. We analyse several well-known key establishment protocols for mobile communications. The protocols are examined with respect to their security and suitability in mobile environments. In a number of cases weaknesses are pointed out, and in many cases refinements are suggested, either to improve the efficiency or to allow simplified security analysis. 1 Introduction Security is a critical issue in mobile radio applications, both for the users and providers of such systems. Although the same may be said of all communications systems, mobile applications have special requirements and vulnerabilities, and are therefore of special concern. Once a call has been set up by establishing various security parameters, the problem is reduced to that of employing appropriate cryptographic algorithms to provide the required security services. The most important problem is undoubtedly that of designing protocols for authentication and key management as part of the call set-up process; security-criti...

In this paper, we focus our attention on the problem of assigning initial secrets to users in adhoc network (respectively, sensors in a sensor network) so that they can use those secrets to ensure authentication and privacy during their communication. The goal of this assignment is to ensure that any two users can communicate securely with each other even though each user maintains only a small number of secrets. With this motivation, we present a protocol that maintains O ( √ n) secrets per user where n is the number of users in the system. We show that our secret distribution protocol suffices for privacy and authentication as well as secure multihop communication between two users. Furthermore, we show that the number of secrets maintained in this protocol is within a constant factor of the optimal. For the case where user capability prevents them from maintaining the necessary secrets, we propose two probabilistic protocols that maintain O(log n) secrets and where the probability of security compromise between two users is inversely proportional to the number of secrets they maintain. Thus, our protocols provide a continuum where the level of privacy and authentication depends upon user requirements and capabilities.

We describe a family ofÐÓ�Òprotocols for assigning symmetric keys toÒprocesses in a network so that each process can use its assigned keys to communicate securely with every other process. The�-th protocol in our protocol family, where ���ÐÓ�Ò, assignsÇ��ÔÒsymmetric keys to each process in the network. (Thus, our (ÐÓ�Ò)-th protocol assigns ÇÐÓ�Òsymmetric keys to each process. This is not far from the lower bound ofÇÐÓ�Òsymmetric keys which we show is needed for each process to communicate securely with every other process in the network.) The protocols in our protocol family can be used to assign symmetric keys to the processes in a sensor network, or ad-hoc or mobile network, where each process has a small memory to store its assigned keys. We also discuss the vulnerability of our protocols to ”collusion”. In particular, we show that�ÔÒ colluding processes can compromise the security of the�-th protocol in our protocol family. I.

In this paper, we focus on the problem of identifying a family of collusion resistant protocols that demonstrate a tradeoff between the number of secrets that users maintain and the level of collusion resistance. Towards this end, we define the classes of collusion resistant protocols (modeled along the complexity classes in algorithmic complexity) and evaluate the membership of existing protocols as well as the protocols in the proposed family for membership in these classes. We also show that this family contains existing protocols for instantiating security.

Mobile computing and communication is a rapidly developing area. But mobility is associated with problems for security and privacy beyond those in open networks. A well known threat is tracking user movements. New risks are caused by the mobility of users, the portability of computers, and wireless links which include dynamics, resource dependencies and additional information to ensure the communication. This paper surveys the new challenges and the research on security issues in mobile data management, access and transfer. We investigate the issues concerning database specific security which have to be reconsidered. We will identify a basic characteristic of these security issues, adaptability, to answer the dynamics. 1 Introduction The development of mobile devices make new applications conceivable through ubiquitous computing. For example, mobile work "on-the-spot" like disaster recovery and maintenance tasks as well as business trips are possible. Mobile computing and communicati...

Abstract—In this paper, we propose SKAIT, a parameterized symmetrickeypre-distributionschemethatguaranteesasecure and confidential channel between every pair of nodes in a wireless network. Parameterization enables control over the number of keys assigned to a node, and allows users to trade increased key space complexity for improved collusion resistance. We provide an analysis of the space complexity, time complexity, and collusion resistance, and we show that message exchange is secure against internal and external eavesdroppers. We also show via analysis and simulation that SKAIT possesses the ability to make efficient use of key storage capacities of at least 3 sqrt(n), and collusion resistance superior to that of two recentlyproposedschemes whenthenumberof colludingnodes is small. Keywords-collusion resistance; confidential communication; key pre-distribution; symmetric key assignment I.

Abstract—Predistribution of cryptographic keys is a widely used approach for establishing secure communication between network nodes which are severely resource-constrained. Many proposed key predistribution schemes make the implicit assumption that message contents need not be kept private from nodes other than the intended recipient. Messages in such schemes are not guaranteed to be confidential—they may be read by nodes within the network other than the intended recipient. In this paper, we present TASK—a symmetric key predistribution scheme that enables secure and confidential communication within wireless networks. TASK distributes keys by generating and reinforcing a series of template key assignment instances. We show, through analysis and simulation, that TASK achieves a level of security superior to that of two recently proposed schemes that also provide confidentiality, while maintaining the same space complexity. TASK is also parameterized, which allows it to make use of key storage capacities that other recently proposed schemes cannot. I.