JOURNAL OF COMPUTING, VOLUME 3, ISSUE 6, JUNE 2011, ISSN 2151-9617

HTTPS://SITES.GOOGLE.COM/SITE/JOURNALOFCOMPUTING/
WWW.JOURNALOFCOMPUTING.ORG 40


ECC based Contributory Group Key Com-
putation Scheme using One Time Pad

S. Maria Celestin Vigila and K. Muneeswaran

Abstract— Secure group communication, in recent years has rapidly devoured the attention of researchers’ world over. With
the advent and the perceptible growth of the Internet, secure group communication has become a significant feature of Internet
technology. This paper proposes an efficient and secure key computation scheme, accumulating the advantages of logical-key
tree structure and one time pad to achieve an overall effect. For secure group communication, a group key is needs to be
shared among legitimate group members for encrypting group messages. The group key is computed based on Tree-based
Elliptic Curve Diffie-Hellman algorithm, which is then distributed to all group members using one time pad scheme. The
performance of the proposed scheme is compared with that of the existing schemes. Comparative studies show that the new
scheme performs better than the existing schemes in terms of both security and efficiency.
Index Terms— Elliptic Curve Cryptography, Discrete Logarithm, Access Control, Group Communication.
——————————

——————————
1 INTRODUCTION

The all-pervading nature of communication networks has
paved the way for the development of wireless and Inter-
net applications, making communication possible all over
the world. Group-oriented applications like video confe-
rencing have already taken its hold on the world and will
be an essential service that provides real-time information
exchange among a large number of users [1]. The main
assurance of these services lies in information security, a
crucial factor for distributed and collaborative applica-
tions. Among all security requirements of group commu-
nication, access control is vital as it prevents illicit access
to the group communication and protects application
data.

Consider a scenario where there are n users in a
network, of which some t (t<<n) of them would like to
discuss on a common concern. These t parties (called
privileged users) must communicate among themselves
over a public channel in a secure manner in that others
must not be able to listen in to the conversation between
these t parties. Therein, lays the need to find new tech-
nology for such confidential communication which is ef-
fectively called secure group communication or secure
conferencing.

An adolescent solution is to have a shared key
between every pair of users, which leads to storing (n−1)
keys with each user. In addendum, to send a message, the
sender must encrypt the message to each user in a group
separately. This augments the amount of storage for re-
spective users, along with increased computation and
communication costs. Hence, the general aim of secure
group communication is to construct a common secret
key or secure group key among legitimate users for con-
fidential communication.

Once the group key is functional, members in a
group can communicate with each other in a discreet
manner. The group being dynamic, members in the group
may vary, i.e., new members may join and existing mem-
bers may leave the group. Group membership can change
when a single member joins/leaves the group or a set of
members join/leave the group simultaneously. Whenever
this occurs, group key must be changed to prevent a new
user from reading past communications, which is termed
as backward secrecy and a departed user from reading
future communications termed as forward secrecy[2].
The issues of establishing and updating the group keys
are addressed by group key management schemes [2]–[4].
Encryption and key management together ensure data
confidentiality. Unauthorized entities should not possess
the group key and cannot intrude upon group secrecy.

In key management methods, an opponent may
try to eavesdrop on the discussion of the privileged
member set. An opponent could be an insider (member
among n parties, but not a member of privileged set) or
outsider (member other than n parties). A group of mem-
bers, termed malicious parties may collude with each
other and try to obtain the group key. The security of the
group key management method is based on number of
————————————————
- S. Maria Celestin Vigila is with the Information Technology Department,
Noorul Islam College of Engineering, Kumaracoil, India, 629 180.
- K.Muneeswaran is with the Department of Computer Science and Engi-
neering Department, Mepco Schlenk Engineering College, Sivakasi, India,
626005.

JOURNAL OF COMPUTING, VOLUME 3, ISSUE 6, JUNE 2011, ISSN 2151-9617
HTTPS://SITES.GOOGLE.COM/SITE/JOURNALOFCOMPUTING/
WWW.JOURNALOFCOMPUTING.ORG 41

colluding parties. Method is termed as k secure, if it is not
possible to obtain the group key even after k non-
privileged group members collude with each other,
where k is termed as threshold.

Elliptic Curve Cryptography (ECC) based securi-
ty offers a similar level of security that can be achieved
with shorter keys than existing methods which are based
on the difficulties of solving discrete logarithms over in-
tegers or integer factorizations. The use of Elliptic Curves
(EC) in public key cryptography was independently pro-
posed by Koblitz and Miller in 1985 [5] and since then, an
enormous amount of work has been done on elliptic
curve cryptography. ECC uses elliptic curves which are
not ellipses in which the variables and the coefficients are
all bound to elements of a finite field. The elliptic points
are used for key generation and whenever new members
are added or existing members leave, the keys are regene-
rated by considering the meticulous elliptic curve alone.

