| Security is an important issue in distributed networks open to public. One of the most popular and practical methods to secure the open network is to encrypt and authenticate the message that needs to be transmitted or processed. According to Kerckhoffs' assumption, a cryptosystem should be designed to withstand cryptanalysis even if an attacker knows its details, except the information on keys used. Thus, exposure of secret keys is theoretically the most devastating attack on a cryptosystem since it typically means that security is entirely lost. In fact, this problem is indeed the greatest threat to cryptography in the real world based on the statistic data. In practice, it is relatively easier for an adversary to obtain a secret key from a user than to break the computational assumption on which the system is based. More seriously, the threat in distributed open networks is increasing nowadays with users carrying mobiles or wireless devices that allow remote access from public or foreign domains, thus making secret key exposure easier and more practical. Therefore, securing key management plays a crucial role in securing the distributed open networks.In the traditional cryptography, there is one sender, one receiver and an active or a passive eavesdropper who is an opponent. Depending on the application, the sender or receiver (or both ) needs to use a secret key. However, often we are not dealing with an individual sender/receiver, but sender/receiver is an organization such as a company, a government agency, a non-profit organization, etc, we call it a group. From the communication device's point of view, the members of the group are often organized as a static or dynamical group in a distributed open network, distributed anywhere in the globe or just located in a small wireless network, such as a campus wireless LAN. Organizations need also to communicate with each other. Moreover, many actions, and certainly security related ones, are taken by a group of people, a group of devices instead of by an individual or a single device. So there is a need for guaranteeing the security of secret key among the communication group. For example, sometimes a ciphertext encrypted by an original commercial secret needs to be decrypted jointly by a group of users; an important document needs to be signed by a distributed signature scheme, to allow distribution of power or to avoid power abuse, and to guarantee reliability. Therefore, the focus of this thesis is on the group-oriented key management in the open distributed environments.Generally speaking, key management is a matter of managing the keys through their life cycle, which includes mainly the following parts: 1) securing generation of keys; 2) securing distribution of keys; 3) securing storage of keys; 4) securing revocation of keys; 5) securing access to keys. This thesis, motivated by the practical requirements and based on extensive exploration and deep analysis in various literatures, focuses on the research of group-oriented key management techniques in distributed open networks. Nowadays, the group-oriented communications are rapidly prompted with the increase of the Internet applications and self-organized networks such as ad-hoc network for emergency, e-education cooperation systems, etc. The concept of group-oriented communications is used to make differences with the traditional simple two-part communications. The group-oriented key management is required to face and deal with many new problems: How to generate cooperatively the group key in a public cryptosystem? How to distribute the key to the group members? How to share a key among different authorized groups withoutmembers cheating or dealer's cheating? How to establish the group key in a secret cryptosystem by group member's contributory and agreement? How to distribute the member' key in a group with security hierarchy such that each member can derive the secret key for members in a lower security level and the inversion is not allowed?It is the purpose of this thesis to solve or p...
|
PDF Full Text Request