Advertisement

Weak Authentication: How to Authenticate Unknown Principals without Trusted Parties

  • Jari Arkko
  • Pekka Nikander
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2845)

Abstract

This paper discusses “weak authentication” techniques to provide cryptographically strong authentication between previously unknown parties without relying on trusted third parties.

Keywords

Session Initiation Protocol Successful Attack Mobile IPv6 IPv6 Address Host Identity Protocol 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Stajano, F., Anderson, R.: The resurrecting duckling: What next? In: 8th International Workshop on Security Protocols, Cambridge, UK (2000)Google Scholar
  2. 2.
    Anderson, R.: Why information security is hard - an economic perspective. In: Proceedings of the 17th Annual Computer Security Applications Conference (December 2001)Google Scholar
  3. 3.
    Arkko, J., Aura, T., Kempf, J., Mantyla, V.-M., Nikander, P., Roe, M.: Securing IPv6 Neighbour Discovery (2002) (unpublished manuscript) (submitted for publication)Google Scholar
  4. 4.
    Bernstein, D.J.: Syn flooding (1996), http://cr.yp.to/syncookies/idea
  5. 5.
    Beth, T., Borcherding, M., Klein, B.: Valuation of trust in open networks. In: Gollmann, D. (ed.) ESORICS 1994. LNCS, vol. 875. Springer, Heidelberg (1994)Google Scholar
  6. 6.
    Gehrmann, C., Nyberg, K., Mitchell, C.J.: The personal CA - PKI for a Personal Area Network. In: IST Mobile Summit 2002 (2002)Google Scholar
  7. 7.
    Josang, A.: Trust-based decision making for electronic transactions. In: Yngstrom, L., Svensson, T. (eds.) Proceedings of the Fourth Nordic Workshop on Secure IT Systems (NORDSEC 1999), Stockholm University Report 99–005 (1999)Google Scholar
  8. 8.
    Lloyd, W.F.: Two lectures on the checks to population. Oxford University Press, Oxford (1833)Google Scholar
  9. 9.
    Moskowitz, R.: Host Identity Payload and Protocol. IETF (November 2001) (work In Progress), Internet Draft draftmoskowitz-hip-05.txt
  10. 10.
    Moskowitz, R.: Host identity payload architecture. IETF (February 2001) (work in Progress), Internet Draft (expired) http://klovia.htt-consult.com/draft-moskowitz-hip-arch-02.txt
  11. 11.
    Moskowitz, R.: Host Identity Protocol implementation. IETF (February 2001) (work In Progress), Internet Draft (expired) http://klovia.htt-consult.com/draft-moskowitz-hip-impl-01.txt
  12. 12.
    Nikander, P.: Denial-of-service, address ownership, and early authentication in the IPv6 world (April 2001)Google Scholar
  13. 13.
    Nikander, P., Perkins, C.: Binding authentication key establishment protocol for Mobile IPv6. IETF (July 2001) (work In Progress), Internet Draft http://draft-perkins-bake-01.txt
  14. 14.
    Nordmark, E.: Securing MIPv6 BUs using return routability (BU3WAY). IETF (November 2001) (Work In Progress), Internet Draft http://draft-nordmark-mobileip-bu3way-00.txt
  15. 15.
    O’Shea, G., Roe, M.: Child-proof authentication for MIPv6 (CAM). Computer Communications Review (April 2001)Google Scholar
  16. 16.
    Richardson, M., Redelmeier, D., Spencer, H.: A method for doing opportunistic encryption with IKE (October 2001)Google Scholar
  17. 17.
    Roe, M., O’Shea, G., Aura, T., Arkko, J.: Authentication of Mobile IPv6 binding updates and acknowledgments. IETF (February 2002) (Work In Progress), Internet Draft http://draft-roe-mobileipupdateauth-02.txt
  18. 18.
    Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston, A., Peterson, J., Sparks, R., Handley, M., Schooler, E.: SIP: Session Initiation Protocol. IETF (February 2002) (Work In Progress), Internet Draft http://draft-ietf-sip-rfc2543bis-09.txt
  19. 19.
    Stajano, F., Anderson, R.: The resurrecting duckling: Security issues for ad-hoc wireless networks. In: 7th International Workshop on Security Protocols, Cambridge, UK (1999)Google Scholar
  20. 20.
    Varian, H.R.: Managing online security risks. The New York Times (June 2000)Google Scholar
  21. 21.
    Yahalom, R., Klein, B., Beth, T.: Trust relationships in secure systems - a distributed authentication perspective. In: Proceedings of the 1993 IEEE Symposium on Research in Security and Privacy, pp. 150–164 (1993)Google Scholar
  22. 22.
    Ylonen, T., Kivinen, T., Saarinen, M., Rinne, T., Lehtinen, S.: SSH protocol architecture. IETF (January 2002) (Work In Progress), Internet Draft http://draft-ietf-secsh-architecture-12.txt

Copyright information

© Springer-Verlag Berlin Heidelberg 2004

Authors and Affiliations

  • Jari Arkko
    • 1
  • Pekka Nikander
    • 1
  1. 1.Ericsson Research NomadicLabJorvasFinland

Personalised recommendations