This paper proposes an ECC based effective key
computation protocol for secure group communication in
distributed environments. The group key is computed
based on Tree-based Elliptic Curve Diffie-Hellman
(TECDH) algorithm, which is then distributed to all
group members using one time pad scheme. Group access
control is attained by encrypting the group messages us-
ing the group key that is shared by all legitimate group
members. Since the mentioned scheme uses ECC which
has a low computational cost and small key size, its per-
formance in terms of these considerations is quite com-
mendable. Therefore, it can be safely anticipated that its
use will extend to wireless communication in the future.

The rest of the paper is organized as follows. Sec-
tion 2 summarizes the related works. Section 3 describes
the mathematical background to understand ECC. Section
4 proposes an efficient key computation protocol for se-
cure group communication using ECC. Section 5 gives
experiments results. Section 6 and 7 evaluates the security
and performance analysis and finally section 8 concludes
this paper.
2 RELATED WORKS

In the literature, numerous number of group key man-
agement schemes have been proposed for network group
applications. As a result of the accelerated growth in se-
cure group applications, the need to establish a group key
becomes a vital requirement. Several solutions have been
proposed to solve the problem of the group key manage-
ment. These approaches can be classified into three cate-
gories; Centralized, Decentralized and Distributed ap-
proaches [6] – [9].

In centralized approaches [9] – [11] it is the entity
that plays the role of the group manager and is responsi-
ble for generation and distribution of the group key to all
members in the group. The centralized approaches are
generally based on the idea of Logical Key Hierarchy
(LKH) which maintains a key tree. The root of the tree
plays the role of the Group Controller (GC) and shares a
group key with all members in the group, the internal
nodes of the tree represent intermediate keys and the
leaves represent the group members. Each member has a
thorough knowledge of all keys from its leaf to the root.
This effort attains scalable rekeying, which requires
(2log(n)) rekeying overhead for member joining and de-
parture, where 'n' represents the size of the group.

Afterwards, an algorithm suggested in [12] im-
proves the member joining operation such that new keys
can be computed through a one-way function without
conveying rekeying messages. Another enhancement is
the One-way Function Tree (OFT) focused in [13]. In this
approach, the keys on the key tree are generated through
one-way functions which reduces the rekeying overhead
from (2. log(n)) to log(n). Subsequently, a slightly differ-
ent scheme that achieves the equal communication over-
head is presented in [14]. Instead of using one way func-
tions, the Efficient Large-group Key (ELK) protocol ex-
plained in [15], uses pseudo-random functions to con-
struct and manipulate the keys on key tree. This will re-
duce the complexity from O(n) to O(log n). It has to be
illustrious that centralized schemes endure from the sin-
gle point of failure problem, also for a large tree and the
GC throughput can represent a bottleneck.

In decentralized approaches [16] – [18] the whole
group is split into small subgroups. Each subgroup is
managed by Subgroup Controller (SC) which minimizes
the problem of concentrating the work on a single point.
The failure of one SC will not escort to the failure of the
whole group. Mittra suggests Iolus [16], a framework
with a hierarchy of agents that divide the entire group
into smaller subgroups. Iolus exploits independent keys
for each subgroup which means that re-key of a subgroup
does not reflected in other subgroups which solve the
scalability problem. Although Iolus is scalable, the SC
may become a bottleneck because the SC must decrypt
the group messages and then re-encrypt it using the sub-
group key.

In distributed approaches, the group key is gen-
erated in a contributory fashion, where all members con-
tribute their own share in computing the group key. Ex-
amples of this approach can be found in [19] – [21]. Nu-
merous contributory schemes are enthused by the Diffie–
Hellman (DH) key exchange protocol. To extend two-
party DH protocol to the group scenario, the schemes
discussed in [22] use logical tree structures such that the
number of levels for the creation of the group key is
shrink to the logarithm of the group size.

