Ephemeral Pairing on Anonymous Networks

The ephemeral pairing problem requires two or more specific physical nodes in a wireless broadcast network, that do not yet know each other, to establish a short-term relationship between them. Such short-lived pairings occur, for example, when one pays at a check-out using a wireless wallet. This problem is equivalent to the ephemeral key exchange problem, where one needs to establish a high-entropy shared session key between two nodes given only a low bandwidth authentic (or private) communication channel between the pair, and a high bandwidth shared broadcast channel. We study this problem for truly anonymous broadcast networks, discuss certain impossible scenarios and present several protocols depending on the type of communication channel between the nodes.

[1]  Rafail Ostrovsky,et al.  Efficient Password-Authenticated Key Exchange Using Human-Memorable Passwords , 2001, EUROCRYPT.

[2]  Christian Gehrmann,et al.  Manual authentication for wireless devices , 2004 .

[3]  Victor Shoup,et al.  On Formal Models for Secure Key Exchange , 1999, IACR Cryptol. ePrint Arch..

[4]  Diana K. Smetters,et al.  Talking to Strangers: Authentication in Ad-Hoc Wireless Networks , 2002, NDSS.

[5]  Stefan Lucks,et al.  Open Key Exchange: How to Defeat Dictionary Attacks Without Encrypting Public Keys , 1997, Security Protocols Workshop.

[6]  David P. Jablon Strong password-only authenticated key exchange , 1996, CCRV.

[7]  William Feller,et al.  An Introduction to Probability Theory and Its Applications , 1951 .

[8]  Flemming Nielson,et al.  Security for Mobility , 2002, FOSAD.

[9]  Frank Stajano,et al.  The Resurrecting Duckling: Security Issues for Ad-hoc Wireless Networks , 1999, Security Protocols Workshop.

[10]  Steven M. Bellovin,et al.  Encrypted key exchange: password-based protocols secure against dictionary attacks , 1992, Proceedings 1992 IEEE Computer Society Symposium on Research in Security and Privacy.

[11]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[12]  Yehuda Lindell,et al.  A Framework for Password-Based Authenticated Key Exchange , 2003, EUROCRYPT.

[13]  Bart Preneel,et al.  Advances in cryptology - EUROCRYPT 2000 : International Conference on the Theory and Application of Cryptographic Techniques, Bruges, Belgium, May 14-18, 2000 : proceedings , 2000 .

[14]  Hugo Krawczyk,et al.  Analysis of Key-Exchange Protocols and Their Use for Building Secure Channels , 2001, EUROCRYPT.

[15]  Jaap-Henk Hoepman The Ephemeral Pairing Problem , 2004, Financial Cryptography.

[16]  Mihir Bellare,et al.  Authenticated Key Exchange Secure against Dictionary Attacks , 2000, EUROCRYPT.

[17]  Feller William,et al.  An Introduction To Probability Theory And Its Applications , 1950 .

[18]  C. Gehrmann,et al.  Security in personal area networks , 2004 .

[19]  Dan Boneh,et al.  The Decision Diffie-Hellman Problem , 1998, ANTS.

[20]  Sarvar Patel,et al.  Provably Secure Password-Authenticated Key Exchange Using Diffie-Hellman , 2000, EUROCRYPT.