MICSS: A Realistic Multichannel Secrecy Protocol

Flaws in cryptosystem implementations, such as the Heartbleed bug, render common confidentiality mechanisms ineffective. Defending in depth when this happens would require a different means of providing confidentiality, which could then be layered with existing cryptosystems. This paper presents MICSS, a network protocol which uses multichannel secret sharing rather than encryption to protect data confidentiality. The MICSS protocol ensures perfect secrecy against an (n-1)-channel attacker and operates at line speed in a three-channel throughput benchmark. MICSS provides a practical means of securing network communications, and it layers seamlessly with cryptosystems to mitigate the effects of implementation flaws.

[1]  A. W. Roscoe,et al.  Authentication protocols based on low-bandwidth unspoofable channels: A comparative survey , 2011, J. Comput. Secur..

[2]  Mark Handley,et al.  TCP Extensions for Multipath Operation with Multiple Addresses , 2020, RFC.

[3]  Marcelo Bagnulo,et al.  Threat Analysis for TCP Extensions for Multipath Operation with Multiple Addresses , 2011, RFC.

[4]  Sugata Sanyal,et al.  A Novel Multipath Approach to Security in Mobile Ad Hoc Networks (MANETs) , 2011, ArXiv.

[5]  Frank Stajano,et al.  The Resurrecting Duckling: Security Issues for Ad-hoc Wireless Networks , 1999, Security Protocols Workshop.

[6]  Bernt Schiele,et al.  Smart-Its Friends: A Technique for Users to Easily Establish Connections between Smart Artefacts , 2001, UbiComp.

[7]  Srdjan Capkun,et al.  Key Agreement in Peer-to-Peer Wireless Networks , 2006, Proceedings of the IEEE.

[8]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[9]  Frank Stajano,et al.  Multi-channel Protocols , 2005, Security Protocols Workshop.

[10]  Frank Stajano,et al.  Multichannel Security Protocols , 2007, IEEE Pervasive Computing.

[11]  Hirosuke Yamamoto On secret sharing communication systems with two or three channels , 1986, IEEE Trans. Inf. Theory.

[12]  Michael K. Reiter,et al.  Seeing-is-believing: using camera phones for human-verifiable authentication , 2005, 2005 IEEE Symposium on Security and Privacy (S&P'05).

[13]  Kaisa Nyberg,et al.  Enhancements to Bluetooth Baseband Security , 2007 .

[14]  Diana K. Smetters,et al.  Talking to Strangers: Authentication in Ad-Hoc Wireless Networks , 2002, NDSS.

[15]  Ross J. Anderson Why cryptosystems fail , 1994, CACM.

[16]  G. R. BLAKLEY Safeguarding cryptographic keys , 1979, 1979 International Workshop on Managing Requirements Knowledge (MARK).

[17]  Jaap-Henk Hoepman The Ephemeral Pairing Problem , 2004, Financial Cryptography.

[18]  Yuguang Fang,et al.  A multipath routing approach for secure data delivery , 2001, 2001 MILCOM Proceedings Communications for Network-Centric Operations: Creating the Information Force (Cat. No.01CH37277).

[19]  Randall R. Stewart,et al.  Stream Control Transmission Protocol , 2000, RFC.

[20]  Claude E. Shannon,et al.  Communication theory of secrecy systems , 1949, Bell Syst. Tech. J..

[21]  G. R. Blakley One time Pads are Key Safegaurding Schemes, not Cryptosystems. Fast Key Safeguarding Schemes (Threshold Schemes) Exist. , 1980, 1980 IEEE Symposium on Security and Privacy.