Key Establishment Using Secure Distance Bounding Protocols

Key establishment is one of the major challenges in wireless personal area networks, as traditional security mechanisms often do not cope with the dynamic characteristics of wireless ad-hoc networks. In this paper, we present an efficient key establishment protocol, based on the basic Diffie-Hellman protocol. It enables mutual device authentication through presence and establishes a session key between personal mobile devices which do not yet share any authenticated cryptographic material. Distance bounding protocols, which have been introduced by Brands and Chaum at Eurocrypt'93 to preclude distance fraud and mafia fraud attacks, are employed to determine an upper- bound on the distance to another entity. Our solution only requires limited user-interaction: the user of a mobile device is expected to perform a visual verification within a small physical space.

[1]  Michael Sirivianos,et al.  Loud and Clear: Human-Verifiable Authentication Based on Audio , 2006, 26th IEEE International Conference on Distributed Computing Systems (ICDCS'06).

[2]  Diana K. Smetters,et al.  Talking to Strangers: Authentication in Ad-Hoc Wireless Networks , 2002, NDSS.

[3]  Alfred Menezes,et al.  Elliptic curve public key cryptosystems , 1993, The Kluwer international series in engineering and computer science.

[4]  Bart Preneel,et al.  Distance Bounding in Noisy Environments , 2007, ESAS.

[5]  Christian Gehrmann,et al.  Manual authentication for wireless devices , 2004 .

[6]  Michael K. Reiter,et al.  Seeing-is-believing: using camera phones for human-verifiable authentication , 2005, 2005 IEEE Symposium on Security and Privacy (S&P'05).

[7]  Srdjan Capkun,et al.  SECTOR: secure tracking of node encounters in multi-hop wireless networks , 2003, SASN '03.

[8]  Alfred Menezes,et al.  Handbook of Applied Cryptography , 2018 .

[9]  Jaap-Henk Hoepman Ephemeral Pairing on Anonymous Networks , 2005, SPC.

[10]  Jaap-Henk Hoepman The Ephemeral Pairing Problem , 2004, Financial Cryptography.

[11]  Srdjan Capkun,et al.  Key Agreement in Peer-to-Peer Wireless Networks , 2006, Proceedings of the IEEE.

[12]  Bart Preneel,et al.  Location verification using secure distance bounding protocols , 2005, IEEE International Conference on Mobile Adhoc and Sensor Systems Conference, 2005..

[13]  David Chaum,et al.  Distance-Bounding Protocols (Extended Abstract) , 1994, EUROCRYPT.

[14]  Paramvir Bahl,et al.  RADAR: an in-building RF-based user location and tracking system , 2000, Proceedings IEEE INFOCOM 2000. Conference on Computer Communications. Nineteenth Annual Joint Conference of the IEEE Computer and Communications Societies (Cat. No.00CH37064).

[15]  Tim Kindberg,et al.  Validating and Securing Spontaneous Associations between Wireless Devices , 2003, ISC.

[16]  Frank Stajano,et al.  The Resurrecting Duckling: Security Issues for Ad-hoc Wireless Networks , 1999, Security Protocols Workshop.

[17]  Ingrid Verbauwhede,et al.  The energy cost of secrets in ad-hoc networks , 2002 .

[18]  Markus G. Kuhn,et al.  So Near and Yet So Far: Distance-Bounding Attacks in Wireless Networks , 2006, ESAS.

[19]  N. Asokan,et al.  Secure device pairing based on a visual channel , 2006, 2006 IEEE Symposium on Security and Privacy (S&P'06).

[20]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[21]  C. Gehrmann,et al.  Security in personal area networks , 2004 .

[22]  Frank Stajano,et al.  The Resurrecting Duckling - What Next? , 2000, Security Protocols Workshop.

[23]  Bart Preneel,et al.  Improved Pairing Protocol for Bluetooth , 2006, ADHOC-NOW.