DSGC � Decentralized Secure Group Communication

Abstract

With the rapid growth in usage of network enabled devices like laptops and mobile phones, the amount of group communication has increased providing opportunities for new group communication services. The purpose of this research is to develop an approach for secure group communication through a shared network. Basic requirement of a secure communication group is to preserve the secrecy of the information by ciphering so that only the members of a group (called clients) can decipher to extract the information which is called client-to-client security. Also to improve the confidentiality, a method is to be suggested to prevent clients with fake user information. Similarly the newly suggested approach is expected to use most efficient algorithms suitable for capable devices like mobile phones while preserving secrecy. As a basis for a solution, an analysis of some existing group communication protocols and tools were carried out. None of those were providing the expected client-to-client security; but a few were suggesting a client-to-server security which allows the centralized server or service provider to decipher the information other than intended clients; raising a major security concern. Asymmetric cryptography based ECC algorithm is selected for member identification in the proposed solution. A centralized entity (called deployer) is designed with a pair of publicprivate keys and is capable of generating tokens to certify member information. Each member is provided with a pair public-private keys and a token generated by the deployer. Additionally, all members are provided with the public key of the deployer to validate the member information certified by token. Any member is allowed to create groups and play the group owner's role. Asymmetric key cryptography is not suitable for member message ciphering as each message has to be encrypted multiple times (once per each client) using intended clients’ public keys which increases computational cost vastly. Hence a hybrid of asymmetric and symmetric key cryptography is used where a symmetric key for AES is shared across all members using ECC. Author has not covered the network discovery of members, but has suggested as a future step to enhance as a fully fledged application. Similarly, an approach to securely retrieve keys and tokens via the network is not covered which could avoid the requirement of carrying those along themselves.