International Association for Cryptologic Research (IACR)
Abstract
For ubiquitous communication self-organising ad-hoc networks become
more and more important. We consider mobile phones as appropriate
secure gateways to provide access to the Internet for external
machines with low communication needs. A message-based approach is
best in such a scenario with moving mobile phones and machines. In
this paper we propose a security model for access control to the
communication infrastructure, which is also message oriented. To
meet the requirements of ubiquitously communicating machines, all
algorithms on the sender\u27s side are based on symmetric cryptography
resulting in low computation requirements. Our sophisticated
symmetric key infrastructure for access control is based on unique
combinations of keys and is completed with an effective key
management. This results in a carrier grade security level although
many parties share the same keys. Adopting the Subscriber Identity
Module as a secure storage and computing module achieves the
trustworthiness of the mobile phone. This makes it possible to use
the mobile phone not only as a user terminal but also as a trusted
infrastructure component of the mobile network.
This document is an update of earlier work [BWS07]
presented at the Workshop in Information Security Theory and
Practices 2007 in Crete, Greece
