Key Agreement for Secure Voice over IP

Bilien, Johan

January 2003

This thesis reviews the usual properties and requirements for key agreement protocols. It then focuses on MIKEY, a work-in-progress protocol designed to conduct key agreements for secure multimedia exchanges. The protocol was implemented and incorporated in a SIP user agent - minisip. This implementation was used to measure the additional delay required for key exchange during call establishment. Finally, some schemes are proposed regarding the use of MIKEY in advanced VoIP scenarios, such as conferences and terminal mobility.

voice over IP

MIKEY

multimedia key exchange

Communication Systems

Kommunikationssystem

Quantum Resistant Authenticated Key Exchange from Ideal Lattices

Snook, Michael

03 October 2016

No description available.

Mathematics

Key Exchange

Learning with Errors

Post-Quantum

Authentication

Desired Features and Design Methodologies of Secure Authenticated Key Exchange Protocols in the Public-Key Infrastructure Setting

Wang, Hao-Hsien

January 2004

The importance of an authenticated key exchange (AKE) protocol has long been known in the field of cryptography. Two of the questions still being asked today are (1) what properties or features does a secure AKE protocol possess, and (2) How does one, in a step by step fashion, create a secure AKE protocol? This thesis aims to answer these two questions. The thesis contains two parts: one is a survey of previous works on the desired features of the Station-to-Station (STS) protocol, and the other is a study of a previously proposed design methodology in designing secure AKE protocols, as well as contributing an original idea of such methodologies. Descriptions and comparisons of the two design methodologies are included. The thesis surveys the literature and conducts a case study of the STS protocol, analyzes various attacks on STS through some known attacks to it, and extracts the desired properties and features of a secure AKE protocol via the case study. This part of the thesis does not propose any new result, but summarizes a complete list of issues one should take consideration of while designing an AKE protocol. We also show that at the end of this part, a secure version of STS which possesses the desired features of an AKE protocol. The other major part of the thesis surveys one design methodology of creating a secure AKE protocol by Bellare, Canetti, and Krawczyk; it is based on having a secure key exchange protocol then adding (mutual) authentication to it. The thesis then proposes another original design methodology; it starts with a secure mutual authentication protocol, then adds the secure key exchange feature without modifying overheads and number of flows of the original mutual authentication protocol. We show in this part the "secure" AKE protocol developed through these two design approaches is identical to the secure version of STS described in the other part, and thus possesses the desired features of a secure AKE protocol. We also give a proof of security of the secure AKE protocol developed under our design methodology.

Computer Science

authentication

authenticated key exchange

Diffie-Hellman

Station-to-Station protocol

STS

Konkrétní bezpečnost protokolu IPSec / Concrete Security of the IPSec Protocol

Švarcová, Marie

January 2015

The main goal of this thesis is to articulate and to prove security properties of the key exchange protocol IKE, through which the IPSec protocol establishes agreement on keys used for securing internet traffic. It also covers the description of differences between asymptotic and concrete security treatments and the notions of key exchange security and the security of underlying primitives used by key exchange protocols, in the context of concrete security. A general description of IPSec and its main functionalities follows, accompanied by detailed descriptions of both versions of IKE (IKEv1, IKEv2). A general introduction to key exchange is also included and a representative of signature-based version of IKE is introduced and its security is analysed. Powered by TCPDF (www.tcpdf.org)

Security testing of the Zigbee communication protocol in consumer grade IoT devices

van Leeuwen, Daniel, Ayuk, Leonel Taku

January 2019

With the ever increasing number of Internet of Things devices going out on the market for consumers that are Zigbee certified there is a need for security testing. This is to make sure that security standards are upheld and improved upon in order to make sure networks are protected from unauthorized users. Even though a lot of research and testing has been done on the Zigbee key exchange mechanism, called Zigbee commissioning, improvements have still not been enough with severe vulnerabilities in consumer grade devices still existing today. The devices tested in this study use EZ-mode commissioning in order to exchange the network key between a Zigbee coordinator and a Zigbee end device in order to encrypt later communication after being paired.  By using a simple radio receiver and a packet capturing program such as Wireshark an eavesdropping attack was conducted in order to capture the network key. The experiment demonstrates that this is still a weak point as the network key was successfully captured using eavesdropping. The analysis of the results show that previous criticisms of Zigbee commissioning have still not fully been addressed and can be a potential weak point in networks that use Zigbee certified IoT products.