Elliptic curve cryptography is effective for power
saving due to the usage of lesser number of bits for secure
communication [23]. Already we have implemented the
JOURNAL OF COMPUTING, VOLUME 3, ISSUE 6, JUNE 2011, ISSN 2151-9617
HTTPS://SITES.GOOGLE.COM/SITE/JOURNALOFCOMPUTING/
WWW.JOURNALOFCOMPUTING.ORG 42

text based cryptosystem using ECC over the field GF(p)
in [24] along with the results. In this paper we have se-
lected tree-based schemes as the vital building block in
developing the effective key computation protocol for
secure group communication using elliptic curve crypto-
graphy.
3 MATHEMATICAL BACKGROUND

The hardness of the Elliptic Curve Discrete Logarithm
Problem (ECDLP) enables ECC to operate on groups of
points over EC for security. While sub-exponential algo-
rithms are suitable for solving the integer factorization
problem, only exponential algorithms are known for the
ECDLP. Hence ECC is able to achieve the same level of
security with smaller key sizes and higher computational
efficiency.

3.1. Elliptic Curves

An elliptic curve takes the general form as:
b ax x y E + + =
3 2
:
(1)
where x, y are co-ordinates of GF(p), and a, b are integer
modulo p, satisfying

) (mod 0 27 4
2 3
p b a = +
(2)
Here ‘p’ is modular prime integer which makes
the EC of finite field. An elliptic curve E over GF(p) con-
sist of the points (x, y) defined by (1) and (2), along with
an additional point called O (point at infinity) in EC.
These points are said to be affine points.

3.2. Elliptic Curve Arithmetic

Point addition and point doubling form the basis for EC
operations. ECC primitives [25] require scalar point mul-
tiplication. Let P is a point with the co-ordinates x, y on
an EC, and one needs to compute kP, where k is a posi-
tive integer. This scalar multiplication can be done by a
series of doubling and addition of P. For example, given k
=13, entails the following sequence of operations, by
which the efficiency of the scalar multiplication of the
points is improved.

P 2P 3P 6P 12P 13P
Doub
ling
Addition Doub
ling
Doub
ling
Addition

Let us start with P(x
P
, y
P
). To determine 2P, P is
doubled. This should be an affine point on EC. Use the
following equation, which is a tangent to the curve at
point P.
( ) | | p y a x S
P P
mod 2 / 3
2
+ =
(3)
Then R=2P that has affine coordinates (x
R
, y
R
) given by:
( ) p X S X
P R
mod 2
2
÷ =

( ) ( ) p Y X X S Y
P R P R
mod ÷ ÷ =
(4)

In order to determine 3P, we use addition of
points P and 2P, treating 2P=Q. Here P has coordinates
(x
P
, y
P
). Q=2P has coordinates (x
Q
, y
Q
). Now the slope is:
( ) ( ) | | p X X Y Y S
P Q P Q
mod / ÷ ÷ =
(5)
R Q P ÷ = +

( ) p X X S X
Q P R
mod
2
÷ ÷ =

( ) ( ) p Y X X S Y
P R P R
mod ÷ ÷ =
(6)

Therefore we apply doubling and addition depending on
a sequence of operations determined for ‘k’. Every point
(x
R
, y
R
) evaluated by doubling or addition is an affine
point (points on the Elliptic Curve).
4 PROPOSED SCHEME

The intent of this work is to design a robust secure group
communication scheme by combining the advantages of
logical-key tree structure and one time pad. For secure
group communication, a group key is required to be
shared among legitimate group members to encrypt
group messages. The group key is computed based on
TECDH algorithm, which is then distributed to all group
members using one time pad scheme.

Each group is organized in a logical key hierar-
chy as in the LKH protocol which reduces the complexity
for a member who join or leave from O(n) to O(log n). The
members in a group coordinate with each other to gener-
ate the group key. The intermediate keys and the group
key are generated from bottom to up as follows.

In the first level, members are grouped into pairs
and perform two-party ECDH. Thus, two members form
a subgroup. In each of the following levels, the subgroups
formed in the previous level are once again paired and
this pair performs ECDH after which they are merged
into a larger subgroup with a shared key. Finally, all
members are merged into one group that share the group
key. Then the group key is encrypted using one time pad
enciphering scheme and then distributed to the entire
group to maintain confidentiality.

The main aim is to establish a symmetric key
among all group members in order to preserve the secu-
rity of group communication. In case of a change occurs
in the group membership by joining or leaving the group,
the group key should be updated to maintain backward
secrecy and forward secrecy.

