论文信息 - A New Security Architecture for Personal Networks and Its Performance Evaluation

A New Security Architecture for Personal Networks and Its Performance Evaluation

The concept of personal networks is very user-centric and representative for the next generation networks. However, the present security mechanism does not consider at all what happens whenever a mobile node (device) is compromised, lost or stolen. Of course, a compromised, lost or stolen mobile node (device) is a main factor to leak stored secrets. This kind of leakage of stored secrets remains a great danger in the field of communication security since it can lead to the complete breakdown of the intended security level. In order to solve this problem, we propose a 3-way Leakage-Resilient and Forward-Secure Authenticated Key Exchange (3LRFS-AKE) protocol and its security architecture suitable for personal networks. The 3LRFS-AKE protocol guarantees not only forward secrecy of the shared key between device and its server as well as providing a new additional layer of security against the leakage of stored secrets. The proposed security architecture includes two different types of communications: PN wide communication and communication between P-PANs of two different users. In addition, we give a performance evaluation and numerical results of the delay generated by the proposed security architecture.

SeongHan Shin | Kazukuni Kobara | Neeli R. Prasad | Hideki Imai | Hanane Fathi

[1] SeongHan Shin,et al. A Simple Leakage-Resilient Authenticated Key Establishment Protocol, Its Extensions, and Applications , 2005, IEICE Trans. Fundam. Electron. Commun. Comput. Sci..

[2] Whitfield Diffie,et al. New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[3] Sarvar Patel,et al. Number theoretic attacks on secure password schemes , 1997, Proceedings. 1997 IEEE Symposium on Security and Privacy (Cat. No.97CB36097).

[4] Christos Politis,et al. MAGNET secure service discovery architecture , 2005 .

[5] Yacine Rebahi,et al. Implementation and evaluation of the network level security architecture , 2005 .

[6] Martin Jacobsson,et al. Overall secure PN architecture , 2005 .

[7] Lars Richter,et al. Untersuchung und Bewertung von Netzzugangssteuerungen auf Basis des Standards 802.1x (Port-Based Network Access Control) , 2005 .

[8] Christos Politis,et al. Personal network security architecture , 2005 .

[9] Thomas D. Wu. The Secure Remote Password Protocol , 1998, NDSS.

[10] Mihir Bellare,et al. Random oracles are practical: a paradigm for designing efficient protocols , 1993, CCS '93.

[11] SeongHan Shin,et al. An Authentication and Key Exchange Protocol for Secure Credential Services , 2006, ISC.

[12] SeongHan Shin,et al. Leakage-Resilient Authenticated Key Establishment Protocols , 2003, ASIACRYPT.

[13] Bernard Aboba,et al. Extensible Authentication Protocol (EAP) , 2004, RFC.