Identity crisis: on the problem of namespace design for ID-PKC and MANETs

In this paper, we explore the ‘interface’ between identity-based public key cryptography (ID-PKC) and mobile ad hoc networks (MANETs). In particular, we examine the problem of naming and namespace design in an identity-based key infrastructure (IKI). We examine the potential impact that different types of identifiers may have on the utility of ad hoc networks where an IKI provides the underlying key infrastructure. We also highlight a number of open problems inherent in extending namespaces to allow inter-operability amongst heterogeneous trust domains. Copyright © 2009 John Wiley & Sons, Ltd.

[1]  Diana K. Smetters,et al.  Domain-Based Administration of Identity-Based Cryptosystems for Secure Email and IPSEC , 2003, USENIX Security Symposium.

[2]  Liqun Chen,et al.  Certification of Public Keys within an Identity Based System , 2002, ISC.

[3]  A. Fleischmann Distributed Systems , 1994, Springer Berlin Heidelberg.

[4]  Liqun Chen,et al.  Applications of Multiple Trust Authorities in Pairing Based Cryptosystems , 2002, InfraSec.

[5]  J. Noel Chiappa,et al.  The Nimrod Routing Architecture , 1996, RFC.

[6]  Tuomas Aura,et al.  Cryptographically Generated Addresses (CGA) , 2005, ISC.

[7]  Yvo Desmedt,et al.  Identity-based Key Infrastructures (IKI) , 2004, SEC.

[8]  Jürgen Quittek,et al.  Scalability analysis of the TurfNet naming and routing architecture , 2005, DIN '05.

[9]  John R. Douceur,et al.  The Sybil Attack , 2002, IPTPS.

[10]  Bryan Ford,et al.  Unmanaged Internet Protocol , 2004, Comput. Commun. Rev..

[11]  Vipul Goyal,et al.  Identity-based encryption with efficient revocation , 2008, IACR Cryptol. ePrint Arch..

[12]  Kenneth G. Paterson,et al.  Trusted computing: providing security for peer-to-peer networks , 2005, Fifth IEEE International Conference on Peer-to-Peer Computing (P2P'05).

[13]  Ross J. Anderson,et al.  Two remarks on public key cryptology , 2002 .

[14]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[15]  James Kempf Securing IPv6 Neighbor Discovery Using Address Based Keys (ABKs) , 2002 .

[16]  Guang Gong,et al.  Bootstrapping Security in Mobile Ad Hoc Networks Using Identity-Based Schemes with Key Revocation , 2006 .

[17]  FordBryan Unmanaged Internet Protocol , 2004 .

[18]  Nigel P. Smart,et al.  Identity-Based Encryption Gone Wild , 2006, ICALP.

[19]  Mihir Bellare,et al.  Searchable Encryption Revisited: Consistency Properties, Relation to Anonymous IBE, and Extensions , 2005, Journal of Cryptology.

[20]  Michael Kaminsky,et al.  SybilGuard: Defending Against Sybil Attacks via Social Networks , 2008, IEEE/ACM Transactions on Networking.

[21]  K. Cameron The Laws of Identity , 2005 .

[22]  Sape Mullender,et al.  Distributed systems , 1989 .

[23]  Adi Shamir,et al.  Identity-Based Cryptosystems and Signature Schemes , 1984, CRYPTO.

[24]  Russ Housley,et al.  Internet X.509 Public Key Infrastructure Certificate and CRL Profile , 1999, RFC.

[25]  Guido Appenzeller,et al.  Minimal-Overhead IP Security using Identity Based Encryption , 2002 .

[26]  Nigel P. Smart Access Control Using Pairing Based Cryptography , 2003, CT-RSA.

[27]  Frank Stajano,et al.  The Resurrecting Duckling: Security Issues for Ad-hoc Wireless Networks , 1999, Security Protocols Workshop.

[28]  B.J. Matt Toward hierarchical identity-based cryptography for tactical networks , 2004, IEEE MILCOM 2004. Military Communications Conference, 2004..

[29]  Kenneth G. Paterson,et al.  Security and Anonymity of Identity-Based Encryption with Multiple Trusted Authorities , 2008, Pairing.

[30]  Liqun Chen,et al.  Identity based authenticated key agreement protocols from pairings , 2003, 16th IEEE Computer Security Foundations Workshop, 2003. Proceedings..

[31]  Soumitra Sarkar,et al.  Global namespace for files , 2004, IBM Syst. J..

[32]  Mihaela Cardei,et al.  A Survey of Attacks and Countermeasures in Mobile Ad Hoc Networks , 2007 .

[33]  Adrian Perrig,et al.  Distributed detection of node replication attacks in sensor networks , 2005, 2005 IEEE Symposium on Security and Privacy (S&P'05).

[34]  Steven M. Bellovin,et al.  On Many Addresses per Host , 1994, RFC.

[35]  Kenneth G. Paterson,et al.  A comparison between traditional public key infrastructures and identity-based cryptography , 2003, Inf. Secur. Tech. Rep..

[36]  Elizabeth M. Belding-Royer,et al.  A secure routing protocol for ad hoc networks , 2002, 10th IEEE International Conference on Network Protocols, 2002. Proceedings..

[37]  Peter Gutmann,et al.  PKI: It's Not Dead, Just Resting , 2002, Computer.

[38]  Loren M. Kohnfelder,et al.  Towards a practical public-key cryptosystem. , 1978 .

[39]  Carl M. Ellison Improvements on Conventional PKI Wisdom , 2002 .

[40]  Robert Tappan Morris,et al.  Security Considerations for Peer-to-Peer Distributed Hash Tables , 2002, IPTPS.

[41]  Donald E. Eastlake,et al.  Domain Name System Security Extensions , 1997, RFC.

[42]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[43]  Jim Basney,et al.  On the Risks of IBE , 2006 .

[44]  Yuguang Fang,et al.  AC-PKI: anonymous and certificateless public-key infrastructure for mobile ad hoc networks , 2005, IEEE International Conference on Communications, 2005. ICC 2005. 2005.

[45]  David D. Clark,et al.  FARA: reorganizing the addressing architecture , 2003, FDNA '03.