Abstract. In this paper, we present a security framework that provides identity protection against active and passive attacks for end-points. The framework is based on a two-round-trip authenticated Diffie-Hellman key exchange protocol that identifies the end-points to each other and creates a security association between the peers. The protocol hides the public key based identifiers from attackers and eavesdroppers by blinding the identifiers. We complete the identity protection by offering location privacy with forwarding agents. To our knowledge, our privacy enhanced protocol is the first denial-of-service resistant two-round-trip key exchange protocol that offers identity protection for both communicating peers. 1

. The underlying belief and knowledge models assumed by various kinds of authentication protocols have been studied for well over 10 years now. On the other hand, the related question of the generic trust assumptions, which underlie the settings where the protocols are run, has received less attention. Furthermore, the notion of trust, as it is typically defined, has more been based on the formal model used than the real user requirements posed by the application context and the actual people using the system. In this paper, we approach that problem from the users' point of view. We briefly describe what are the psychological bases on which typical people build their trust assumptions on, and consider how these are reflected in a typical e-commerce setting today. Given this background, we proceed to contemplate how the systems could be made more trustworthy by explicitly representing the trust assumptions and requirements, and how these digital expressions of trust could be...

Abstract: Currently IP addresses are used both for node identifiers and topological location names in the Internet. The semantic overloading and non-cryptographic nature of IP addresses makes it impossible to use them as identifiers from the security point of view. The problem becomes even worse with multi-homed mobile nodes. Multi-homed mobile nodes have several interfaces bound to dynamically changing IP addresses. When a node changes its point of attachment to the network or it reroutes traffic fromone interface to another, the connection identifiers are changed. A peer node cannot verify the validity of the new identifiers without a naming trust relationship between the identifiers and the identity of the node. The peer must have evidence that an identifier belongs to a specific identity. Currently, there are no way for a node, using traditional IP addresses, to prove that it owns a specific address, i.e., an identifier. We present in this paper the philosophy behind separation of end-point identifiers from location names, which is an essential part in designing secure multi-homed mobility architectures.

Access control in modern computing environments is di#erent from access control in the traditional setting of operating systems.

Traditionally, smart cards have been used as secure tokens in identity based access control. That is, a smart card has been used as an intelligent storage of protected cryptographic information, such as a shared secret or a private key in a public key system. The cryptographic information is then used to prove the possession of the card in a secure way either locally or remotely over telecommunication links. In this paper we present a basis for another type of use for smart cards, where smart cards are not used as identification tokens but as authorization tokens. Our approach is based on SPKI-like authorization certificates along with ECDSA based public key cryptography. The ECDSA algorithms provide us the benefits of smaller key sizes, potentially better running times in software-only implementations, and the possibility to create new key pairs on the card in a reasonable time. The latter feature can be used, as we show, to provide additional protection to the user in the form of enh...

Wireless Local Area Networks (WLAN) are one of the most promising approaches for IP based mobile network access. In this paper, we present a security and accounting architecture for WLAN based public Internet access. Our scheme is based on the use of Simple Public Key Infrastructure (SPKI) certificates supporting all kinds of prepayment mechanisms. The architecture provides the possibility to grant fully anonymous Internet access for users while using strong cryptography in checking the access rights. As an example implementation of our concept, we describe an Internet cafe where the users buy Internet access time for their portable terminals together with other products. The access rights are presented as SPKI certificates and transferred to the users through an infrared link which is secure due to its locality. The user requesting the Internet access presents the required certificates through WLAN link to the access controller. Routing to the external Internet is granted if the acces...

This paper is an introduction to Attribute Certificates in X.509 Framework, the Privilege Management Infrastructure (PMI) and its relation to Public Key Infrastructure (PKI), concentrating on the work done by IETF Working Group PKIX, aiming at adapting PKI to the Internet.

Data sources in i-mediation, following property-based security policies, aim at supporting a wide range of potential clients, which are in general unknown in advance and may belong to heterogeneous and autonomous security domains. This raises the challenge how remote and autonomous entities can agree on a common understanding of certified properties, and other issues related to these properties (e.g. encoding formats). This paper proposes solutions that are based on secure i-mediation and a hybrid PKI model, which unifies X.509 and SPKI. We present a mediation functionality, called f-mediation. Secure f -mediation assists entities in finding partners for i-mediation and providing them with appropriate certificates and credentials. Thereby, among others, f -mediation deals with delegation and conversion of free properties into capability-like bound properties.

Abstract—The Host Identity Protocol (HIP) is an internetworking architecture and an associated set of protocols, developed at the IETF since 1999 and reaching their first stable version in 2007. HIP enhances the original Internet architecture by adding a name space used between the IP layer and the transport protocols. This new name space consists of cryptographic identifiers, thereby implementing the so-called identifier / locator split. In the new architecture, the new identifiers are used in naming application level end-points (sockets), replacing the prior identification role of IP addresses in applications, sockets, TCP connections, and UDP-based send and receive system calls. IPv4 and IPv6 addresses are still used, but only as names for topological locations in the network. HIP can be deployed such that no changes are needed in applications or routers. Almost all pre-compiled legacy applications continue to work, without modifications, for communicating with both HIP-enabled and non-HIP-enabled peer hosts. The architectural enhancement implemented by HIP has profound consequences. A number of the previously hard networking problems become suddenly much easier. Mobility, multi-homing, and baseline end-to-end security integrate neatly into the new architecture. The use of cryptographic identifiers allows enhanced accountability, thereby providing a base for easier build up of trust. With privacy enhancements, HIP allows good location anonymity, assuring strong identity only towards relevant trusted parties. Finally, the HIP protocols have been carefully designed to take middle boxes into account, providing for overlay networks and enterprise deployment concerns. This article provides an in-depth look at HIP, discussing its architecture, design, benefits, potential drawbacks, and ongoing work.

Many companies have designed and manufactured smart cards, which vary greatly in both the hardware they use and software development environments they provide. Java Card promises to make smart card programming easier, by introducing a common programming language and run--time environment. Also as a member of the Java family, Java Card raises up hopes of easy software portability from PCs to smart cards. Our work demonstrates, that this promise is not fulfilled in the majority of the cases because of different memory models. The portability of code from other JVMs to Java Card is an important issue, which requires, among other things, a systematic method of conserving memory on the card. In our work we developed such an approach by constructing variable interference graphs and graph coloring them to minimize the number of temporary variables. The concrete method is a modified register allocation approach, which has traditionally been used in compiler design. This is followed by numeric...