Research On The Provably Secure Group Key Agreement For Ad Hoc Networks

Ad hoc networks is self-organizing, highly dynamic networks which can autonomously establish and maintain the communication among a group of the nodes without the requirement of centralized administration or fixed infrastruc-ture such as base stations or access points. The study and applications for ad hoc networks firstly come from the requirements of military field, but with the development of wireless communication and terminal technology, ad hoc net-works has more and more applications in other sceneries which include:disaster rescuing with no wire communication infrastructure or its being destroyed; the condition monitoring of severe environment using Wireless Sensor Networks (WSN); distributive and cooperative communications such as conference meet-ing and distributive computing and so on; other environments which need to set up communication quickly, but have no wire communication infrastructure. In these applications, secure communication is a critical problem. An effective way to achieve secure communication is to encrypt all the messages exchanged among network users with a common key computed before any communication starts. But establishing a common key shared by the whole group nodes is a difficulty and sometimes impossible work because of the characteristics in ad hoc networks, such as dynamic topology and multi-hops distance. Many effi-cient group key agreement (GKA) protocols proposed for wired networks are however not adaptable directly for wireless ad hoc networks because all of them are based on broadcasting or one-hop distance assumption among all the nodes. Clustering, which partitions the whole network into subgroups, provides con-venience and high efficiency for routing and other network management work. Many clustering-based GKA protocols for ad hoc networks have been proposed which always consist of two phases:intra-cluster key agreement generating a cluster key among the nodes within each cluster and group key agreement gen-erating group key among the cluster-heads (representatives of the cluster) and then sharing the group key among entire group members by some broadcasting or distributing methods. Our work mainly focus on clustering-based group key agreement. The main contribution and innovations of our thesis are as follows. 1. We propose an authenticated group key agreement protocol which needs less communication rounds and also provides more computation efficien-cy than other ring-based protocols. Our scheme is suitable for resource-constraint environments such as Ad-hoc Network. We prove the semantic security of our scheme and make analysis in two aspects:communication and computation. At last, we make the proposed protocol to be adopted as sub protocol in the existing GKA protocols(HKAP and CGDH) for ad hoc networks and the comparison results show that our protocol promotes the efficiency apparently not only on communication for HKAP but also on computation for CGDH. Besides, Our protocol uses the compiler C-MACON to achieve mutual authentication and contributiveness which can resist the unknown-key share attack and the key control attack of malicious participants/insiders.2. We propose an authenticated group key agreement for large ad hoc net-works which solves the drawback, that is, the complexity of both commu-nication and computation increases sharply when the size of the network-s becomes large. Our scheme adopts BSL short signature algorithm to achieve message authentication and reduce the message overhead during the protocol execution. Using the2-hop clustering algorithm, our protocol is more suitable for large ad hoc networks, because it can generate less number of clusters and make the group more stable. We adopts AT-GDH to get the group key among the cluster-heads, uses IC-GKA to get cluster key among members in a cluster, and for the first time we make a secu-rity proof for the AT-GDH protocol by which we hence prove our whole protocol’s semantic security combining the IC-GKA’s security proof. Our protocol also handles the dynamic membership changes of the group nodes and makes complexity comparison with other protocols. The intra-cluster key agreement used in our protocol is not based on broadcasting, so need-s less exchange of message. Besides, the computation efficiency of our protocol is obviously improved which is reduced from O(n2) to O(n) compared with the referenced protocol. The analysis results of communi-cation complexity and computation complexity which also considers the delay of communication show that the proposed group key agreement pro-tocol has high efficiency both on communication and computation, and is suitable for large ad hoc networks.3. We propose an authenticated clique-based group key agreement for ad hoc networks which has high computational efficiency, partitions the whole group nodes into clusters and arranges the cluster heads in a spanning tree. Our protocol uses digital signature algorithm to authenticate all the mes-sages exchanged during the execution of the protocol. Our scheme com-putes the cluster key of each cluster using DB and finally gets the group key by executing moderate rounds of PCKA combining the symmetric en-cryption and decryption algorithms. The contributiveness and handling of membership changes such as member join and member leave are imple-mented in our algorithm. We prove the semantic security of our protocol and make complexity analysis consisting of communicational and compu-tational complexity. The energy analysis results based on the same hard-ware platform show that the proposed protocol has high efficiency on com-putation and has the least total energy consumption in any network scale compared with other referenced protocols.4. We propose a password-based encrypted group key agreement protocol which generates cluster key for each cluster of the whole group and can be used as a sub-protocol to finally generate the group session key combining with inter-cluster key agreement protocol. We prove the security in the ran-dom oracle and ideal cipher models under the Decisional Diffie-Hellman assumption. The security result shows that the adversary can get negligible advantage by eavesdropping the messages exchanged during the execution of protocol and that the only way for the adversary to attack the security of protocol is to impersonate a user by guessing the password shared by all the users. So the protocol can resist both offline and online dictionary attacks. Efficiency comparison results show that our protocol is efficient and suitable for ad hoc networks.The paper makes study on clustering-based group key agreement for Ad Hoc Networks, proposes more efficient intra-cluster key agreement protocols and group key agreement protocols for large and cliques-based Ad Hoc Net-works respectively. Comparisons show that our proposed protocols have high efficiency both on communication and computation and have less energy cost, so are suitable to be applied to the resource-limited Ad Hoc Networks and sup- ply indemnification for subsequently establishing secure channel.