and Multimedia Security 2001 (CMS'2001).Not available online due to copyright protection. Sorry!
The rapid increase in Internet users triggered a number of new Internet services and applications such as online shopping, video
conferencing, Internet games or distance education. A larger part of those ones requires multicast support for efficient data distribution. A number of secure group communication protocols have been published recently, but the preservation of privacy of the single group member is still an unsolved problem. This paper presents a novel approach to secure and anonymous group communication. First, we propose a solution for anonymity in a local environment based on state-of-the art
approaches such as pseudonym servers and anonymizers combined with encryption techniques on different protocol levels in order to
guarantee an anonymous way of communication between end-users. Then, we introduce the secure and anonymous multicast (SAM) framework and we show how it can be used as a configurable, scalable architecture in combination with local anonymity.
Scalable end-to-end anonymous communication, composable privacy, anonymous multicast.