Results 1 - 10
of
21
Threshold RSA for Dynamic and Ad-Hoc Groups
"... Abstract. We consider the use of threshold signatures in ad-hoc and dynamic groups such as MANETs (“mobile ad-hoc networks”). While the known threshold RSA signature schemes have several properties that make them good candidates for deployment in these scenarios, none of these schemes seems practica ..."
Abstract
-
Cited by 10 (0 self)
- Add to MetaCart
(Show Context)
Abstract. We consider the use of threshold signatures in ad-hoc and dynamic groups such as MANETs (“mobile ad-hoc networks”). While the known threshold RSA signature schemes have several properties that make them good candidates for deployment in these scenarios, none of these schemes seems practical enough for realistic use in these highly-constrained environments. In particular, this is the case of the most efficient of these threshold RSA schemes, namely, the one due to Shoup. Our contribution is in presenting variants of Shoup’s protocol that overcome the limitations that make the original protocol unsuitable for dynamic groups. The resultant schemes provide the efficiency and flexibility needed in ad-hoc groups, and add the capability of incorporating new members (share-holders) to the group of potential signers without relying on central authorities. Namely, any threshold of existing members can cooperate to add a new member. The schemes are efficient, fully non-interactive and do not assume broadcast. 1
Distributed authentication of program integrity verification in wireless sensor networks
- ACM TISSEC
"... Security in wireless sensor networks has become important as they are being developed and deployed for an increasing number of applications. The severe resource constraints in each sensor make it very challenging to secure sensor networks. Moreover, sensors are usually deployed in hostile and unatte ..."
Abstract
-
Cited by 7 (1 self)
- Add to MetaCart
(Show Context)
Security in wireless sensor networks has become important as they are being developed and deployed for an increasing number of applications. The severe resource constraints in each sensor make it very challenging to secure sensor networks. Moreover, sensors are usually deployed in hostile and unattended environments and hence are susceptible to various attacks, including node capture, physical tampering, and manipulation of the sensor program. Park and Shin [2005] proposed a soft tamper-proofing scheme that verifies the integrity of the program in each sensor device, called the program integrity verification (PIV), in which sensors authenticate PIV servers (PIVSs) using centralized and trusted third-party entities, such as authentication servers (ASs). This article presents a distributed authentication protocol of PIVSs (DAPP) without requiring the commonly used ASs. DAPP uses the Blundo scheme [Blundo et al. 1992] for sensors and PIVSs to establish pairwise keys and for PIVSs to authenticate one another. We also present a protocol for PIVSs to cooperatively detect and revoke malicious PIVSs in the network. We implement and evaluate both DAPP and PIV on Mica2 Motes and laptops, showing that DAPP reduces the sensors’ communication traffic in the network by more than 90 % and the energy consumption on each sensor by up to 85%, as compared to the case of using a centralized AS for authenticating PIVSs.
Public key cryptography sans certificates in ad hoc networks
- In Applied Cryptography and Network Security (ACNS
, 2006
"... Abstract. Several researchers have proposed the use of threshold cryptographic model to enable secure communication in ad hoc networks without the need of a trusted center. In this model, the system remains secure even in the presence of a certain threshold t of corrupted/malicious nodes. In this pa ..."
Abstract
-
Cited by 5 (1 self)
- Add to MetaCart
(Show Context)
Abstract. Several researchers have proposed the use of threshold cryptographic model to enable secure communication in ad hoc networks without the need of a trusted center. In this model, the system remains secure even in the presence of a certain threshold t of corrupted/malicious nodes. In this paper, we show how to perform necessary public key operations without node-specific certificates in ad hoc networks. These operations include pair-wise key establishment, signing, and encryption. We achieve this by using Feldman’s verifiable polynomial secret sharing (VSS) as a key distribution scheme and treating the secret shares as the private keys. Unlike in the standard public key cryptography, where entities have independent private/public key pairs, in the proposed scheme the private keys are related (they are points on a polynomial of degree t) andeach public key can be computed from the public VSS information and node identifier. We show that such related keys can still be securely used for standard signature and encryption operations (using resp. Schnorr signatures and ElGamal encryption) and for pairwise key establishment, as long as there are no more that t collusions/corruptions in the system. The proposed usage of shares as private keys can also be viewed as a threshold-tolerant identity-based cryptosystem under standard (discrete logarithm based) assumptions. 1
Efficient and adaptive threshold signatures for ad hoc networks
- Electronic Notes in Theoretical Computer Science
, 2007
"... In this paper, we propose a secure, flexible, robust and fully distributed signature service, for ad hoc groups. In order to provide the service, we use a new threshold scheme, that allows to share a secret key among the current group members. The novelty of the scheme is in that it easily and effic ..."
