In several areas of technology the need for secure communication within groups of devices emerged over the last years, for example the Internet of Things (IoT) with groups of sensors/actors communicating with each other or car-to-car-communication. Groups are typically managed by the means of a group key management protocol, one of which is G-IKEv2. G-IKEv2 is a proposed standard based on the established IKEv2.
Also the groups may be very dynamic, which means that participants enter a group or leave the group very frequently. The security of dynamic groups depends on efficient algorithms to provide new cryptographic keys to the group members (GMs) when GMs get excluded from or leave the group or new GMs join the group. This is to ensure security features such as forward and backward secrecy. One algorithm which supports efficient rekeying is LKH (Logical Key Hierarchy). It is based on a tree structure where each node represents a cryptographic key and each leaf node is the individual key of a specific GM.
This work implements secure rekeying of GMs by using the LKH algorithm in the G-IKEv2 protocol. The group controller side is integrated into the Strongswan project, a multi-platform IKE Daemon. The GM side is implemented for RIOT OS. An evaluation will assess the resource requirements of the implementation especially in regard to computational and memory demand, which is particularly important for constrained devices typically found in IoT scenarios.
As a start, the following literature is of interest:
Prof. Dr. D. Kranzlmüller
Dauer der Bachelor-Arbeit: 3 Monate
Anzahl Bearbeiter: 1