4.1. Key Structure

Our group key management scheme uses a TECDH algo-
rithm for computing the group key from the contributions
of all group members using a binary tree. A binary tree T
is a key tree in which every node can be denoted as <h, i>
where h is the height (level) of the node and i is the index
of the node at level h. Thus, every node is uniquely iden-
tified. Each node <h, i> is associated with a private key,
P
R
<h, i>, and a public key, P
U
<h, i>. The P
U
<h, i> is com-
puted from the private key P
R
<h, i>, from Equation (7)
where G is a base point of an Elliptic Curve Equation E,
'•' is the scalar multiplication operation, and both E and
JOURNAL OF COMPUTING, VOLUME 3, ISSUE 6, JUNE 2011, ISSN 2151-9617
HTTPS://SITES.GOOGLE.COM/SITE/JOURNALOFCOMPUTING/
WWW.JOURNALOFCOMPUTING.ORG 43

G are shared by all group members in advance.
P
U
<h, i> = P
R
<h, i> • G. (7)

The key at the root node, i.e. P
R
<h, 0> represents
the group key shared by all group members. There are
two kinds of nodes in a binary tree T. One is the leaf, <h,
i>, which is associated with one and only one group
member M
i
. The private key of the group member (leaf) is
defined by
P
R
<h, i> = r
i
(8)

Where r
i
is a random integer assigned by the group mem-
ber M
i
. The other is the intermediate node, < h, i >, which
has two siblings <h −1, 2i> and <h −1, 2i +1>. It
represents a subgroup in which every sub-group (leaf or
nonleaf) member hosts it. The intermediate node’s private
key is considered as the subgroup secret key. It can be
calculated by the following rule.
P
R
<h, i> = P
R
<h−1,2i> • P
U
<h−1,2i+1>
= P
R
<h−1, 2i+1> • P
U
<h−1,2i> (9)
Where P
U
<h−1,2i> = P
R
<h−1,2i> • G


















Fig. 1: Binary key tree

For example, the subgroup secret key at height 1
and position 1 is computed as:
P
R
<1, 1> = P
R
<0, 2> • P
U
<0, 3>
= P
R
<0, 3> • P
U
<0, 2>

Fig. 1 depicts an example of a key tree. The
members M
i
and M
i+1
at height h and position i are
represented by <h, i> and <h, i+1> construct a subgroup
<h+1, i> at height h+1. The members may be at leaf level
or at intermediate level. The subgroup is either at inter-
mediate level or at root level.

4.2. Algorithm

To compute the group key for secure group communica-
tion, initially the EC points are to be generated first. The
algorithm ‘genPoints’ describes the process of generating
the EC points for the given parameters ‘a’, ‘b’, and ‘p’.
Algorithm genPoints (a, b, p)
begin
x=0;
While(x < p)
y
2
=(x
3
+ ax + b) mod p;
if( isPerfectSquare(y
2
,

GF(p)))
output(x, sqrt(y)) (x, -sqrt(y) );
x=x+1;
end

The algorithm ‘secureGroupKeyComm’ describes the
process of secure group key communication for the given
EC.

Algorithm secureGroupKeyComm( )
begin
// Let M
i
be set of legitimate members 1≤ i ≤ n
L = log
2
|M| // No. of levels
for every level h and position i
begin
computeSecureGK(h, i);
distributeGK( );
for each join and leave operation in <h, i>
begin
computeSecureGK(h, i); //Rekeying
distributeGK( );
end
end
end

The algorithm ‘computeSecureGK’ describes the process of
generating the group key for the given parameters lev-
el(height) h and position i.

Algorithm computeSecureGK(h, i)
begin
// Let M
i
be legitimate members 1≤ i ≤ n
M
i
= {P
Ui
, P
Ri
} //Key pair for M
i

P
R
<h, i> = random ( );
P
U
<h, i> = P
R
<h, i> • G;
for every level h
begin
P
R
<h, i> = P
R
<h−1,2i> • P
U
<h−1,2i+1>;
= P
R
<h−1, 2i+1> • P
U
<h−1,2i>;
G
k
<h, i> = P
R
<h, i>; // except at leaf
// G
k
<h, 0> is group key for all members.
end
end

The algorithm ‘distributeGK’ describes the process of dis-
tributing the group key for the given group members.

Algorithm distributeGK( )
begin
G
k
<h, 0> = P
R
<h,0>;
for every level h in L
begin
G
k
<h, i> = G
k
<h, i>.uLink © P
R
<h, i>;
end
end
<0,0> <0,1>
<1,0>
<0,3> <0,2>
<2,0>
<1,1>
M1 M2 M3 M4
h = 1
h = 2
h = 0
JOURNAL OF COMPUTING, VOLUME 3, ISSUE 6, JUNE 2011, ISSN 2151-9617
HTTPS://SITES.GOOGLE.COM/SITE/JOURNALOFCOMPUTING/
WWW.JOURNALOFCOMPUTING.ORG 44

5 IMPLEMENTATION AND RESULTS

For testing purposes, a typical Elliptic Curve is
represented by:
y
2
mod 487 = x
3
-5x+25 mod 487
where a=-5, b=25 and p=487. Base point implies that it
has the smallest (x, y) co-ordinates which satisfy the EC.
The base point G is selected as (0, 5).

