A novel linear multi-secret sharing scheme for group communication in wireless mesh networks
Introduction
Wireless mesh networks (WMNs) have emerged as an increasingly important technology that offers low-cost and high-bandwidth community wireless services. A WMN consists of a set of stationary wireless routers that form a multi-hop wireless backbone, and a set of mobile clients that communicate via the backbone routers. The community-oriented nature of WMNs facilitates group applications, such as webcast, distance learning, online gaming, video conferencing, and multimedia broadcasting. Many of these applications follow a communication pattern in which one or more source clients disseminate data to a changing set of receivers. The openness of the wireless environment makes security a critical concern in the deployment of such group applications.
A major security goal for group applications is providing data confidentiality such that only current group members have access to the data sent to the group. Previous communication must remain protected from newly joined members, and future communication must be protected from members who have left the group. Examples of applications that can benefit from these services are applications which disseminate sensitive content, such as multimedia conferencing, and applications which seek to ensure that only clients that have paid or registered for service can receive data, such as online video broadcasting and distance learning.
In WMNs, during a group communication session, the group members can join or leave the group at any time, with potentially high membership dynamics, possibly due to client movement or flash crowd phenomenon. The focus is on providing data confidentiality from outside adversaries (both passive and active), where an outsider is any non-group member client or backbone router. More specifically, the goal is to provide the group secrecy property, such that it is computationally infeasible for a non-member node (mobile client or backbone router) to discover the group data. This also includes the backward and forward secrecy properties which guarantee that it is computationally infeasible for a member client to gain access to the group data sent before the time it joins the group, or after the time it leaves (or is revoked from) the group, respectively.
Secure group communication is a mature research area and has a large body of research literature. The main objective of a secure group communication protocol is to ensure the data confidentiality against outsiders such that only legitimate group members can recover the group data. In this area the existing works are both in traditional wired networks (see Wong et al., 2000, Torres et al., 2007; Kim et al., 2000, Kim et al., 2001; Steiner et al., 1998, Yiu and Chan, 2004, Abad et al., 2005, Zhu et al., 2005) and in wireless networks (see Zhu et al., 2004, Balachandran et al., 2005, Kaya et al., 2003, Sun et al., 2004, Roy et al., 2005, Curtmola and Nita-Rotaru, 2007), respectively. In general, these schemes in wired networks require reliable communication from each group member to every other group member on handling group dynamics. Such reliable broadcast communication is extremely inefficient to achieve in multi-hop wireless networks, rendering them not suitable for WMNs. At the same time, none of the existing protocols in wireless networks considered the unique features of WMNs, such as static backbone routers and multiple clients sharing the same router, all of which can be leveraged for designing more optimized protocols.
In order to provide secure and efficient group communication in WMNs, in this paper we consider an ideal linear multi-secret sharing scheme, in which each authorized subset (that is, each group) may have different target secret (that is, group key). At the same time, such a scheme satisfies that only all participants of this authorized subset can recover the associated secret from their shares, otherwise, they cannot obtain any information on this secret from their shares. In particular, we put forward a general method of construction for such a scheme by using monotone span programs. We prove the correctness and security of proposed scheme.1
In Section 2 we review the information-theoretic model of a secret sharing scheme and recall the relationship between linear secret sharing schemes (LSSS) and monotone span programs (MSP). In Section 3 we generalize the definition of an MSP to permit more than one target vector. In Section 4, by using MSP, we show how to construct an ideal linear multi-secret sharing scheme (LMSSS) for general access structures in which each authorized subset carries different target secret. The correctness and security of proposed scheme are proved. Finally, in Section 6 we give the conclusion.
Section snippets
Preliminaries
In this section we review some basic definitions concerning secret sharing schemes.
MSP with multiple target vectors
In this section we generalize the definition of an MSP to permit more than one target vector.
We denote an MSP to permit m target vectors by , where M is a d×l matrix over a finite field and is a surjective labeling map which actually distributes to each participant some rows of M. We call d the size of the MSP. For any subset , there is a corresponding characteristic vector where for , δi=1 if and only if i∈A. Consider a
Construction of ideal LMSSS with different authorized subset carrying different secret
In this section we firstly define an m-tuple of access structures with respect to the proposed problem, i.e., for a general access structure, each authorized subset in it carries different target secret. Afterwards, we devise an ideal LMSSS which realizes such an m-tuple of access structures.
Correctness and security of our scheme
In this section we will discuss the correctness and security of our scheme.
Actually, the proof of Theorem 1 ensures the correctness and security of this scheme.
Correctness: For any , seeing that , any subset of participants can reconstruct the secret sj by computing a linear combination of their shares. Hence, it holds that .
Security: At the same time, for any , seeing that , any subset (namely, ) of participants, even
Conclusion
In this paper we explored different design choices for solving the problem of secure and efficient group communications in WMNs. We propose an ideal and perfect linear multi-secret sharing scheme by using monotone span programs, where each authorized subset may have different target secret. Finally, the correctness and security of proposed scheme are proved.
References (24)
- et al.
Linear multi-secret sharing schemes based on multi-party computation
Finite Fields and Their Applications
(2006) - Abad C, Gupta I, Yurcik W. Adding confidentiality to application-level multicast by leveraging the multicast overlay....
- Balachandran R, Ramamurthy B, Zou X, Vinodchandran N. CRTDH: an efficient key agreement scheme for secure group...
- Beimel A. Secure schemes for secret sharing and key distribution. Ph.D. Dissertation, Technion—Israel Inst. Technol.,...
- et al.
Multi-secret sharing schemes
(1994) - Blundo C, De Santis A, Vaccaro U. Efficient sharing of many secrets. In: Proceedings of STACS ’93 (10th symposium on...
- Curtmola R, Nita-Rotaru C. BSMR: byzantine-resilient secure multicast routing in multi-hop wireless networks. In: IEEE...
- et al.
Multiple ramp schemes
IEEE Transactions on Information Theory
(1999) - et al.
Multisecret threshold schemes
(1994) - et al.
On sharing many secrets
(1995)
Ideal secret sharing schemes with multiple secrets
Journal of Cryptology
Cited by (10)
A multi-threshold secret image sharing scheme based on MSP
2012, Pattern Recognition LettersCitation Excerpt :In 2011, Hsu et al. (2011a,b) proposed an ideal multi-threshold secret sharing scheme based on monotone span programs (MSP). Later, they utilized the multi-threshold secret sharing scheme to provide secure and efficient group communication in wireless mesh networks (Hsu et al., 2011a,b). Some secret sharing applications must protect more than one secret, possibly with different access structures associated with each secret.
How to construct a verifiable multi-secret sharing scheme based on graded encoding schemes
2019, IET Information SecurityGeneral secret sharing based on quantum Fourier transform
2019, Quantum Information ProcessingA novel integrity based mesh data encryption and decryption algorithm for dynamic WMNs
2019, International Journal of Engineering and Advanced TechnologyEnergy-efficient and reliable data collection in wireless sensor networks
2018, Turkish Journal of Electrical Engineering and Computer SciencesProvably secure verifiable multi-stage secret sharing scheme based on monotone span program
2017, IET Information Security