Zigbee

Protocol

IoT

Key Exchange

Internet of Things

Eavesdropping

Other Engineering and Technologies

Annan teknik

同步選擇派翠網路在虛擬私人網路上的應用 / Application of Synchronized Choice Petri Nets to Virtual Private Networks

李滎澤, Ying-tse Lee

Unknown Date

The Synchronize Choice Petri net, a subclass of Petri nets that is constructed based on special structural objects, can improve analytical power to make solving the behavioral problems of Petri nets practically possible. The fact that proving liveness and verifying reachability of a Synchronize Choice Petri net are feasible may lead to several applications. This thesis contributes to one of the applications: building a dynamic key exchange mechanism embedded in Virtual Private Network products by applying Synchronize Choice Petri nets. 　　Based on modern symmetric-key algorithms, such as DES, the dynamic key exchange mechanism enables two communicating sides to use the changing keys to encrypt or decrypt messages correctly without requiring any key transmission during the communication session after the initiation. A proper use of the mechanism is to be integrated with Virtual Private Network products to make the information transmitting between two peers more confidential.

Synchronized Choice Petri Nets

Dynamic Key Exchange

One Time Pads

Virtual Private Networks

Light-Weight Authentication and Key Exchange Protocols with Forward Secrecy for Digital Home

Chiang, Tsung-Pin

15 August 2007

In this thesis we propose a complete solution of authentication and key exchange for digital home environments such that mobile devices can securely access the home devices. Some digital home authentication and key exchange protocols performed between mobile devices and home gateways are assisted by the AAA servers, which are provided by telecommunication companies, but they have some security flaws. In our proposed protocol, the necessary security requirements for digital home secu-rity mechanisms are satisfied, such as mutual authentication, authenticated key ex-change, and forward secrecy. In our digital home security scheme, a mobile device can authenticate his home gateway and exchange a session key with each home de-vice without pre-sharing keys with the home gateway and with the home device. The proposed authentication and key exchange protocol can also cooperate with the AAA server. Furthermore, we propose another authentication and key exchange protocol with forward secrecy between mobile devices and home devices. The computation capabilities of the mobile devices also are considered in our proposed protocols, where we only employ symmetric encryption/decryption and low-cost op-erations in order to reach the aim of light-weight computation cost.