The algorithm for secure group communication
can be illustrated using a simple example of a subgroup
of eight members. Fig. 2 depicts the logical key tree for a
group of eight members. From the sample hierarchy, we
can see that the number of the group members is n = 8
and the levels (height) of the tree is h = log
2
8 = 3. Number
of nodes in each level of the tree is 2
level.
For e.g., the num-
ber of nodes in level 2 is 4. The node 7 to 14 represents the
group members
.
M
1
, M
2
, …, M
8
. The keys of this group
are calculated as follows:














Fig. 2: A binary logical key tree for a group of eight members.

The private key P
R
of the members M
1
, M
2
, …, M
8

is randomly chosen as {719, 967, 631, 857, 523, 379, 281,
401}.
In level 3, consider the two members M
1
and M
2
and compute the public key as
For member M
1
Public key P
U
= P
R
. G
= 719.(0,5)
= (213, 351)
For member M
2
Public key P
U
= 967. (0,5)
= (114, 364)
In level 2, the members M
1
and M
2
form a sub-
group and compute the subgroup secret key as
= 719(114,364) = 967(213,351)
= (195, 469)
Similarly, other member’s subgroup secret keys
are calculated and finally the root node i.e. node 0 private
key is considered as a group key for all members in the
group. In this example, the group key (G
k
)

as 433.

Then the group key is encrypted using one time
pad enciphering scheme and then distributed to the entire
group. In our example,
G
k
<3,0> = P
R
<3,0> = 433.
Consider node 1 of the tree,
G
k
<2,0> = G
k
<2,0>.uLink © P
R
<2,0>
= 433 © 372 =197.
to obtain the subgroup key 197. Now node 1 computes
197 XOR with 372 to get the group key 433 for the node 1.
Similarly the group key is distributed to all other group
members. The node 1 to 6 represents the subgroups. The
subgroup keys are {197, 311, 6, 89, 500, 159} respectively.

Table 1 shows the keys generated and distributed
as a result of the above procedure for group of members
as shown in Fig. 2.

Table 1: Group Key Generation and Distribution

Node No. Private Key
(PR)
Public Key
(PU)
Group Key
(Gk)
0 433 (70,72) 433
1 372 (427,200) 197
2 134 (103,285) 311
3 195 (275,25) 6
4 156 (295,147) 89
5 195 (275,25) 500
6 424 (134,436) 159
7 719 (213,351) 433
8 967 (114,364) 433
9 631 (345,153) 433
10 857 (439,173) 433
11 523 (101,42) 433
12 379 (207,108) 433
13 281 (443,149) 433
14 401 (213,136) 433

When a member leaves the group, all keys on the
path from this member to the root needs to be changed in
the similar fashion except that some existing intermediate
keys do not need to be recalculated.

Table 2: Member Leave
 
Node
No.
Private
Key(PR)
Public
Key(PU)
Group Key(Gk)
Before redi-
stribution
After redi-
stribution
0 74 (95,361) 433 74
1 427 (44,452) 197 481
2 134 (103,285) 311 204
3 213 (457,272) 6 308
4 156 (295,147) 89 381
5 195 (275,25) 500 15
6 424 (134,436) 159 356
7 719 (213,351) 433 74
8 User is leaving from the group
9 631 (345,153) 433 74
10 857 (439,173) 433 74
11 523 (101,42) 433 74
12 379 (207,108) 433 74
13 281 (443,149) 433 74
14 401 (213,136) 433 74

0
1
2
3 4 5 6
7 8
9 11 10 14 13 12
4
JOURNAL OF COMPUTING, VOLUME 3, ISSUE 6, JUNE 2011, ISSN 2151-9617
HTTPS://SITES.GOOGLE.COM/SITE/JOURNALOFCOMPUTING/
WWW.JOURNALOFCOMPUTING.ORG 45


For example, if member M
2
i.e. node 8 wants to
leave from the group, the keys for the nodes 3, 1, 0 are
updated to maintain forward secrecy. The regenerated
group key as 74 and the subgroup keys are {481, 204, 308,
381, 15, 356} respectively. According to our scheme, to
achieve an elevated level of security, the regenerated
group key must be updated to the remaining group
members using one time pad enciphering scheme to
maintain the forward secrecy.

