Notes: Two Security Papers
Secure Multicast in Wireless Networks and Mobile Hosts
Danilo Bruschi and Emilia Rosti
Dipartimento di Scienze dell’Informazione, Università degli Studi di Milano, Via Comelico 39/41, 20135 Milano, Italy
"Since cryptography is employed to satisfy such requirements, the design of efficient key management scheme is the critical aspect for the realization of a secure multicast primitive."
Critical Factors:
Flat Schemes, Clustered Schemes, Tree-based Schemes, etc
Wrap-up:
Amount of work done by components depends critically on level of trust in MSSes.
------------------------------------------------------------------------------------
------------------------------------------------------------------------------------
Security protocols for 2G and 3G wireless communications
T. Newe & T. Coffey
Data Communications Security Group,
Department of Electronic & Computer Engineering,
University of Limerick, Ireland.
E-Mail: (Thomas.Newe@UL.ie) (Tom.Coffey@UL.ie)
Generic set of security requirements for mobile device protocols:
1. Mutual Authentication of user and network
2. Exchange of certified public keys
3. Session key agreement
4. Joint control of session key
5. Mutual implicit key authentication
6. Mutual key confirmation
7. Mutual assurance of key freshness
8. Confidentiality
9. Initialisation of payment mechanism
10. Non-repudiation of origin
2G Mobile Protocols:
3G Mobile Protocols:
Wrap-Up:
The 3G protocols meet the 10 listed requirements given by the paper.
Then: only link security is feasible. Now: End-to-end security is primary concern.
Question: Will this work for non-UMTS services?
------------------------------------------------------------------------------------
------------------------------------------------------------------------------------
EDIT: I forgot to give credit where it is due.
Danilo Bruschi and Emilia Rosti
Dipartimento di Scienze dell’Informazione, Università degli Studi di Milano, Via Comelico 39/41, 20135 Milano, Italy
"Since cryptography is employed to satisfy such requirements, the design of efficient key management scheme is the critical aspect for the realization of a secure multicast primitive."
Critical Factors:
- Members' limited computational power
- Host mobility
- Tracking keying material during handoff
- Role of MSSes (mobile support stations)
- Non-trusted, Semi-trusted, Fully-trusted
- Confidentiality
- Authenticity
- Traffic backward secrecy: newcomers should not be able to read former traffic
- Traffic forward secrecy: former members should not be able to read present & future traffic
Flat Schemes, Clustered Schemes, Tree-based Schemes, etc
Wrap-up:
Amount of work done by components depends critically on level of trust in MSSes.
------------------------------------------------------------------------------------
------------------------------------------------------------------------------------
Security protocols for 2G and 3G wireless communications
T. Newe & T. Coffey
Data Communications Security Group,
Department of Electronic & Computer Engineering,
University of Limerick, Ireland.
E-Mail: (Thomas.Newe@UL.ie) (Tom.Coffey@UL.ie)
Generic set of security requirements for mobile device protocols:
1. Mutual Authentication of user and network
2. Exchange of certified public keys
3. Session key agreement
4. Joint control of session key
5. Mutual implicit key authentication
6. Mutual key confirmation
7. Mutual assurance of key freshness
8. Confidentiality
9. Initialisation of payment mechanism
10. Non-repudiation of origin
2G Mobile Protocols:
- Beller-Chang-Yacobi and Carlsen's BCY
- Combination of symmetric and asymmetric encryption
- Suggested improvements to orig. BCY by Carlsen:
- Beller-Yacobi and Boyd-Mathuria's BY
- Low-cost, two-way public-key authentication and key agreement
3G Mobile Protocols:
- ASPeCT (Variant B) Protocol
- In UMTS environments
- Boyd-Park and NC Boyd-Park Key Agreement Protocols
- Corrects the mobile identification delay weakness in the ASPeCT protocol
Wrap-Up:
The 3G protocols meet the 10 listed requirements given by the paper.
Then: only link security is feasible. Now: End-to-end security is primary concern.
Question: Will this work for non-UMTS services?
------------------------------------------------------------------------------------
------------------------------------------------------------------------------------
EDIT: I forgot to give credit where it is due.
0 Comments:
Post a Comment
<< Home