Abstract
This thesis investigates decentralized key management and presents two novel decentralized key management schemes that are capable of providing secure communication in ad hoc-type networks and are agnostic to the network coding technology. The main research contributions of this thesis are summarized as follows:We investigate the inherent security and privacy challenges of the scenario architecture and identify the necessity for a decentralized key management solution. We examine nine legacy decentralized key management solutions and evaluate their suitability based on their abilities to satisfy seven proposed requirements. Our evaluation identifies that the fully distributed TTP (FD-TTP)-based key management solution has the greatest potential. This solution takes advantage of secret sharing techniques to establish a distributed TTP such that a threshold number of network users can collaboratively provide key management services. An appropriate adversarial model is defined to evaluate the security level of FD-TTP-based key management schemes.
We present the design of our novel decentralized key management scheme, entitled DISTANT. This decentralized key management scheme follows the conventional structure of FD-TTP-based key management schemes and aims to improve the level of security compared to previously proposed FD-TTP-based key management schemes. Our scheme utilizes the self-generated certificates paradigm for its abilities to (i) guarantee network subscribers with end-to-end security and (ii) limit communication overheads due to non-interactive certificate updating and a redundant certificate revocation procedure. In comparison to closely related schemes, DISTANT reaches the highest level of security while remaining competitive in terms of communication overhead.
We also present the design of our novel decentralized key management scheme, entitled DECENT. This decentralized key management scheme deviates from the conventional structure of FD-TTP-based key management schemes through the utilization of threshold-tolerant identity-based public key cryptography where secret shares are directly used as private keys. This equivalence between shares and keys allows the key management design to benefit from (i) the self-healing property (i.e., the network can independently recover from compromise), and (ii) the merger of share- and key-related protocols which provide significant reductions in terms of communication overhead. In comparison to closely related schemes, DECENT has the lowest communication overhead requirement while remaining competitive in terms of security.
Date of Award | 2023 |
---|---|
Original language | English |
Supervisor | Ifiok Otung (Supervisor), Jonathan Rodriguez (Supervisor) & Georgios Mantas (Supervisor) |