Table 2 shows the keys generated before and af-
ter the member leave procedure for group of members as
shown in Fig. 2.

If a new member wants to join a group, first
place is assigned in the group. Then the new member
randomly chooses the private key value and calculates its
public key value. Then the group key regenerated in the
similar manner as 4. All group members obtain the new
group key as 4 by replacing the old group key 74. Simi-
larly, the regenerated subgroup keys are {97, 130, 4, 253,
65, 298} respectively. To attain a high strength of security,
the group key should be altered after each join so that a
new member has no access to earlier communications.

Table 3 shows the keys generated before and af-
ter the member join procedure for group of members as
shown in Fig. 2.

Table 3: Member Join

Node
No.
Private
Key(PR)
Public
Key(PU)
Group Key(Gk)
Before redi-
stribution
After redi-
stribution
0 4 (63,457) 74 4
1 101 (291,91) 481 97
2 134 (103,285) 204 130
3 101 (291,91) 308 4
4 156 (295,147) 381 253
5 195 (275,25) 15 65
6 424 (134,436) 356 298
7 719 (213,351) 74 4
8 101 (291,91) - 4
9 631 (345,153) 74 4
10 857 (439,173) 74 4
11 523 (101,42) 74 4
12 379 (207,108) 74 4
13 281 (443,149) 74 4
14 401 (213,136) 74 4

To ensure secure data transmissions among the
group members the message to be communicated within
the group is always encrypted using the group key G
k

and the ciphered message is distributed to the group.
Only authorized group member possess the group key
and can decrypt the ciphered message. Hence, confiden-
tial communication can be achieved using secure group
key between the legitimate group members.
6 SECURITY ANALYSIS

The Security of ECC is due to the discrete logarithm prob-
lem over the points on the elliptic curve. Cryptanalysis
involves determining x given Q and P where P is a point
on the EC and Q = x P that is P added to itself x times.
The best known algorithm to break the elliptic curve
points is the pollard – rho algorithm which is a fully ex-
ponential algorithm and difficult to solve. Forward and
Backward secrecy are maintained as each session. In this
section we address the possible types of attacks. Security
tolerance of the proposed scheme in response to the vari-
ous attacks is discussed in the following subsections.

Attack 1: Exterior Collecting Attack

The first potential attack is from an outsider. If an
attacker is outsider, it means no idea about what EC or
base point is being used is known and hence more diffi-
cult to attack. Therefore, the proposed scheme restricts
intrusion from outsiders.

Attack 2: Contrary Attacks

The second possible attack is from a successor,
who might desire to acquire the group key of the imme-
diate or any prior predecessor through the public pa-
rameters and his own secret key. The unauthorized user
can generally solve this problem by the given plaintext.
However, both the ECC and the one time pad enciphering
scheme can resist forced attack in the proposed scheme
because their time complexity is placed at a reasonable
computational security. An unauthorized successor can-
not acquire the group key even after years of attempting.
Hence, the proposed scheme is extremely secure against
such an attack.

Attack 3: Interior Collecting Attacks

If a group member has many ancestors and if it
negotiates with one parent also by knowing the key as
there is no relation parameter among any of the ancestor
nodes it is not possible to obtain the key.

Attack 4: Collaborative Attacks

The collaborative attack is a type of attack where
several members collaborate to launch the attack. We as-
sume that if there is a subgroup member i.e. node 3 as in
figure 2 and there are two descendant members M
1
i.e.
node 7 and M
2
i.e. node 8. Members of M
1
and M
2
cannot
perform a collaborative attack as the secret key of any
subgroup member is calculated only from the contribu-
tion of the respective members of the level. Therefore,
attackers cannot invert the procedure to derive the sub-
group secret key.

Attack 5: Sibling Attacks

Members that have same parent also cannot
JOURNAL OF COMPUTING, VOLUME 3, ISSUE 6, JUNE 2011, ISSN 2151-9617
HTTPS://SITES.GOOGLE.COM/SITE/JOURNALOFCOMPUTING/
WWW.JOURNALOFCOMPUTING.ORG 46

break the key of a sibling member due to the absence of
any related parameters among them. To maintain the se-
cure scheme the following things are necessary.
1. The immediate parents should be faithful and the de-
scendant list should be updated.
2. The leaving/joining members from the tree hierarchy
should update their ancestor list.
3. The selection of private key by joining the new member
should be done by selecting a random value for finding a
new group key.

