Key Agreement in Peer-to-Peer Wireless Networks

We present a set of simple techniques for key establishment over a radio link in peer-to-peer networks. Our approach is based on the Diffie-Hellmankey agreement protocol, which is known to be vulnerable to the "man-in-the-middle" attack if the two users involved in the protocol do not share any authenticated information about each other (e.g., public keys, certificates, passwords,shared keys, etc.) prior to the protocol execution. In this paper, we solve the problem by leveraging on the natural ability of users to authenticate each other by visual and verbal contact. We propose three techniques. The first is based on visual comparison of short strings, the second on distance bounding, and the third on integrity codes; in each case, the users do not need to enter any password or other data, nor do they need physical or infrared connectivity between their devices. We base our analysis on a well-established methodology that leads us to a rigorous modularization and a thorough robustness proof of our proposal.

[1]  Srdjan Capkun,et al.  Mobility helps peer-to-peer security , 2006, IEEE Transactions on Mobile Computing.

[2]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[3]  Carl M. Ellison,et al.  Public-key support for group collaboration , 2003, TSEC.

[4]  Angelos D. Keromytis,et al.  Efficient, DoS-resistant, secure key exchange for internet protocols , 2001, CCS '02.

[5]  Dawn Song,et al.  Hash Visualization: a New Technique to improve Real-World Security , 1999 .

[6]  Hugo Krawczyk,et al.  A modular approach to the design and analysis of authentication and key exchange protocols (extended abstract) , 1998, STOC '98.

[7]  Jaap-Henk Hoepman The Ephemeral Pairing Problem , 2004, Financial Cryptography.

[8]  Dan Harkins,et al.  The Internet Key Exchange (IKE) , 1998, RFC.

[9]  Craig Metz,et al.  A One-Time Password System , 1996, RFC.

[10]  Jean-Pierre Hubaux,et al.  Key agreement over a radio link , 2004 .

[11]  Brian D. Noble,et al.  Protecting File Systems with Transient Authentication , 2005, Wirel. Networks.

[12]  Frank Stajano,et al.  Security for Ubiquitous Computing , 2002, ICISC.

[13]  Mihir Bellare,et al.  Entity Authentication and Key Distribution , 1993, CRYPTO.

[14]  Markus Jakobsson,et al.  Security Weaknesses in Bluetooth , 2001, CT-RSA.

[15]  Frank Stajano,et al.  The Resurrecting Duckling: Security Issues for Ad-hoc Wireless Networks , 1999, Security Protocols Workshop.

[16]  N. Asokan,et al.  Key agreement in ad hoc networks , 2000, Comput. Commun..

[17]  Voon Chin Phua,et al.  Wireless lan medium access control (mac) and physical layer (phy) specifications , 1999 .

[18]  David A. Wagner,et al.  Secure verification of location claims , 2003, WiSe '03.

[19]  Kaisa Nyberg,et al.  Enhancements to Bluetooth Baseband Security , 2007 .

[20]  Diana K. Smetters,et al.  Talking to Strangers: Authentication in Ad-Hoc Wireless Networks , 2002, NDSS.

[21]  Christian Gehrmann,et al.  Manual authentication for wireless devices , 2004 .

[22]  Dennis Kügler,et al.  "Man in the Middle" Attacks on Bluetooth , 2003, Financial Cryptography.

[23]  Robert J. Fontana Experimental Results from an Ultra Wideband Precision Geolocation System , 2002 .