1 / 18

Talking to Strangers: Authentication in Ad-Hoc Wireless Networks

Talking to Strangers: Authentication in Ad-Hoc Wireless Networks. Dirk Balfanz 외 2 명 in Xerox Palo Alto Research Center Presentation: Lee Youn-ho. Contents. Introduction Preliminary Two-Party Protocols Group Key Exchange Protocol Conclusion. Introduction(1/4). A situation

borka
Download Presentation

Talking to Strangers: Authentication in Ad-Hoc Wireless Networks

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Talking to Strangers: Authentication in Ad-Hoc Wireless Networks Dirk Balfanz 외 2명 in Xerox Palo Alto Research Center Presentation: Lee Youn-ho

  2. Contents • Introduction • Preliminary • Two-Party Protocols • Group Key Exchange Protocol • Conclusion

  3. Introduction(1/4) • A situation • A man want to print a sensitive document in his wireless email device • Printer is near and only wireless medium is in use • No other printer/users can learn his document • What to do • Let email device know the specified printer • Guarantee email device actually talking to the intended printer • Email device and printer communicate securely

  4. Introduction(2/4) • Public Key Infrastructure Solution • Certificate of printer issuing trusted authority exists • Key exchange procedure between printer and email device is possible • Problems • Constructing universal naming space needed • Every printer must have unique name • Every printer must have certificate issued by trusted authority

  5. Introduction(3/4) • Propose a cheaper and secure and user-friendly solution • Using localness of networks • Location-limited channels can be established • Simple identification is possible (Demonstrative identification) • Exchanging small amount of cryptographic information is possible (Pre-authentication)

  6. Introduction(4/4) • Examples • Location limited channels and demonstrative identification and pre-authentication • Authentication and communication in main medium

  7. Doing Common Authentication Procedure (SSL, IKEKE) Eavesdropper can see it but active attack is detected Demonstrative identification possible Preliminaries Wireless Medium Location Limited Channel Printer Email Device1 Exchanging the commitment of public key information (Preauthentication)

  8. Address of B Hashed result of Public key of B (using SHA-1 , etc.) Address of A Hashed result of Public key of A (using SHA-1 , etc.) TLS_CLIENT Hello Message (After common SSL/TLS procedure) Two-Party Protocols(1/5) * Basic Protocol Wireless Medium Printer(B) Email Device(A) Location Limited Channel

  9. Address of B Hashed result of Public key of B Encryption of secret information A using public key of B Public key of B Address of A and Hashed result of secret information A Two-Party Protocols(2/5) * Single Public Key Protocol - Only one device has strong computational power Wireless Medium Printer(B) Email Device(A)

  10. Two-Party Protocols(3/5) • Interactive Guy Fawkes Protocol • In case • Both devices have poor computational power • Location limited channels do not permit exchanging secret data • Provides only authentication and integrity protection of data

  11. Two-Party Protocols(4/5) a1 = h(A1,h(X2),X1), h(X1) Round 0 (Pre-authentication) (Location limited channel) b1 = h(B1,h(Y2),Y1), h(Y1) h(b1,X1) h(a1,Y1) A1, h(X2),X1,a2=h(A2,h(X2),X1), Round 1 (After using wireless channel) B1, h(Y2),Y1,b2=h(B2,h(Y3),Y2) h(b2,X2) h(a2,Y2) h(a1,..): one-way hash result of concatenating a1,… Xi,Yi : randomly generated data Ai,Bi : meaningless data Ai,Bi : meaningful data A B

  12. Two-Party Protocols(5/5) A2, h(X3),X2,a3=h(A3,h(X4),X3) Round 2 B2, h(Y3),Y2,b3=h(B3,h(Y4),Y3) h(b3,X3) h(a3,Y3) A3, h(X4),X3,a4=h(A4,h(X5),X4), Round 3 B3, h(Y4),Y3,b2=h(B4,h(Y5),Y4) h(b4,X4) h(a4,Y4) h(a1,..): one-way hash result of concatenating a1,… Xi,Yi : randomly generated data Ai,Bi : meaningless data Ai,Bi : meaningful data A B

  13. Group Key Exchange Protocol(1/5) • Some applications need broadcast capability • Audio/Video service, etc. • Network games • Conferencing software • Authentication and secure key exchange protocols for group communication • Using location-limited channel • Using pre-authentication scheme • Group manager existing/non-existing case

  14. Group Key Exchange Protocol(2/5) * Centrally Managed Group Case Group member’s response After authentication and key-exchange, Broadcast encrypted data Broadcast pre-authentication information

  15. Group Key Exchange Protocol(3/5) • Unmanaged group case • Problems of centrally managed group case • Group manager can be the single point of attack • Group manager is trusted generating and distributing group key • using distinguished trusted party • Not compatible with many applications • Leaving group manager is not easy

  16. Group Key Exchange Protocol(4/5) • Unmanaged group case (cont’d) • Procedure • Using two-party Diffie-Hellman • Key Exchange with someone in the group • Get the group key to the someone

  17. Broadcast public key and ID of A Send PROTOCOL_MSG_1 A,B B Broadcast Address of A and Hashed result of public key A Group Key Exchange Protocol(5/5) Wireless Medium Group A Location limited channel

  18. Conclusion • In this paper • Propose new schemes for peer to peer authentication in ad-hoc wireless networks • Use of novel location-limited channels • Concrete pre-authentication protocol • Group communication provides • With no-reliance on PKI

More Related