Deriving Ephemeral Authentication Using Channel Axioms
As computing and computer networks become more and more intertwined with our daily lives, the need to develop flexible and on-the-fly methods for authenticating people and their devices to each other has become increasingly pressing. Traditional methods for providing authentication have relied on very weak assumptions about communication channels, and very strong assumptions about secrecy and the availability of trusted authorities. The resulting protocols rely on infrastructures such as shared secrets and public key hierarchies that are too rigid to support the type of flexible ad-hoc communication we are growing accustomed to and beginning to rely upon.
Recently, different families of protocols allow us to weaken assumptions about trusted infrastructure by strengthening the assumptions about communication channels. Examples include proximity verification protocols, that rely, for example, on the round trip time of a challenge and response; and bootstrapping protocols that rely upon human-verifiable channels, that is, low-bandwidth communication between humans. The problem now becomes: How do we ensure that the protocols are achieve their security goals? A vast amount of literature exists on the formal analysis of cryptographic protocols, and mathematical foundations of protocol correctness, but almost all of it relies upon the standard assumptions about the channels in end-to-end, and so its usefulness for nonstandard channels in pervasive networks is limited. In this paper, we present some initial results of an effort towards a formalizing the reasoning about the security of protocols over nonstandard channels.
KeywordsMobile Node Smart Card Network Node Authentication Protocol Security Protocol
Unable to display preview. Download preview PDF.
- 3.Brands, S., Chaum, D.: Distance Bounding Protocols. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 344–359. Springer, Heidelberg (1994)Google Scholar
- 5.Čapkun, S., Hubaux, J.P.: Secure positioning in wireless networks. IEEE Journal on Selected Areas in Communication 24(2) (February 2006)Google Scholar
- 6.Cervesato, I., Meadows, C., Pavlovic, D.: An encapsulated authentication logic for reasoning about key distribution protocols. In: Guttman, J. (ed.) Proceedings of CSFW 2005, pp. 48–61. IEEE (2005)Google Scholar
- 8.Creese, S., Goldsmith, M., Roscoe, A.W., Zakiuddin, I.: The attacker in ubiquitous computing environments: Formalizing the threat model. In: Proc. FAST 2003, pp. 83–97 (2003)Google Scholar
- 9.Datta, A., Derek, A., Mitchell, J., Pavlovic, D.: A derivation system and compositional logic for security protocols. J. of Comp. Security 13, 423–482 (2005)Google Scholar
- 10.Desmedt, Y.: Major security problems with the ‘unforgeable’ Feige-Shamir proofs of identity and how to overcome them. In: Proc. Securicom 1988 (1988)Google Scholar
- 16.Meadows, C., Poovendran, R., Pavlovic, D., Syverson, P., Chang, L.: Distance bounding protocols: Authentication logic and collusion attacks. In: Poovendran, R., Wang, C., Roy, S. (eds.) Secure Localization and Time Synchronization in Wireless Ad Hoc and Sensor Networks, pp. 279–298. Springer (2007)Google Scholar
- 17.Meadows, C., Syverson, P., Chang, L.: Towards more efficient distance bounding protocols. In: SecureComm 2006 (August 2006)Google Scholar
- 18.Mink, A., Ma, L., Nakassis, T., Xue, H., Slatter, O., Hershman, B., Tang, X.: A quantum network manager that supports a one-time pad stream. In: Pro. 2nd International Conference on Quantum, Nano, and Micro Technology (February 2008)Google Scholar
- 20.Nguyen, L.H.: Authentication protocols based on low-bandwidth unspoofable channels: a survey (2008), http://web.comlab.ox.ac.uk/people/Long.Nguyen/
- 23.Pavlovic, D., Meadows, C.: Deriving authentication for pervasive security. In: McLean, J. (ed.) Proceedings of ISTPS 2008. ACM (2008)Google Scholar
- 25.Schaller, P., Schmidt, B., Basin, D., Čapkun, S.: Modeling and verifying physical properties of security protocols for wireless networks (April 2008)Google Scholar
- 26.Singleé, D., Preneel, B.: Location verification using secure distance bounding protocols. In: International Workshop on Wireless and Sensor Network Security. IEEE Computer Society Press (2005)Google Scholar
- 27.Tippenhauer, N., Rasmussen, K., Popper, C., Čapkun, S.: iPhone and iPod location spoofing attacks (2008), http://www.syssec.ch/press/location-spoofing-attacks-on-the-iphone-and-ipod
- 28.Vaudenay, S.: Secure Communications over Insecure Channels Based on Short Authenticated Strings. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 309–326. Springer, Heidelberg (2005)Google Scholar
- 29.Wong, F.L., Stajano, R.: Multichannel security protocols. IEEE Pervasive Computing 6(4) (December 2007)Google Scholar