The EC parameters and the mechanisms along
with the private key decides the strength of the security
of the group communication. Though the EC parameters
and the mechanism may be revealed to the public over
the time, the private key owned by each member is capa-
ble of protecting the group communication making it vi-
able for commercial applications.
7 ANALYSIS OF PERFORMANCE

On computational complexity, key generation requires
executing EC addition operations and key distribution
uses one time enciphering scheme. In terms of computa-
tional overheads, Vanstone [26] had abridged that the key
sizes and bandwidth needed by ECC gives superior effi-
ciency with order of magnitude approximately 10 times
that of integer factorization systems and discrete loga-
rithm systems. In addition, Stallings [23] estimated that
the 4096-bit key size of the RSA gives the same level of
security as the 313-bit one in ECC. That is, the length of
the prime p in E
p
(a,b) is secure adequate with 300 bits.

The logical tree structure has storage overhead as
O(n). The key storage required for each member is very
minimal because each member has to store its own public
key and private key. ECC based approach takes very less
memory even the members get increased. The logical tree
structure has communication overhead as O(log
2
n). The
communication cost of TECDH depends on trees height,
balance of key tree, location of joining tree, and leaving
nodes. For member join and leave operations our ap-
proach takes less communication and computation time
as the key size for ECC is small compared to other ap-
proaches.

The major issue with the group communication
is the rekeying cost and the distribution of the public key
to all other group members in the path of change. At the
time of rekeying during the join and leave operations, the
consistence of the key usage has to be maintained.

From the above analysis, we can conclude that
the proposed key management scheme enhances the
group performance in terms of security, storage, commu-
nication and computation overhead.
8 CONCLUSION

Secure group communication plays an important role in
the area of research and has captured the attention of mil-
lions of users worldwide. In this paper, we have pro-
posed and implemented an efficient and secure group key
computation using elliptic curve cryptography along with
one time pad enciphering scheme. Here, each group is
organized as a logical key hierarchy and the group key is
computed based on TECDH algorithm. Then the public
key counter-part of the secret group key is distributed to
other sub group members. Using the dynamically com-
puted group keys both forward and backward secrecy is
maintained. The results have elucidated the fact that the
proposed protocol enhances the group performance in
terms of security, storage, communication and computa-
tion overhead. Use of EC ensures that group key is pro-
tected and intruders cannot decipher the message. Differ-
ent EC parameters can be generated and optimized for
better performance.
ACKNOWLEDGMENT

The authors are grateful to the principal and management
of Noorul Islam College of Engineering and MEPCO
Schlenk Engineering College for extending their facilities
and constant encouragement in carryingout this research
work.
REFERENCES

[1] S. Paul, Multicasting on the Internet and Its Applications, Springer-
Verlag, Jun. 1998.
[2] M. J. Moyer, J. R. Rao, and P. Rohatgi, “A survey of security
issues in multicast communications,” IEEE Network, vol. 13, no.
6, pp. 12–23, Nov. 1999.
[3] C.Wong, M. Gouda, and S. Lam, “Secure group
communications using key graphs,” IEEE/ACM Trans.
Networking, vol. 8, no. 1, pp. 16–30, Feb. 2000.
[4] D. M. Wallner, E. J. Harder, and R. C. Agee, “Key management
for multicast: Issues and architectures,” Internet Draft Rep.,
draft-wallnerkey-arch-01.txt, Sep. 1998.
[5] N.Koblitz, Elliptic Curve Cryptosystems, Mathematics of
Computation, vol.48, 1987, pp.203-209.
[6] K. C. Chan and S. H. G. Chan, “Key management approaches to
offer data confidentiality for secure multicast," IEEE Network,
vol. 17, no. 5, pp. 30-39, 2003.
[7] Y. Challal and H. Seba, “Group key management protocols: A
novel taxonomy," International Journal of Information
Technology, vol. 2, no. 1, pp. 105-118, 2005.
[8] S. Rafaeli and D. Hutchinson, “A survey of key management
for secure group communication," ACM Computing Surveys,
vol. 35, no.3, pp. 309-329, 2003.
[9] S. Setia, S. Zhu, and SR. Jajodia, A Scalable and Reliable Key
Distribution Protocol for Multicast Group Rekeying, Technical
report, George Mason University, Jan. 2002.
[10] Z. Jun, Z. Yo, M. Fanyuan, G. Dawu, and B. Yingcai, “An
extension of secure group communication using key graph,"
Elsevier Information Sciences, vol. 176, pp. 3060-3078, 2006.
[11] W. H. D. Ng, M. Howarth, Z. Sun, and H. Cruickshank,
“Dynamic balanced key tree management for secure multicast
JOURNAL OF COMPUTING, VOLUME 3, ISSUE 6, JUNE 2011, ISSN 2151-9617
HTTPS://SITES.GOOGLE.COM/SITE/JOURNALOFCOMPUTING/
WWW.JOURNALOFCOMPUTING.ORG 47

