Key Management Schemes Based on Key Hypergraph and Identity-based Cryptography in Multi-domain Optical Networks
draft-wu-eupap-kms-mon-00

Abstract

In view of the characteristics of multi-domain optical networks under hierarchical PCE architecture and its key management needs, a novel key management scheme (KMS-KI) based on key hypergraph and in this paper identity-based cryptography was proposed. The key relationship of multi-domain optical networks was firstly modeled into key hypergraph with two layers, namely the vertices was represented by points and the key relation at all levels was described with hyperedge. And the master keys, the public keys and private keys, the session keys, the layer group keys and the inter-domain keys were generated respectively and were dynamic managed by using hierarchical identity-based cryptography and improved private key generation strategies. When the group members join or leave, the remaining group members autonomously used the key value of the pPCE or cPCE to calculate and update the group key. So the risk that the new group key was uncovered by adversary was greatly reduced. KMS-KI scheme possessed the security performance of forward and backward, confidentiality of private keys and the ability of resisting collusive attack. Meanwhile, it not only supported the using of hierarchical identity-based cryptography, but also had performed comprehensively well in terms of numbers of the key storage, numbers of cPCE communication, encryption and decryption times.

Authors

Hao Chen

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)