Article

Concrete Security for Entity Recognition: The Jane Doe Protocol

Authors:

André Weimerskirch,

Dirk WesthoffAuthors Info & Claims

INDOCRYPT '08: Proceedings of the 9th International Conference on Cryptology in India: Progress in Cryptology

Pages 158 - 171

https://doi.org/10.1007/978-3-540-89754-5_13

Published: 14 December 2008 Publication History

Abstract

Entity recognition does not ask whether the message is from some entity <em>X</em>, just whether a message is from the same entity as a previous message. This turns turns out to be very useful for low-end devices. The current paper proposes a new protocol --- the "Jane Doe Protocol" ---, and provides a formal proof of its concrete security. The protocol neither employs asymmetric cryptography, nor a trusted third party, nor any key pre-distribution. It is suitable for light-weight cryptographic devices such as sensor network motes and RFID tags.

References

[1]

Anderson, R., Bergadano, F., Crispo, B., Lee, J.-H., Manifavas, C., Needham, R.: A New Family of Authentication Protocols. ACM Operating Systems Review 32 (1998).

Digital Library

[2]

Arkko, J., Nikander, P.: Weak Authentication: How to Authenticate Unknown Principals without Trusted Parties. In: Proc. Security Protocols Workshop 2002 (2002).

[3]

Bellare, M., Rogaway, P.: Entity Authentication and Key Distribution. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773. Springer, Heidelberg (1994).

Digital Library

[4]

Bird, R., Gopal, I., Herzberg, A., Janson, P., Kutten, S., Molva, R., Yung, M.: Systematic design of two-party authentication protocols. In: Feigenbaum, J. (ed.) CRYPTO 1991. LNCS, vol. 576. Springer, Heidelberg (1992).

Digital Library

[5]

Buonadonna, P., Hill, J., Culler, D.: Active Message Communication for Tiny Networked Sensors. In: Proc. 20th Joint Conference of the IEEE Computer and Communications Societies. IEEE, Los Alamitos (2001).

[6]

Coppersmith, D., Jakobsson, M.: Almost Optimal Hash Sequence Traversal. In: Blaze, M. (ed.) FC 2002. LNCS, vol. 2357. Springer, Heidelberg (2003).

Digital Library

[7]

Dolev, D., Yao, A.: On the Security of Public Key Protocols. IEEE Trans. Information Theory 29(2), 198-208 (1983).

Digital Library

[8]

Dielsma, P., Mödersheim, S., Vigano, L., Basin, D.: Formalizing and Analyzing Sender Invariance. In: Dimitrakos, T., Martinelli, F., Ryan, P.Y.A., Schneider, S. (eds.) FAST 2006. LNCS, vol. 4691. Springer, Heidelberg (2007).

Digital Library

[9]

Gollmann, D.: Protocol Design: Coming Down from the Cloud (Invited Talk). In: Workshop on RFID and Lightweight Crypto 2005 (2005), http://www.iaik.tugraz.at/research/krypto/events/

[10]

Hammell, J., Weimerskirch, A., Girao, J.,Westhoff, D.: Recognition in a Low-Power Environment. In: Proc. ICDCSW 2005. IEEE, Los Alamitos (2005).

Digital Library

[11]

Hodjat, A., Verbauwhede, I.: The Energy Cost of Secrets in Ad-hoc Networks. In: IEEE Circuits and Systems workshop on wireless communications and networking. IEEE, Los Alamitos (2002).

[12]

Lucks, S., Zenner, E., Weimerskirch, A., Westhoff, D.: Entity Recognition for Sensor Network Motes. In: Proc. INFORMATIK 2005, vol. 2, pp. 145-149 (2005); LNI Vol. P-68, ISBN 3-88579-379-0 (an early 5-page abstract of the current research).

[13]

Lucks, S., Zenner, E., Weimerskirch, A., Westhoff, D.: Concrete Security for Entity Recognition: The Jane Doe Protocol (Full Paper), eprint, full version of the current paper.

[14]

Mitchell, C.: Remote User Authentication Using Public Information. In: Paterson, K.G. (ed.) Cryptography and Coding 2003. LNCS, vol. 2898. Springer, Heidelberg (2003).

[15]

Russell, S.: Fast Checking of Individual Certificate Revocation on Small Systems. In: Proc. 15th Annual Computer Security Application Conference. IEEE, Los Alamitos (1999).

Digital Library

[16]

Seigneur, J.-M., Farrell, S., Jensen, C., Gray, E., Chen, Y.: End-to-end trust in pervasive computing starts with recognition. In: Hutter, D., Müller, G., Stephan, W., Ullmann, M. (eds.) Security in Pervasive Computing. LNCS, vol. 2802. Springer, Heidelberg (2004).

[17]

Stajano, F., Anderson, R.: The Resurrecting Duckling: Security Issues for Ad-hoc Wireless Networks. In: Malcolm, J.A., Christianson, B., Crispo, B., Roe, M. (eds.) Security Protocols 1999. LNCS, vol. 1796. Springer, Heidelberg (2000).

