pTASC: trustable autonomous secure communications

The number of devices connected to the Internet has been increasing exponentially. There is a substantial amount of data being exchanged among numerous connected devices. The added convenience brought by these devices spans across multiple facets of everyday life, such as drivers reporting an accident through dash cams, patients monitoring their own health, and companies controlling the safety of their facilities. However, it is critical to increase safety and privacy across the data generated and propagated by these devices. Previous works have focused mainly on device management and relied on centralized solutions namely Public Key Infrastructure (PKI). This paper describes a novel mechanism that ensures secure autonomous communication between Internet of Things (IoT) devices, while using a completely decentralized solution that mitigates the classical single points-of-failure problem. This is accomplished by a new peer-to-peer protocol using Short Authentication Strings (SAS), in which verification is made through a Limited-Location Channel (LLC).

[1]  N. Asokan,et al.  Key agreement in ad hoc networks , 2000, Comput. Commun..

[2]  Pieter H. Hartel,et al.  Feeling is Believing: a location limited channel based on grip pattern biometrics and cryptanalysis , 2006 .

[3]  Feng Hao,et al.  Password Authenticated Key Exchange by Juggling , 2008, Security Protocols Workshop.

[4]  A. Takanen,et al.  Securing VoIP Networks: Threats, Vulnerabilities, and Countermeasures , 2007 .

[5]  Carlisle Adams,et al.  Understanding PKI: Concepts, Standards, and Deployment Considerations , 1999 .

[6]  Mats Näslund,et al.  The Secure Real-time Transport Protocol (SRTP) , 2004, RFC.

[7]  Jiejun Kong,et al.  Providing robust and ubiquitous security support for mobile ad-hoc networks , 2001, Proceedings Ninth International Conference on Network Protocols. ICNP 2001.

[8]  Feng Hao J-PAKE: Password-Authenticated Key Exchange by Juggling , 2017, RFC.

[9]  Serge Vaudenay,et al.  Secure Communications over Insecure Channels Based on Short Authenticated Strings , 2005, CRYPTO.

[10]  Maryline Laurent-Maknavicius,et al.  Survey on secure communication protocols for the Internet of Things , 2015, Ad Hoc Networks.

[11]  João S. Resende,et al.  Evaluating the Privacy Properties of Secure VoIP Metadata , 2018, TrustBus.

[12]  Andreas Steffen,et al.  SIP Security , 2004, DFN-Arbeitstagung über Kommunikationsnetze.

[13]  Marimuthu Palaniswami,et al.  Internet of Things (IoT): A vision, architectural elements, and future directions , 2012, Future Gener. Comput. Syst..

[14]  Qiang Tang,et al.  Two More Efficient Variants of the J-PAKE Protocol , 2016, ACNS.

[15]  Shantanu Chakrabartty,et al.  Dynamic Authentication Protocol Using Self-Powered Timers for Passive Internet of Things , 2018, IEEE Internet of Things Journal.

[16]  Jan Bosch,et al.  Design Patterns as Language Constructs , 1998, J. Object Oriented Program..

[17]  Jon Callas,et al.  ZRTP: Media Path Key Agreement for Unicast Secure RTP , 2011, RFC.

[18]  Luiz A. DaSilva,et al.  Authentication protocols for ad hoc networks: taxonomy and research issues , 2005, Q2SWinet '05.

[19]  Michael Kreutzer,et al.  Pre-Authentication Using Infrared , 2005 .

[20]  Christian Huitema,et al.  Device Pairing Using Short Authentication Strings , 2018 .

[21]  Diana K. Smetters,et al.  Talking to Strangers: Authentication in Ad-Hoc Wireless Networks , 2002, NDSS.

[22]  Peter Sweeney,et al.  Simple authenticated key agreement algorithm , 1999 .