A CRITICAL STUDY ON GROUP KEY MANAGEMENT PROTOCOLS AND SECURITY ASPECTS FOR NON-NETWORKS

The rise in internet usage and advanced communication systems has led to an increase in security issues. The need for more robust and flexible secure communication has led to the introduction of mobile non-network multicast communication systems like MANET or VANET. Multicasting is increasingly being used for group-oriented applications such as video conferencing, interactive games, TV over Internet, e-learning, etc. To address the security concerns, this paper highlighted the confidentiality, authentication, and access control for non-network multicast communication systems like MANET or VANET. For this, paper explores the group key management protocols. The paper concluded that centralized and asymmetric group key management protocol (GKMP) is most effective for designing secure, and efficient communication models for non-networks. The key findings of the paper are that in group key management protocols (GKMPs) for multicast communication systems adoption of asymmetric GKMPs provides better security, and reduces computational overhead. Therefore, this paper help to improve the robustness and security of multicast communication systems and meet the growing demands of group-oriented applications over the internet.


Introduction
Multicast technology has the important capability that allows for the effective execution of group interaction, in which a particular transmitter sends a text to multiple recipients at the same moment (Hinden and Deering, 2006). One of the most important cryptographical service is "group key management protocol (GKMP)" (Hillebrand, 2002). Furthermore, it is vital that mechanisms for managing cryptographic keys be safe and satisfy the security needs of specific apps. It is also necessary to defend multicast group apps from security issues like observing critical conversations, introducing misleading informational traffic, altering key characteristics, or impersonating multicast members of the groups. As per the "Internet Engineering Task Force," (IETF), the fundamental challenge in the communication process is managing cryptographic key groups. Mobile Ad hoc Networks (MANETs) are self-contained networks built with wireless mobile nodes that do not require any infrastructure. Nodes in a MANET may easily and continuously interact with one another using frequency spectrum (Othman and Mokdad, 2010;El-Hadidi and Azer, 2021). When persistent infrastructures are not available, Mobile Ad Hoc Networks (MANETs) enable portable consumers to interact with each other. However, noise exposure, transmitting intervention, and movement commonly prevent MANET connections from functioning properly (Wu and Liaw, 2015). Despite these challenges, the increased use of the internet has significantly increased the use of MANETs in various vital operations (Devi and Hegde, 2018;Gomathy et al., 2020). Communication is performed through numerous hops due to the restricted communication range, making effective navigation crucial to determine the best route between the origin and destination (Kousar et al. 2020).
The aim of this paper is to explore the importance of Group Key Management Protocol (GKMP) for managing cryptographic keys, the need to protect multicast group applications from security issues, the challenge of managing cryptographic key groups in multicast technology, the challenges faced by Mobile Ad Hoc Networks (MANETs), and the crucial need for effective navigation to determine the best route in MANET communication.
To fulfill these objectives, the paper presented a critical analysis on GKMP for nonnetwork. The paper first of all explored usage of non-networks and then security issues in such the advice modifies the attacking style and the objective of the invasion, identification becomes much more challenging. A disruption to the node could be triggered by an attacker or a network fault. Researchers cannot categorize the nodes as trusted or untrustworthy because of the absence of a security connection (Wei et al., 2014). Energy Constraints: In any WSNs, all devices or nodes are with limited battery or power to participate in communication. The intruder can send massive amounts of traffic to the targeting node which results in wastage of energy. This will result in a "denial of service". Sometime, these intruders instruct the nodes to perform useless time-consuming processing that results in energy depletion (Wei et al., 2014). Scalability: As in non-network such as MANET or VANET, there is no pre-determined scalability. It is quite un-predictable.

