Abstract
Key agreement is a fundamental security functionality by which pairs of nodes agree on shared keys to be used for protecting their pairwise communications. In this work we study key-agreement schemes that are well-suited for the mobile network environment. Specifically, we describe schemes with the following characteristics:
-
Non-interactive: any two nodes can compute a unique shared secret key without interaction;
-
Identity-based: to compute the shared secret key, each node only needs its own secret key and the identity of its peer;
-
Hierarchical: the scheme is decentralized through a hierarchy where intermediate nodes in the hierarchy can derive the secret keys for each of its children without any limitations or prior knowledge on the number of such children or their identities;
-
Resilient: the scheme is fully resilient against compromise of any number of leaves in the hierarchy, and of a threshold number of nodes in each of the upper levels of the hierarchy.
Several schemes in the literature have three of these four properties, but the schemes in this work are the first to possess all four. This makes them well-suited for environments such as MANETs and tactical networks which are very dynamic, have significant bandwidth and energy constraints, and where many nodes are vulnerable to compromise. We provide rigorous analysis of the proposed schemes and discuss implementations aspects.
Extended Abstract. Full version available in [8]. Research was sponsored by US Army Research laboratory and the UK Ministry of Defence and was accomplished under Agreement Number W911NF-06-3-0001. The views and conclusions contained in this document are those of the authors and should not be interpreted as representing the official policies, either expressed or implied, of the US Army Research Laboratory, the U.S. Government, the UK Ministry of Defense, or the UK Government. The US and UK Governments are authorized to reproduce and distribute reprints for Government purposes notwithstanding any copyright notation hereon.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Blom, R.: An Optimal Class of Symmetric Key Generation Systems. In: Beth, T., Cot, N., Ingemarsson, I. (eds.) EUROCRYPT 1984. LNCS, vol. 209, pp. 335–338. Springer, Heidelberg (1985)
Blundo, C., De Santis, A., Herzberg, A., Kutten, S., Vaccaro, U., Yung, M.: Perfectly Secure Key Distribution for Dynamic Conferences. Information and Computation 146(1), 1–23 (1998)
Boneh, D., Franklin, M.: Identity-Based Encryption from the Weil Pairing. SIAM. J. Computing 32(3), 586–615 (2003)
Diffie, W., Hellman, M.E.: New Directions in Cryptography. IEEE Transactions on Information Theory 22(6), 644–654 (1976)
Du, W., Deng, J., Han, Y.S., Varshney, P.K., Katz, J., Khalili, A.: A Pairwise Key Pre-Distribution Scheme for Wireless Sensor Networks. ACM Transactions on Information and System Security 8(2), 228–258 (2005)
Dupont, R., Enge, A.: Practical Non-Interactive Key Distribution Based on Pairings (2002), http://eprint.iacr.org/2002/136
Eschenauer, L., Gligor, V.D.: A key-management scheme for distributed sensor networks. In: Proceedings of the 9th ACM conference on Computer and communications security, ACM-CCS 2002, pp. 41–47. ACM, New York (2002)
Gennaro, R., Halevi, S., Krawczyk, H., Rabin, T., Reidt, S., Wolthusen, S.D.: Strongly-Resilient and Non-Interactive Hierarchical Key-Agreement in MANETs, http://eprint.iacr.org/2008/308
Hanaoka, G., Nishioka, T., Zheng, Y., Imai, H.: A Hierarchical Non-interactive Key-Sharing Scheme with Low Memory Size and High Resistance against Collusion Attacks. Comput. J. 45(3), 293–303 (2002)
Horwitz, J., Lynn, B.: Towards Hierarchical Identity-Based Encryption. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 466–481. Springer, Heidelberg (2002)
Liu, D., Ning, P.: Establishing pairwise keys in distributed sensor networks. In: Proceedings of the 10th ACM Conference on Computer and Communications Security, ACM-CCS 2003, pp. 52–61. ACM, New York (2003)
Matt, B.: Toward Hierarachical Identity-Based Cryptography for Tactical Networks. In: Military Communications Conference, MILCOM 2004, pp. 727–735. IEEE, Los Alamitos (2004)
Ramkumar, M., Memon, N., Simha, R.: A hierarchical key pre-distribution scheme. In: Electro/Information Technolgy Conference, EIT 2005. IEEE, Los Alamitos (2005)
Sakai, R., Ohgishi, K., Kasahara, M.: Cryptosystems Based on Pairings. In: Proceedings of SCIS 2000 (2000)
Page, D., Smart, N.P., Vercauteren, F.: A comparison of MNT curves and supersingular curves. Appl. Algebra Eng., Commun. Comput. 17(5), 379–392 (2006)
Balfe, S., Boklan, K.D., Klagsbrun, Z., Paterson, K.G.: Key Refreshing in Identity-based Cryptography and its Applications in MANETS. In: Milcom (2007)
NS-2: Open Source Network Simulator, http://www.isi.edu/nsnam/ns/
Reidt, S., Ebinger, P., Wolthusen, S.D.: Resource-Constrained Signal Propagation Modeling for Tactical Networks (manuscript, 2006)
A Compromise-Resilient Scheme for Pairwise Key Establishment in Dynamic Sensor Networks. In: Zhang, W., Tran, M., Zhu, S., Cao, G. (eds.) MobiHoc (2007)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2008 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Gennaro, R., Halevi, S., Krawczyk, H., Rabin, T., Reidt, S., Wolthusen, S.D. (2008). Strongly-Resilient and Non-interactive Hierarchical Key-Agreement in MANETs. In: Jajodia, S., Lopez, J. (eds) Computer Security - ESORICS 2008. ESORICS 2008. Lecture Notes in Computer Science, vol 5283. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-88313-5_4
Download citation
DOI: https://doi.org/10.1007/978-3-540-88313-5_4
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-88312-8
Online ISBN: 978-3-540-88313-5
eBook Packages: Computer ScienceComputer Science (R0)