Distributing a private key generator in Ad hoc Networks
Permanent link
https://hdl.handle.net/10037/2074Date
2009-05-15Type
Master thesisMastergradsoppgave
Author
Stenberg, Eystein MåløyAbstract
A Mobile Ad hoc Network (MANET) is a wireless network that does not
rely on a fixed infrastructure. These characteristics make algorithms
that route network traffic particularly vulnerable to
attack. Mechanisms used to protect against such attacks often depend
on cryptographic keys.
Since the nodes in a MANET have limited resources, designing
methods for cryptographic key management is particularly challenging.
Because the network infrastructure is unstable, assuming that
authorities used in key management are implemented using any single
node is not realistic. Threshold cryptography can be used to
distribute an authority, such that it is implemented by multiple
nodes. This makes the authority more robust against network failures
and harder to compromise.
However, the bandwidth limitations in a MANET result in that public
key distribution becomes very challenging. Identity-based cryptography
(IBC), where any identity may serve as a public key, makes public
keys and their certificates superfluous. The authority issuing private
keys corresponding to an identity is called a Private Key Generator (PKG).
This thesis considers the issue of distributing a PKG to the nodes
in a MANET. It gives a description of a generic distributed PKG,
including a definition of security. An example of a distributed PKG
is also given. This distributed PKG is compatible with some of the
most prevalent IBC systems. It is shown that the security
properties of the base IBC systems are preserved when this
distributed PKG is used instead of the original one.
Threshold cryptography and identity-based cryptography are found to
result in very efficient key management systems, compared to other
methods. It is however important to consider which security properties
a distributed authority has, especially with respect to any leakage of
information on the authority's secret key. However, the main challenge
in connection with key management in a MANET is to authenticate
nodes without requiring preestablished trust.
Publisher
Universitetet i TromsøUniversity of Tromsø
Metadata
Show full item recordCollections
Copyright 2009 The Author(s)
The following license file are associated with this item: