A new authentication protocol for revocable anonymity in ad-hoc networks

This paper describes a new protocol for authentication in ad-hoc networks. The protocol has been designed to meet specialized requirements of ad-hoc networks, such as lack of direct communication between nodes or requirements for revocable anonymity. At the same time, a ad-hoc authentication protocol must be resistant to spoofing, eavesdropping and playback, and man-in-the-middle attacks. The article analyzes existing authentication methods based on the Public Key Infrastructure, and finds that they have several drawbacks in ad-hoc networks. Therefore, a new authentication protocol, basing on established cryptographic primitives (Merkle's puzzles and zero-knowledge proofs) is proposed. The protocol is studied for a model ad-hoc chat application that provides private conversations.

[1]  Mark Looi,et al.  Secure Authorisation Agent for Cross-Domain Access Control in a Mobile Computing Environment , 2001, ICISC.

[2]  Jean-Jacques Quisquater,et al.  A Practical Zero-Knowledge Protocol Fitted to Security Microprocessor Minimizing Both Transmission and Memory , 1988, EUROCRYPT.

[3]  Jan Camenisch,et al.  An Efficient System for Non-transferable Anonymous Credentials with Optional Anonymity Revocation , 2001, IACR Cryptol. ePrint Arch..

[4]  Ivan Damgård,et al.  Commitment Schemes and Zero-Knowledge Protocols , 1998, Lectures on Data Security.

[5]  Michelle S. Wangham,et al.  A Security Scheme for Mobile Agent Platforms in Large-Scale Systems , 2003, Communications and Multimedia Security.

[6]  Akhil Sahai,et al.  A secure platform for peer-to-peer computing in the Internet , 2002, Proceedings of the 35th Annual Hawaii International Conference on System Sciences.

[7]  Z. Kotulski,et al.  On Mobile Agents Anonymity ; formulating traffic analysis problem , 2003 .

[8]  Z. Kotulski,et al.  A new protocol for group authentication providing partial anonymity , 2005, Next Generation Internet Networks, 2005.

[9]  Dharma P. Agrawal,et al.  Mobile Ad hoc Networking , 2002 .

[10]  Ivan Damgård,et al.  Zero-Knowledge Authentication Scheme with Secret Key Exchange , 1988, Journal of Cryptology.

[11]  Jean-Yves Le Boudec,et al.  Nodes bearing grudges: towards routing security, fairness, and robustness in mobile ad hoc networks , 2002, Proceedings 10th Euromicro Workshop on Parallel, Distributed and Network-based Processing.

[12]  Ralph C. Merkle,et al.  Secure communications over insecure channels , 1978, CACM.

[13]  Giovanni Di Crescenzo,et al.  Foundations of Modern Cryptography , 2005 .

[14]  Oded Goldreich,et al.  On the Foundations of Modern Cryptography , 1997, CRYPTO.

[15]  Vipin Swarup,et al.  Authentication for Mobile Agents , 1998, Mobile Agents and Security.

[16]  Amos Fiat,et al.  How to Prove Yourself: Practical Solutions to Identification and Signature Problems , 1986, CRYPTO.

[17]  Andy Oram,et al.  Peer-to-Peer: Harnessing the Power of Disruptive Technologies , 2001 .

[18]  Yvo Desmedt,et al.  Is hierarchical public-key certification the next target for hackers? , 2004, CACM.

[19]  Wayne Jansen,et al.  NIST Special Publication 800-19 – Mobile Agent Security , 2000 .

[20]  Zbigniew Kotulski,et al.  Mobile Agents: Preserving Privacy and Anonymity , 2004, IMTCI.

[21]  Azzedine Boukerche,et al.  A novel solution for achieving anonymity in wireless ad hoc networks , 2004, PE-WASUN '04.

[22]  Jennifer Seberry,et al.  Fundamentals of Computer Security , 2003, Springer Berlin Heidelberg.

[23]  Oded Goldreich,et al.  Zero-Knowledge twenty years after its invention , 2002, Electron. Colloquium Comput. Complex..

[24]  Srdjan Capkun,et al.  Self-Organized Public-Key Management for Mobile Ad Hoc Networks , 2003, IEEE Trans. Mob. Comput..