Noteworthy Contributions
Several trust-based networking techniques were proposed and examined when creating a MANET. The majority of reliable management strategy was designed for cooperative navigation to identify self-destructive nodes generated by faulty nodes. Several anticipated route algorithms were also created and utilized to objectively detect different forms of security attacks. Several academics explored topics about major challenges linked with IoT-based MANETs. Several security and susceptibility threats were addressed throughout protocol architecture (Maheswari M. et al. 2021;Funderburg, L. E. and Lee, I. Y., 2021).
Routing tables must be updated regularly in preemptive routing protocols like the Destination Sequence Distance Vector (DSDV) (Perkins, C. E., & Bhagwat, P., 1994). As a result, a large amount of control signals is created. As a result, several procedures were discovered to be inappropriate for MANETs. Ad hoc on-demand distance vector routing (AODV) (Royer et al., 2003) and dynamic source routing (DSR) (Abdollahi et al., 2021) were developed as a result. Several cryptography-based procedures have been developed to safeguard connectivity amongst MANET nodes. "Effective Node Admittance and Certificateless Safe Information exchange (Saxena N. et al., 2008), Unverified Location-Aided Routing (Eldefrawy, Karim and Tsudik, Gene, 2011), Energy-Efficient Partial Permutation Encryption (Khan A. et al., 2017) (Qin Y. et al., 2014), and Non-Interactive Self-Certification (Saxena N. and Yi J.H., 2009)" are several well-known procedures. Such procedures, nevertheless, are vulnerable to a variety of security concerns and necessitate additional power from the nodes (Hammamouche et al., 2018;Subramaniyan et al., 2014).
Several safe and energy-aware transmitter networking strategies, like "Trust Aware Secure Energy Efficient Hybrid Procedure , Hybrid Secure Multipath Navigation Procedure (Srilakshmi U. et al., 2021), Sign Encryption Technology (ST) , and Recurring Reward-Based Training (Srilakshmi U. et al., 2021)", have lately been developed for MANETs. These methods have demonstrated outstanding functionality against a variety of security challenges. Even though these procedures use lesser power than traditional procedures, there remains an opportunity for improvement. Therefore, the research gaps are:  Security concerns in unicast communication, where the opponent can bear both active and passive threats when attacking a multicast broadcast.  Technical difficulties in implementing non-networks like VANET and MANET, including managing network dynamicity, administration of delay, assessment of congestion and collisions, and security difficulties.  Societal and economic difficulties in implementing non-networks, such as the uniformity of information, great mobility, error tolerance, delay regulation, key administration, no predefined boundary, network adversary, no centralized control facility, energy constraints, and scalability

Research Methods
To ensure security in multicast situations, it is important to have entity authenticity, information security, and confidentiality. Specific requirements for secure group connectivity include having a server with security policies, verifying the credentials of group participants and admins, and updating group keys in dynamic strategies when there are changes in the network. The paper is dedicated to present the systematic review on GKMP protocols for non-networks. For this bibliometric analysis is performed using steps presented in fig 3. But before designing the architecture of paper it is required to highlight some research questions that are intended. RQ. 1 What are the security concerns associated with mobile non-network multicast communication systems such as MANET or VANET? RQ. 2 What is the confidentiality, authentication, and access control requirements for securing non-network multicast communication systems? RQ. 3 What are the existing group key management protocols for non-network multicast communication systems, and how do they address security concerns? RQ. 4 How can the adoption of asymmetric GKMPs improve the security and computational efficiency of non-network multicast communication systems? To address these research questions, the paper describes the steps taken to conduct a systematic review of research articles related to security of non-networks. The eligibility criteria for articles were based on study methodology, timeline, and language. A search string was developed using Boolean operators, and multiple articles were identified from multiple databases. After screening for inclusion and exclusion criteria, some articles were removed, resulting in a final selection of relevant articles. The selected articles were categorized based on the type as: Conventional approach, cryptography-based approach and group key management based approaches, which are further presented in sub-sections.
This section discusses security techniques to combat the attacks mentioned in earlier sections. The first technique is a decentralized and collaborative system proposed by Zhang and Lee (2000) for intrusion detection in MANETs. Each node in the network identifies signs of intrusion autonomously and shares the information with other nodes. Another technique discussed is the use of packet leashes to defend against wormhole attacks, as described by Luo et al. (2019). These leashes restrict the maximum range and time a packet can travel, allowing the recipient to check if it has moved beyond the allowed range. Therefore according to type of protocol used further sub-sections are divided as:

