Resumen de Contribucion a la seguridad de grupo en redes inalambricas avanzadas

Juan Bautista Hernández Serrano

• Advanced Wireless Networks comprise a wide range of devices that autonomously inter-communicate offering a wide variety of services: fire detection, fleet management, ad-hoc networks completely independent of a fixed backbone, etc. Traditionally, wireless devices had reduced capabilities and were managed in a completely centralized manner.

  Today, they are equipped with advanced features and take an active part in all the network mechanisms.

  The widespread use of such networks creates new vulnerabilities in terms of security. Wireless networks, unlike wired ones, allow an attacker to easily access the media. In addition, the volubility of mobile devices difficult to predict failures prior to the network deployment. Traders' precipitation is added to such risks: instead of developing a well thought security architecture, traders are producing new products and services at breakneck speed.

  Since advanced wireless networks distribute critical services between groups of devices, within all the security challenges, securing group communication is one of the most important. Group key management is in charge of generating and updating the keying material used for securing the group during its whole life.

  Prior proposals on group key management over advanced wireless networks focuses on generating initial group keys.

  However, these proposals do not provide efficient solutions for the necessary rekeying when the group membership changes due to its members mobility and/or dynamism. This thesis presents four contributions to group key management over advanced wireless networks. All proposals are designed to support a wide amount of members and emphasize the efficient management of the group dynamism.

  The first two contributions of this thesis apply to wireless ad-hoc networks. The first one is a security protocol for centralized broadcast services that splits the domain of management into smaller and easier management areas. The second one presents an autonomous and distributed protocol for cluster establishment that allows using existing centralized key management solutions over backbone-less networks.

  Third and fourth contributions are designed for networks where group tasks are distributed in a peer-to-peer manner within all the members. Third one details a scheme of logical tree of keys where both the creation and the management tasks are completely distributed between all the group members. Finally, the fourth and last contribution of this thesis is a modification of the prior scheme in order to support low-end devices such as sensors. Resources saving is based on symmetric cryptography and cross-layer communication with the routing protocol.

  All the contributions are made up of a formal protocol description, its analysis and a performance evaluation.

  Evaluation is provided by a simulation/emulation tool developed with such purpose.