Unbalancing Pairing-Free Identity-Based Authenticated Key Exchange Protocols for Disaster Scenarios

In disaster scenarios, such as an area after a terrorist attack, security is a significant problem since communications involve information for the rescue officers, such as polices, militaries, emergency medical technicians, and the survivors. Such information is critically important for the rescue organizations; and protecting the privacy of the survivors is required. Normally, authenticated key exchange (AKE) is an underlying approach for security. However, available AKE protocols are either inconvenient or infeasible in disaster areas due to the very nature of disasters. To address the security problem in disaster scenarios, we propose two pairing-free identity-based AKE (ID-AKE) protocols that have unbalanced computational requirements on the two parties. Compared with existing AKE protocols, the proposed protocols have a number of advantages in disaster scenarios: 1) they are more convenient than symmetric cryptography-based AKE protocols since they do not require any preshared secret between the parties; 2) they are more feasible than asymmetric cryptography-based AKE protocols since they do not require any online server; and 3) they are more friendly to battery-powered and computationally limited devices than pairing-based and pairing-free ID-AKE protocols since they do not involve any bilinear pairing (a time-consuming operation), and have lower computational requirement on the limited party. Security of the proposed protocols are analyzed in detail; and prototypes of them are implemented to evaluate the performance. We also illustrate the application of the protocols through a vivid use case in a terrorist attack scenario.

[1]  A. W. Roscoe,et al.  FDR3 - A Modern Refinement Checker for CSP , 2014, TACAS.

[2]  Andrew R. McGee,et al.  Public safety network security considerations , 2012, Bell Labs Technical Journal.

[3]  Matthias Frank,et al.  Human mobility in MANET disaster area simulation - a realistic approach , 2004, 29th Annual IEEE International Conference on Local Computer Networks.

[4]  Kristin E. Lauter,et al.  Stronger Security of Authenticated Key Exchange , 2006, ProvSec.

[5]  Adi Shamir,et al.  Identity-Based Cryptosystems and Signature Schemes , 1984, CRYPTO.

[6]  Kenneth G. Paterson,et al.  Modular Security Proofs for Key Agreement Protocols , 2005, ASIACRYPT.

[7]  Michael Scott Unbalancing Pairing-Based Key Exchange Protocols , 2013, IACR Cryptol. ePrint Arch..

[8]  Eric Rescorla,et al.  The Transport Layer Security (TLS) Protocol Version 1.2 , 2008, RFC.

[9]  Jon Crowcroft,et al.  Evaluating opportunistic networks in disaster scenarios , 2013, J. Netw. Comput. Appl..

[10]  Jelena V. Misic,et al.  Investigating Public-Key Certificate Revocation in Smart Grid , 2015, IEEE Internet of Things Journal.

[11]  Mihir Bellare,et al.  Entity Authentication and Key Distribution , 1993, CRYPTO.

[12]  Liqun Chen,et al.  Identity based authenticated key agreement protocols from pairings , 2003, 16th IEEE Computer Security Foundations Workshop, 2003. Proceedings..

[13]  가나파시 에스 선다람 Identity based authenticated key agreement protocol , 2010 .

[14]  Mihir Bellare,et al.  Authenticated Key Exchange Secure against Dictionary Attacks , 2000, EUROCRYPT.

[15]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[16]  Jian Wang,et al.  Modeling and simulation for natural disaster contingency planning driven by high-resolution remote sensing images , 2014, Future Gener. Comput. Syst..

[17]  Kyung-Ah Shim Efficient ID-based authenticated key agreement protocol based on Weil pairing , 2003 .

[18]  Xiaoni Du,et al.  A pairing-free identity-based authenticated key agreement protocol with minimal message exchanges , 2010, Inf. Sci..

[19]  C. A. R. Hoare,et al.  Communicating sequential processes , 1978, CACM.

[20]  Jianhua Li,et al.  Strongly secure identity-based authenticated key agreement protocols without bilinear pairings , 2016, Inf. Sci..

[21]  Theodore Y. Ts'o,et al.  Kerberos: an authentication service for computer networks , 1994, IEEE Communications Magazine.

[22]  Xiaotong Fu,et al.  Efficient identity-based authenticated key agreement protocol with provable security for vehicular ad hoc networks , 2018, Int. J. Distributed Sens. Networks.

[23]  Roger M. Needham,et al.  Using encryption for authentication in large networks of computers , 1978, CACM.

[24]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.