Conventional Approaches for Protection in Non-Network
ARAN: This navigation protocol, Authenticated Routing for Ad-hoc Network (ARAN), is built on AODV (Fatemidokht et al., 2021). A third-party CA is used in this strategy to give verified certificates to nodes. Every node that joins the network must send certification requests to the CA. All authorized nodes have access to the CA's public key. For verified safe path identification, an asymmetric cryptographic approach is utilized, and timestamps are employed to determine path authenticity. SEAD: Safe and effective Ad hoc Distance (SEAD) vector technique operates on top of DSDV. For verification, it employs a one-way hash function. This approach guards against erroneous navigation. It employs a destination-sequence code to assure the path's authenticity and to prevent long-lived routes. To validate the legitimacy of paths, scrambling is used at every intermediary node.
Ariadne protocol operates on the DSR on-demand networking method (Choi and Lee, 2019). In this approach, symmetric cryptographic procedures are exceedingly effective. This approach is built on the TESLA broadcasting authenticating technologies. TESLA time intervals are employed in the path-finding and authenticating processes. SAODV: This approach was introduced to incorporate security features into the AODV protocols (Abusalah et al., 2008). To ensure legitimacy and to safeguard hop count hash operations, all routing instructions are securely verified. Regardless of whether the intermediary node knows the new path, it cannot send a route response in this method. This issue could be overcome with Double Signature, however, it raises the system's sophistication. One-Time Cookie: Cookies are typically allocated each session for session administration. However, to protect the system against session intrusion and SID theft, this approach introduces the idea of "one-time cookie (OTC)" (Dacosta, I. et al., 2012). ECDSA: Elliptical Curve Digital Signature Algorithm (Cui et al., 2018), which uses digital signatures as the name implies. This system provides authentication and protection through the use of a hash function and asymmetrical cryptographic procedures. The elliptical curve domain characteristics must be agreed upon by both the transmitter and the recipient. RobSAD: Robust approach for Sybil Threat Identification, the key idea underlying this technique is that two separate automobiles cannot share similar motion patterns when influenced by various drivers, because every individual drive as per their convenience and requirement. Holistic Protocol: This protocol outlines the authenticating process used by RSU for the registration of vehicles. During the registration stage, the car sends a Hello message to the RSU, and the RSU responds by generating a Registration id (containing the license number and the vehicle registration number) and sending it to the automobile. Furthermore, RSU's certificate is used for verification. Only information is exchanged with the node if it is authorized; else, the node is blocked.

Cryptography for Protection in Non-Network
Cryptography is one of the mathematical model to secure the communication in which readable data are converted into unreadable format. As a result, it is impossible to construct a novel layout depending on composite cryptographic approaches without a strong security assessment, which is based primarily on cryptographic reasoning. One approach to achieving this objective is to study and comprehend from other people by assessing existing MANET/WSN security strategies, as well as to fully comprehend the network to better comprehend how cryptographic technologies merge with MANETs/WSNs to focus on providing a security provider with satisfactory network connectivity, expandability, retrieval, and synchronization.
Multiple methodologies can be used to assess the security architecture. The purpose is to present insight into the use of cryptographic methods and to investigate basic cryptographic approaches as they apply to authenticity, integrity, and key management in MANETs/WSNs. Similarly, in the security and functionality of MANETs/WSNs, cryptography algorithms could be efficiently applied in various phases of network bootstrapping, packet transmission, and variables to be assessed (Zhao et al., 2011). After the examination, these strategies can undoubtedly be repurposed as known cryptographic approaches. One strategy they use here is to disintegrate the layout utilizing cryptographic methods and reprogram it, then examine how the new layout is constructed using alternative cryptographic methods.