Digital Library

[18]

Weimerskirch, A., Westhoff, D.: Zero Common-Knowledge Authentication for Pervasive Networks. In: Matsui, M., Zuccherato, R.J. (eds.) SAC 2003. LNCS, vol. 3006. Springer, Heidelberg (2004).

[19]

Weimerskirch, A., Westhoff, D., Lucks, S., Zenner, E.: Efficient Pairwise Authentication Protocols for Sensor and Ad-hoc Networks. In: Sensor Network Operations. IEEE Press, Los Alamitos (2004).

Cited By

Barrera DClark JMcCarney Dvan Oorschot PYu TEnck WJiang X(2012)Understanding and improving app installation security mechanisms through empirical analysis of androidProceedings of the second ACM workshop on Security and privacy in smartphones and mobile devices10.1145/2381934.2381949(81-92)Online publication date: 19-Oct-2012
https://dl.acm.org/doi/10.1145/2381934.2381949
González Muñiz MLaud PChu WWong WPalakal MHung C(2011)On the (im)possibility of perennial message recognition protocols without public-key cryptographyProceedings of the 2011 ACM Symposium on Applied Computing10.1145/1982185.1982508(1510-1515)Online publication date: 21-Mar-2011
https://dl.acm.org/doi/10.1145/1982185.1982508
Mashatan AVaudenay S(2010)A message recognition protocol based on standard assumptionsProceedings of the 8th international conference on Applied cryptography and network security10.5555/1894302.1894332(384-401)Online publication date: 22-Jun-2010
https://dl.acm.org/doi/10.5555/1894302.1894332
Show More Cited By

Concrete Security for Entity Recognition: The Jane Doe Protocol
1. Networks
2. Security and privacy

Recommendations

What Security Can We Achieve Within 4 Rounds?
Abstract
Katz and Ostrovsky (Crypto 2004) proved that five rounds are necessary for stand-alone general black-box constructions of secure two-party protocols and at least four rounds are necessary if only one party needs to receive the output. Recently, ...
Simplified security notions of direct anonymous attestation and a concrete scheme from pairings

Direct Anonymous Attestation (DAA) is a cryptographic mechanism that enables remote authentication of a user while preserving privacy under the user’s control. The DAA scheme developed by Brickell, Camenisch, and Chen has been adopted by the Trust ...
A Concrete Certificateless Signature Scheme without Pairings
MINES '09: Proceedings of the 2009 International Conference on Multimedia Information Networking and Security - Volume 02

Certificateless public key cryptography was introduced to avoid the inherent key escrow problem in identity-based cryptography, and eliminate the use of certificates in traditional PKI. Most cryptographic schemes in certificateless cryptography are ...

Comments

Information & Contributors

Information

Published In

cover image Guide Proceedings

INDOCRYPT '08: Proceedings of the 9th International Conference on Cryptology in India: Progress in Cryptology

December 2008

436 pages

ISBN:9783540897538

Editors:
Dipanwita Roy Chowdhury
Dept. of Computer Science and Engineering, Indian Institute of Technology, Kharagpur, India 721 302
,
Vincent Rijmen
K.U. Leuven, ESAT/COSIC Kasteelpark, Leuven-Heverlee, Belgium B-3001
,
Abhijit Das
Department of Computer Science and Engineering, Indian Institute of Technology, Kharagpur, India 721 302

Publisher

Springer-Verlag

Berlin, Heidelberg

Publication History

Published: 14 December 2008

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

4
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 25 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

Barrera DClark JMcCarney Dvan Oorschot PYu TEnck WJiang X(2012)Understanding and improving app installation security mechanisms through empirical analysis of androidProceedings of the second ACM workshop on Security and privacy in smartphones and mobile devices10.1145/2381934.2381949(81-92)Online publication date: 19-Oct-2012
https://dl.acm.org/doi/10.1145/2381934.2381949
González Muñiz MLaud PChu WWong WPalakal MHung C(2011)On the (im)possibility of perennial message recognition protocols without public-key cryptographyProceedings of the 2011 ACM Symposium on Applied Computing10.1145/1982185.1982508(1510-1515)Online publication date: 21-Mar-2011
https://dl.acm.org/doi/10.1145/1982185.1982508
Mashatan AVaudenay S(2010)A message recognition protocol based on standard assumptionsProceedings of the 8th international conference on Applied cryptography and network security10.5555/1894302.1894332(384-401)Online publication date: 22-Jun-2010
https://dl.acm.org/doi/10.5555/1894302.1894332
Muñiz MSteinwandt R(2009)Cryptanalysis of a message recognition protocol by Mashatan and StinsonProceedings of the 12th international conference on Information security and cryptology10.5555/1883749.1883782(362-373)Online publication date: 2-Dec-2009
https://dl.acm.org/doi/10.5555/1883749.1883782

View Options

View options

Media

Figures

Other

Tables

View Table of Contents