Академический Документы
Профессиональный Документы
Культура Документы
Outline
Motivation The security problem The existing MBMS scheme Our improved scheme Experimental results
2
Motivation
The coming future: group-oriented applications on wireless networks Network basis: multicast 3G: Multimedia Broadcast/Multicast Service (MBMS) Security problem: control access to multicast data
MB-SC 3G Networks MB-SC: Broadcast Multicast - Service Center
MB-SC
3G Networks
3G Networks
Dilemmas in 3G Networks
Underlying Scenario:
Powerful Not a secure device to store session key An attacker who is a subscribed user can distribute the decryption keys to others.
Not powerful enough to decrypt bulk data Secure device to store session key
Dilemmas in 3G Networks
Attacks:
An adversarial subscriber find out the Session Key (SK) and send it out to non-paying users.
In summary:
The need to store decryption keys in insecure memory makes it impossible to design a scheme where nonsubscribed users CANNOT access the data
Dissuade our potential market from using illegitimate methods to access the multicast content What is the potential market?
Users that desire cheap access to multicast services while being mobile.
Attacks that are expensive to mount (per-user basis) Attacks that assume the user is not mobile. 8
Assumption
It is not easy for an adversarial subscriber to send out the Session key (SK). Thus, we assume there is a underlying cost associated with sharing the Session Key. There is a Registration Key established once the user subscribes to the service.
Make the Session Key change so frequently that the cost of attacking is more expensive than the cost of subscribing to the service. This strategy is used in Qualcomms S3-030040 proposal to 3GPP.
Requirement
MB-SC
Random number
f
BAK (Broadcast access key) SK (Session key)
RK (Registration key)
10
Qualcomms SK Distribution
Scheme
3G Core Network
Radio Access Network
MB-SC
BM-SC send out the encrypted multicast data together with SK_RAND, BAK_ID, BAK_EXP
CipherText = ESK(content)
11
SK Distribution (Cont.)
3G Core Network
Radio Access Network
MB-SC
12
MB-SC
MB-SC
Session Key
Drawbacks
SK_RAND has to be appended to each package. For higher level of security, SK_RAND has to be large.
BAK update problem: at the moment that a new BAK is used, every USIM will send out a BAK request to BMSC
15
MB-SC
16
At the moment that a new BAK is used, every USIM will request BAK from BAK distributor almost at the same time BAK distributor pushes the new BAK to USIM instead of pulling by USIM
17
Using additional set of keys (Key Encryption Keys KEK) to achieve key hierarchy Join: Use old shared key (SEK) to encrypt and distribute new session key Leave: Use lower level old key (KEK) to encrypt the higher level key, and only change the keys known by the leaving user
18
Simulation Setup
Use two nodes to represent the Network since we are primarily concerned with capturing the bottleneck effect in the Network.
U1 Network B1 Link 1 N1 Link2 N2 U2
Queue length (l) Service rate (u) Bottleneck bandwidth Loss rate Delay Wired link Ui Users inter arrival time Duration time
19
Movie session
Multicast traffic: statistical data from Star Wars IV Group member join/leave behavior:
Inter-arrival times and session durations are modeled as exponential distributions Inter-arrival time consists of two phases:
Beginning of movie (first 150 seconds): Users arrive more frequently Remainder of movie: Users arrive less frequently Mean duration = 46min 20
Session durations:
Qualcomms scheme
21
22
Conclusions:
The use of chained one-way functions for generating SKs The BM-SC pushing new BAKs to the users based on a keytree Reduce amount of bandwidth needed for updating keys Avoid potential BAK implosion problems associated with rekeying 3G multicasts Scales well as group size increases
These improvements:
23
Future work:
We plan to formulate the relationship between the group join/leave behavior and the amount of communication overhead associated with rekeying? Our simulations only captured the bottleneck effect in 3G Core Networks
We plan to study different multicast strategies at the Radio Access Network and how key management affects RAN network performance.
24
Questions?
25
Thank you!