Group-Key Management for Non-Network
There are three types of group key management policies and procedures: centralized, decentralized, and distributed (El-Bashary, M. et al., 2015). A group key server (KS) is accountable for group key dispersion and upgrading in centralized group key administration procedures. The organization is separated into subgroups in decentralized group key management approaches. There is a group key that is used by all members of the group, and each subgroup has a shared key. There is a group key (GK) server for the group and a subgroup key (SGK) server for every subgroup in this situation. In distributed group key administration methods, also known as the key agreement, all group members work together to develop and share the transportation encryption key for safe interactions (He et al., 2009). Although the centrally controlled group key administration techniques are simpler to set up for non-networks. A bottleneck and a single point of breakdown are thought to exist in the KS. The procedure of upgrading keys requires lesser bandwidth when using decentralized group key administration methods. Although decentralized group key administration methods are convoluted and less flexible, they might be the best course of action for MANET because they do away with bottleneck and single point of failure issues in addition to the "1 impacts n" phenomenon. An energy-efficient routing protocol using group key management and asymmetric key cryptography was proposed by Bondada et al. (2022). Performance analyses showed that the proposed protocol outperforms competitive protocols in terms of EED, PDR, throughput, and energy consumption by up to 3.6872%. Yadava et al. (2021) presented a new group key management protocol called ALMS, which has been implemented and tested against existing protocols.
The results show that ALMS is more scalable than other protocols, with low computational overhead for both the TA and receiving vehicles, and does not suffer from key distribution limitations. ALMS outperforms CGKD and CGKMS with 99% and 98% lower average computational cost and is 24 and 51 times faster than VGKM with 128-bit key size for group key computation when group size is 20, and the number of registered vehicles equals 200 and 500, respectively. ALMS with double key size performs 496K and 132K times faster than CGKD and CGKMS, respectively. Mansour et al. (2021) proposed an efficient centralized group key distribution (CGKD) protocol that minimizes the computation cost of the key server (KS) during key updating. The proposed scheme is implemented in JAVA and tested on a computer with an Intel Core i5 processor, 4 GB RAM, and 1000 GB HDD running Windows-8 OS. The proposed protocol outperforms existing similar protocols by significantly reducing the computation and storage complexity of the KS while maintaining less and balanced communication overhead of the KS and storage load of each group member. The protocol is also extended based on a clustered tree that is very scalable and efficient to handle enormous membership changes

Results and Discussions
Group key management protocols (GKMP) are based on multicast cryptography to establish secure channels among nodes in highly dynamic networks, such as MANET or VANETs. In this paper, GKMP is categorized and reviewed into two types: one is symmetric GKMP and asymmetric GKMP. Symmetric GKMP is the protocol that use the secret key for both transmission and retrieval. Whereas in Asymmetric GKMPs, a pair of keys are used i.e., public and private keys. There are significant research contributions for designing symmetric as well as asymmetric GKMPs. Some of them are contributed in below table 1. The table summarizes various key management protocols and their characteristics such as GKMP type, network type, pre-key distribution, communication overhead, forward secrecy, backward secrecy, and collusion attack. The protocols are divided into symmetric and asymmetric types, and centralized and distributed network types. The table also indicates if the protocols provide forward and backward secrecy and protection against collusion attacks. Pre-key distribution is used in all protocols listed, and some protocols have low overhead, while others have high overhead. According to study presented in the table some current research gaps are presented in fig 3. From table 1, the following points are concluded:  Most of the algorithms are centralized and require pre-key distribution.  Asymmetric GKMPs are better to adopt as they are more secure.  Computational overhead needs to be reduced.  More attack needs to be explored.

Conclusion
In this article, we propose a group key management strategy for protected group connectivity in non-networks, like as MANETs and VANET, that guarantees verification, text integrity, known-key security, forward and backward secretiveness, as well as the fully functioning properties of no trustable vendor, receiver non-restriction, and certificate modifiability and dynamic nature. To demonstrate the effectiveness of security algorithms in nonnetworks, the paper has presented a meta-analysis on group key management protocols for nonnetworks such as MANET or VANETs. The paper also presented the recent contributions and Routing Security and Serviceability

Inter-Networking Complexities Energy Utilization
Multicasting Location-aided Routing research works with their key features that will direct future researchers to design safe, secure, and efficient communication models for non-networks. Based on result analysis presented, it was concluded that existing GKMPs rely heavily on pre-key distribution, which can be exploited by attackers. Asymmetric GKMPs have been found to be more secure than symmetric ones. However, this may increase computational overhead, which requires further investigation. Therefore, researchers should aim to develop GKMPs that balance security with computational efficiency. Future research should aim to address the limitations of centralized, symmetric algorithms and instead focus on developing decentralized, asymmetric approaches that balance security and computational efficiency.