Abstract
-
Cited by 5 (0 self)
- Add to MetaCart
(Show Context)
In this paper, we propose a secure, flexible, robust and fully distributed signature service, for ad hoc groups. In order to provide the service, we use a new threshold scheme, that allows to share a secret key among the current group members. The novelty of the scheme is in that it easily and efficiently enables dynamic increase of the threshold, according to the needs of the group, so that the service provides both adaptiveness to the level of threat the ad hoc group is subject to, and availability. We prove the correctness of the protocol and evaluate its efficiency. The changes to the threshold are performed by using a protocol that is efficient in terms of interactions among nodes and per-node required resources, resulting suitable even for resource-constrained settings. Finally, the same proposed scheme allows to detect nodes that attempt to disrupt the service, providing invalid contributions to the distributed signature service.
Self-organized authentication in mobile ad-hoc networks
- Journal of Communications and Networks
, 2009
"... This work proposes a new distributed and self-organized authentica-tion scheme for Mobile Ad-hoc NETworks (MANETs). Apart from de-scribing all its components, special emphasis is placed on proving that the proposal fulfils most requirements derived from the special characteristics of MANETs, includi ..."
Abstract
-
Cited by 3 (0 self)
- Add to MetaCart
(Show Context)
This work proposes a new distributed and self-organized authentica-tion scheme for Mobile Ad-hoc NETworks (MANETs). Apart from de-scribing all its components, special emphasis is placed on proving that the proposal fulfils most requirements derived from the special characteristics of MANETs, including limited physical protection of broadcast medium, frequent route changes caused by mobility, and lack of structured hierar-chy. Interesting conclusions are obtained from an analysis of simulation experiments in different scenarios.
Dynamic Threshold Cryptosystemwithout Group Manager,” Network Protocols and Algorithms,vol
, 2009
"... ..."
(Show Context)
Efficient Node Admission and Certificateless Secure Communication in Short-lived MANETs
, 2007
"... Decentralized node admission is an essential and fundamental security service in mobile ad hoc networks (MANETs). It is needed to securely cope with dynamic membership and topology as well as to bootstrap other important security primitives (such as key management) and services (such as secure routi ..."
Abstract
-
Cited by 3 (0 self)
- Add to MetaCart
Decentralized node admission is an essential and fundamental security service in mobile ad hoc networks (MANETs). It is needed to securely cope with dynamic membership and topology as well as to bootstrap other important security primitives (such as key management) and services (such as secure routing) without the assistance of any centralized trusted authority. An ideal admission technique must involve minimal interaction among MANET nodes, since connectivity can be unstable. Also, since MANETs are often composed of weak or resourcelimited devices, admission must be efficient in terms of computation and communication. Most previously proposed admission protocols are prohibitively expensive and require heavy interaction among MANET nodes. In this paper we focus on a common type of MANET that is formed on a temporary basis, and present a secure, efficient and a fully non-interactive admission technique geared for this type of a network. Our admission protocol is based on secret sharing techniques using bi-variate polynomials. We also present a new scheme that allows any pair of MANET nodes to efficiently establish an on-the-fly secure communication channel.
Intrusion-Tolerant Group Management for Mobile Ad-Hoc Networks
, 2009
"... This paper presents PICO, a generic infrastructure for secure group communication in mobile ad-hoc networks (MANETs). PICO provides an intrusion-tolerant group management service, allowing clients to join or leave a logical group and enabling group members to communicate securely using a dynamically ..."
Abstract
-
Cited by 1 (1 self)
- Add to MetaCart
This paper presents PICO, a generic infrastructure for secure group communication in mobile ad-hoc networks (MANETs). PICO provides an intrusion-tolerant group management service, allowing clients to join or leave a logical group and enabling group members to communicate securely using a dynamically generated group encryption key. Since MANETs are characterized by relatively high message loss and frequent network partitions, PICO is built around a new Byzantine fault-tolerant agreement protocol designed to cope with these conditions. The agreement protocol leverages weak (commutative) semantics to allow multiple partitions to continue operating in parallel without sacrificing correctness, and it uses threshold cryptography to provide efficient reconciliation and coordination without the need for reliable communication links.
Dealer-Free Threshold Changeability in Secret Sharing Schemes
"... Abstract. This paper proposes a dealer-free threshold changeable construction for secret sharing schemes. In practice, the adversary’s ability might be enhanced over time, for instance by compromising more players. This problem can be resolved only by increasing the threshold. In the literature, the ..."
Abstract
-
Cited by 1 (0 self)
- Add to MetaCart
(Show Context)
Abstract. This paper proposes a dealer-free threshold changeable construction for secret sharing schemes. In practice, the adversary’s ability might be enhanced over time, for instance by compromising more players. This problem can be resolved only by increasing the threshold. In the literature, there exist some techniques to address this issue. These solutions either have a large storage requirement or are limited to a predefined threshold modification. In addition, they increase the threshold at the side of the combiner with some mathematical assumptions. We apply two secure multiparty computation techniques [2, 16] to tackle these problems. In our constructions, participants do not need to save any information or extra shares ahead of time, and the threshold can be changed multiple times to any arbitrary values. Moreover, the presented protocols are unconditionally secure and realize a proactive secret sharing scheme.
