3,973 research outputs found
Recommended from our members
A twoâstep authentication framework for Mobile ad hoc networks
The lack of fixed infrastructure in ad hoc networks causes nodes to rely more heavily on peer nodes for communication. Nevertheless, establishing trust in such a distributed environment is very difficult, since it is not straightforward for a node to determine if its peer nodes can be trusted. An additional concern in such an environment is with whether a peer node is merely relaying a message or if it is the originator of the message. In this paper, we propose an authentication approach for protecting nodes in mobile ad hoc networks. The security requirements for protecting data link and network layers are identified and the design criteria for creating secure ad hoc networks using several authentication protocols are analyzed. Protocols based on zero knowledge and challenge response techniques are presented and their performance is evaluated through analysis and simulation
Building Secure and Anonymous Communication Channel: Formal Model and its Prototype Implementation
Various techniques need to be combined to realize anonymously authenticated
communication. Cryptographic tools enable anonymous user authentication while
anonymous communication protocols hide users' IP addresses from service
providers. One simple approach for realizing anonymously authenticated
communication is their simple combination, but this gives rise to another
issue; how to build a secure channel. The current public key infrastructure
cannot be used since the user's public key identifies the user. To cope with
this issue, we propose a protocol that uses identity-based encryption for
packet encryption without sacrificing anonymity, and group signature for
anonymous user authentication. Communications in the protocol take place
through proxy entities that conceal users' IP addresses from service providers.
The underlying group signature is customized to meet our objective and improve
its efficiency. We also introduce a proof-of-concept implementation to
demonstrate the protocol's feasibility. We compare its performance to SSL
communication and demonstrate its practicality, and conclude that the protocol
realizes secure, anonymous, and authenticated communication between users and
service providers with practical performance.Comment: This is a preprint version of our paper presented in SAC'14, March
24-28, 2014, Gyeongju, Korea. ACMSAC 201
Introducing Accountability to Anonymity Networks
Many anonymous communication (AC) networks rely on routing traffic through
proxy nodes to obfuscate the originator of the traffic. Without an
accountability mechanism, exit proxy nodes risk sanctions by law enforcement if
users commit illegal actions through the AC network. We present BackRef, a
generic mechanism for AC networks that provides practical repudiation for the
proxy nodes by tracing back the selected outbound traffic to the predecessor
node (but not in the forward direction) through a cryptographically verifiable
chain. It also provides an option for full (or partial) traceability back to
the entry node or even to the corresponding user when all intermediate nodes
are cooperating. Moreover, to maintain a good balance between anonymity and
accountability, the protocol incorporates whitelist directories at exit proxy
nodes. BackRef offers improved deployability over the related work, and
introduces a novel concept of pseudonymous signatures that may be of
independent interest.
We exemplify the utility of BackRef by integrating it into the onion routing
(OR) protocol, and examine its deployability by considering several
system-level aspects. We also present the security definitions for the BackRef
system (namely, anonymity, backward traceability, no forward traceability, and
no false accusation) and conduct a formal security analysis of the OR protocol
with BackRef using ProVerif, an automated cryptographic protocol verifier,
establishing the aforementioned security properties against a strong
adversarial model
Revisiting Deniability in Quantum Key Exchange via Covert Communication and Entanglement Distillation
We revisit the notion of deniability in quantum key exchange (QKE), a topic
that remains largely unexplored. In the only work on this subject by Donald
Beaver, it is argued that QKE is not necessarily deniable due to an
eavesdropping attack that limits key equivocation. We provide more insight into
the nature of this attack and how it extends to other constructions such as QKE
obtained from uncloneable encryption. We then adopt the framework for quantum
authenticated key exchange, developed by Mosca et al., and extend it to
introduce the notion of coercer-deniable QKE, formalized in terms of the
indistinguishability of real and fake coercer views. Next, we apply results
from a recent work by Arrazola and Scarani on covert quantum communication to
establish a connection between covert QKE and deniability. We propose DC-QKE, a
simple deniable covert QKE protocol, and prove its deniability via a reduction
to the security of covert QKE. Finally, we consider how entanglement
distillation can be used to enable information-theoretically deniable protocols
for QKE and tasks beyond key exchange.Comment: 16 pages, published in the proceedings of NordSec 201
Recommended from our members
Secure & trusted communication in emergency situations
In this paper we propose SETS, a protocol with main aim to provide secure and private communication during emergency situations. SETS achieves security of the exchanged information, attack resilience and userâs privacy. In addition, SETS can be easily adapted for mobile devices, since field experimental results show the effectiveness of the protocol on actual smart-phone platforms
Security and Privacy Issues in Wireless Mesh Networks: A Survey
This book chapter identifies various security threats in wireless mesh
network (WMN). Keeping in mind the critical requirement of security and user
privacy in WMNs, this chapter provides a comprehensive overview of various
possible attacks on different layers of the communication protocol stack for
WMNs and their corresponding defense mechanisms. First, it identifies the
security vulnerabilities in the physical, link, network, transport, application
layers. Furthermore, various possible attacks on the key management protocols,
user authentication and access control protocols, and user privacy preservation
protocols are presented. After enumerating various possible attacks, the
chapter provides a detailed discussion on various existing security mechanisms
and protocols to defend against and wherever possible prevent the possible
attacks. Comparative analyses are also presented on the security schemes with
regards to the cryptographic schemes used, key management strategies deployed,
use of any trusted third party, computation and communication overhead involved
etc. The chapter then presents a brief discussion on various trust management
approaches for WMNs since trust and reputation-based schemes are increasingly
becoming popular for enforcing security in wireless networks. A number of open
problems in security and privacy issues for WMNs are subsequently discussed
before the chapter is finally concluded.Comment: 62 pages, 12 figures, 6 tables. This chapter is an extension of the
author's previous submission in arXiv submission: arXiv:1102.1226. There are
some text overlaps with the previous submissio
- âŠ