communications," IEEE Transactions on Computers, vol. 56, no.
5, pp. 590-605, 2007.
[12] M. Waldvogel, G. Caronni, D. Sun, N. Weiler, and B. Plattner,
“The versakey framework: Versatile group key management,”
IEEE J. Sel.Areas Commun., vol. 17, no. 9, pp. 1614–1631, Sep.
1999.
[13] D. Balenson, D. McGrew, and A. Sherman, “Key management
for large dynamic groups: One-way function trees and
amortized initialization,” Internet Draft, draft-irtf-smug-
groupkeymgmt-oft-00.txt, 2000.
[14] R. Canetti, J. Garay, G. Itkis, D. Miccianancio, M. Naor, and B.
Pinkas, “Multicast security: A taxonomy and some efficient
constructions,” in Proc. IEEE INFOCOM, 1999, vol. 2, pp. 708–
716.
[15] A. Perrig, D. Song, and D. Tygar, “ELK, a new protocol for
efficient large-group key distribution,” in Proc. IEEE Symp.
Security Privacy, 2001, pp. 247–262.
[16] S. Mittra, “Iolus: A framework for scalable secure multicasting,"
ACM SIGCOMM Computer Communication Review, vol. 27,
no. 4, pp. 277-288, 1997.
[17] M. Peyravian, S. M. Matyas, and N. Zunic, “Decentralized
group key management for secure multicast communications,"
Computer Communications, vol.22, pp. 1183-1187, 1999.
[18] S. Rafaeli and D. Hutchinson, “Hydra : A decentralized group
key management," Proceedings of the 11th IEEE International
WETICE: Enterprise Security Workshop, pp. 62-67, June 2002.
[19] X. Chan, B. N. W. Ma, and C. Yang, “M-CLIQUES: Modified
CLIQUES key agreement for secure multicast," Elsevier
Computers and Security, vol. 26, pp. 238-245, 2007.
[20] M. Steiner, G. Tsudik, and M. Waidner, “Key agreement in
dynamic peer groups," IEEE Transactions on Parallel and
Distributed Systems, vol. 11, no. 8,pp. 769-780, Aug. 2000.
[21] H. K. Aslan, “A scalable and distributed multicast security
protocol using a subgroup-key hierarchy," Elsevier Computers
and Security, vol. 23, pp. 320- 329, 2004.
[22] W. Trappe, Y.Wang, and K. J. R. Liu, “Resource-aware
conference key establishment for heterogeneous networks,”
IEEE/ACM Trans. Netw., vol. 13, no. 1, pp. 134–146, Feb. 2005.
[23] William Stallings, “Cryptograpy and Network Security:
Principles and Practices,” Fourth Edition, Prentice Hall, 2005.
[24] S.Maria Celestin Vigila, K.Muneeswaran. “Implementation of
Text based Cryptosystem using Elliptic Curve Cryptography”
IEEE 2009, ISBN: 978-1-4244-4787-9/09, pp 82-85.
[25] Standard specifications for public key cryptography, IEEE
standard, p1363, 2000.
[26] S.A. Vanstone, “Elliptic Curve Cryptosystem – The answer to
strong, fast public-key cryptography for securing constrained
environments, Information Security Technical Report 2(2), 1997,
78-87.

S. Maria Celestin Vigila completed the B.E. degree in Computer
Science and Engineering in 1996 and the M.E. degree in Computer
Science and Engineering in 1999. She is currently pursuing her re-
search in the area of Information Security under Anna University,
Tiruchirappalli. She is presently Assistant Professor in the Depart-
ment of Information Technology, Noorul Islam College of Engineer-
ing, Kumaracoil and a member of ISTE and IET. Her research inter-
est includes Cryptography and Network Security, Wireless Networks
and Information Hiding.

K. Muneeswaran is Professor and Head of the Department of Com-
puter Science and Engineeering, Mepco Schlenk Engineering Col-
lege, Sivakasi. His area of interest includes image analysis, comput-
er networks, neural networks, security, grid and cloud computing.
Seven research scholars are working under his supervison. He con-
tributed to many funded research projects. Also he is the reviewer for
the peer reviewed International journals.

Sign up to vote on this title
UsefulNot useful

Master Your Semester with Scribd & The New York Times

Special offer for students: Only $4.99/month.

Master Your Semester with a Special Offer from Scribd & The New York Times

Cancel anytime.