A distributed key establishment scheme for wireless mesh networks using identity-based cryptography

In this paper, we propose a secure and efficient key establishment scheme designed with respect to the unique requirements of Wireless Mesh Networks. Our security model is based on Identity-based key establishment scheme without the utilization of a trusted authority for private key operations. Rather, this task is performed by a collaboration of users; a threshold number of users come together in a coalition so that they generate the private key. We performed simulative performance evaluation in order to show the effect of both the network size and the threshold value. Results show a tradeoff between resiliency and efficiency: increasing the threshold value or the number of mesh nodes also increases the resiliency but negatively effects the efficiency. For threshold values smaller than 8 and for number of mesh nodes in between 40 and 100, at least 90% of the mesh nodes can compute their private keys within at most 70 seconds. On the other hand, at threshold value 8, an increase in the number of mesh nodes from 40 to 100 results in 25% increase in the rate of successful private key generations

Broadcast Secret-Sharing, Bounds and Applications

Consider a sender ? and a group of n recipients. ? holds a secret message ? of length l bits and the goal is to allow ? to create a secret sharing of ? with privacy threshold t among the recipients, by broadcasting a single message ? to the recipients. Our goal is to do this with information theoretic security in a model with a simple form of correlated randomness. Namely, for each subset ? of recipients of size q, ? may share a random key with all recipients in ?. (The keys shared with different subsets ? must be independent.) We call this Broadcast Secret-Sharing (BSS) with parameters l, n, t and q. Our main question is: how large must ? be, as a function of the parameters? We show that (n-t)/q l is a lower bound, and we show an upper bound of ((n(t+1)/(q+t)) -t)l, matching the lower bound whenever t = 0, or when q = 1 or n-t. When q = n-t, the size of ? is exactly l which is clearly minimal. The protocol demonstrating the upper bound in this case requires ? to share a key with every subset of size n-t. We show that this overhead cannot be avoided when ? has minimal size. We also show that if access is additionally given to an idealized PRG, the lower bound on ciphertext size becomes (n-t)/q ? + l - negl(?) (where ? is the length of the input to the PRG). The upper bound becomes ((n(t+1))/(q+t) -t)? + l. BSS can be applied directly to secret-key threshold encryption. We can also consider a setting where the correlated randomness is generated using computationally secure and non-interactive key exchange, where we assume that each recipient has an (independently generated) public key for this purpose. In this model, any protocol for non-interactive secret sharing becomes an ad hoc threshold encryption (ATE) scheme, which is a threshold encryption scheme with no trusted setup beyond a PKI. Our upper bounds imply new ATE schemes, and our lower bound becomes a lower bound on the ciphertext size in any ATE scheme that uses a key exchange functionality and no other cryptographic primitives

Still Wrong Use of Pairings in Cryptography

Several pairing-based cryptographic protocols are recently proposed with a wide variety of new novel applications including the ones in emerging technologies like cloud computing, internet of things (IoT), e-health systems and wearable technologies. There have been however a wide range of incorrect use of these primitives. The paper of Galbraith, Paterson, and Smart (2006) pointed out most of the issues related to the incorrect use of pairing-based cryptography. However, we noticed that some recently proposed applications still do not use these primitives correctly. This leads to unrealizable, insecure or too inefficient designs of pairing-based protocols. We observed that one reason is not being aware of the recent advancements on solving the discrete logarithm problems in some groups. The main purpose of this article is to give an understandable, informative, and the most up-to-date criteria for the correct use of pairing-based cryptography. We thereby deliberately avoid most of the technical details and rather give special emphasis on the importance of the correct use of bilinear maps by realizing secure cryptographic protocols. We list a collection of some recent papers having wrong security assumptions or realizability/efficiency issues. Finally, we give a compact and an up-to-date recipe of the correct use of pairings.Comment: 25 page

On the Security of the Automatic Dependent Surveillance-Broadcast Protocol

Automatic dependent surveillance-broadcast (ADS-B) is the communications protocol currently being rolled out as part of next generation air transportation systems. As the heart of modern air traffic control, it will play an essential role in the protection of two billion passengers per year, besides being crucial to many other interest groups in aviation. The inherent lack of security measures in the ADS-B protocol has long been a topic in both the aviation circles and in the academic community. Due to recently published proof-of-concept attacks, the topic is becoming ever more pressing, especially with the deadline for mandatory implementation in most airspaces fast approaching. This survey first summarizes the attacks and problems that have been reported in relation to ADS-B security. Thereafter, it surveys both the theoretical and practical efforts which have been previously conducted concerning these issues, including possible countermeasures. In addition, the survey seeks to go beyond the current state of the art and gives a detailed assessment of security measures which have been developed more generally for related wireless networks such as sensor networks and vehicular ad hoc networks, including a taxonomy of all considered approaches.Comment: Survey, 22 Pages, 21 Figure