security

key exchange

identity authentication

forward secrecy

light-weight computation

digital home

Authentication and Key Exchange in Mobile Ad Hoc Networks

Hoeper, Katrin

09 1900

Over the past decade or so, there has been rapid growth in wireless and mobile applications technologies. More recently, an increasing emphasis has been on the potential of infrastructureless wireless mobile networks that are easy, fast and inexpensive to set up, with the view that such technologies will enable numerous new applications in a wide range of areas. Such networks are commonly referred to as mobile ad hoc networks (MANETs). Exchanging sensitive information over unprotected wireless links with unidentified and untrusted endpoints demand the deployment of security in MANETs. However, lack of infrastructure, mobility and resource constraints of devices, wireless communication links and other unique features of MANETs induce new challenges that make implementing security a very difficult task and require the design of specialized solutions. This thesis is concerned with the design and analysis of security solutions for MANETs. We identify the initial exchange of authentication and key credentials, referred to as pre-authentication, as well as authentication and key exchange as primary security goals. In particular, the problem of pre-authentication has been widely neglected in existing security solutions, even though it is a necessary prerequisite for other security goals. We are the first to classify and analyze different methods of achieving pairwise pre-authentication in MANETs. Out of this investigation, we identify identity-based cryptographic (IBC) schemes as well-suited to secure MANET applications that have no sufficient security solutions at this time. We use pairing-based IBC schemes to design an authentication and key exchange framework that meets the special requirements of MANETs. Our solutions are comprised of algorithms that allow for efficient and secure system set up, pre-authentication, mutual authentication, key establishment, key renewal, key revocation and key escrow prevention. In particular, we present the first fully self-organized key revocation scheme for MANETs that does not require any trusted third party in the network. Our revocation scheme can be used to amend existing IBC solutions, be seamlessly integrated in our security framework and even be adopted to conventional public key solutions for MANETs. Our scheme is based on propagated accusations and once the number of received accusations against a node reaches a defined threshold, the keys of the accused nodes are revoked. All communications are cryptographically protected, but unlike other proposed schemes, do not require computationally demanding digital signatures. Our scheme is the first that efficiently and securely enables nodes to revoke their own keys. Additionally, newly joining nodes can obtain previous accusations without performing computationally demanding operations such as verifying digital signatures. Several security and performance parameters make our scheme adjustable to the hostility of the MANET environment and the degree of resource constraints of network and devices. In our security analysis we show how security parameters can be selected to prevent attacks by colluding nodes and roaming adversaries. In our proposed security framework, we utilize special properties of pairing-based keys to design an efficient and secure method for pairwise pre-authentication and a set of ID-based authenticated key exchange protocols. In addition, we present a format for ID-based public keys that, unlike other proposed formats, allows key renewal before the start of a new expiry interval. Finally, we are the first to discuss the inherent key escrow property of IBC schemes in the context of MANETs. Our analysis shows that some special features of MANETs significantly limit the escrow capabilities of key generation centers (KGCs). We propose a novel concept of spy nodes that can be utilized by KGCs to increase their escrow capabilities and analyze the probabilities of successful escrow attacks with and without spy nodes. In summary, we present a complete authentication and key exchange framework that is tailored for MANET applications that have previously lacked such security solutions. Our solutions can be implemented using any pairing-based IBC scheme. The component design allows for the implementation of single schemes to amend existing solutions that do not provide certain functionalities. The introduction of several security and performance parameters make our solutions adjustable to different levels of resource constraints and security needs. In addition, we present extensions that make our solutions suitable for applications with sporadic infrastructure access as envisioned in the near future.

mobile ad hoc networks

authentication

key exchange

security

key revocation

identity-based cryptography

Electrical and Computer Engineering

Desired Features and Design Methodologies of Secure Authenticated Key Exchange Protocols in the Public-Key Infrastructure Setting

Wang, Hao-Hsien

January 2004

The importance of an authenticated key exchange (AKE) protocol has long been known in the field of cryptography. Two of the questions still being asked today are (1) what properties or features does a secure AKE protocol possess, and (2) How does one, in a step by step fashion, create a secure AKE protocol? This thesis aims to answer these two questions. The thesis contains two parts: one is a survey of previous works on the desired features of the Station-to-Station (STS) protocol, and the other is a study of a previously proposed design methodology in designing secure AKE protocols, as well as contributing an original idea of such methodologies. Descriptions and comparisons of the two design methodologies are included. The thesis surveys the literature and conducts a case study of the STS protocol, analyzes various attacks on STS through some known attacks to it, and extracts the desired properties and features of a secure AKE protocol via the case study. This part of the thesis does not propose any new result, but summarizes a complete list of issues one should take consideration of while designing an AKE protocol. We also show that at the end of this part, a secure version of STS which possesses the desired features of an AKE protocol. The other major part of the thesis surveys one design methodology of creating a secure AKE protocol by Bellare, Canetti, and Krawczyk; it is based on having a secure key exchange protocol then adding (mutual) authentication to it. The thesis then proposes another original design methodology; it starts with a secure mutual authentication protocol, then adds the secure key exchange feature without modifying overheads and number of flows of the original mutual authentication protocol. We show in this part the "secure" AKE protocol developed through these two design approaches is identical to the secure version of STS described in the other part, and thus possesses the desired features of a secure AKE protocol. We also give a proof of security of the secure AKE protocol developed under our design methodology.

Computer Science

authentication

authenticated key exchange

Diffie-Hellman

Station-to-Station protocol

STS

Authentication and Key Exchange in Mobile Ad Hoc Networks

Hoeper, Katrin

09 1900

Over the past decade or so, there has been rapid growth in wireless and mobile applications technologies. More recently, an increasing emphasis has been on the potential of infrastructureless wireless mobile networks that are easy, fast and inexpensive to set up, with the view that such technologies will enable numerous new applications in a wide range of areas. Such networks are commonly referred to as mobile ad hoc networks (MANETs). Exchanging sensitive information over unprotected wireless links with unidentified and untrusted endpoints demand the deployment of security in MANETs. However, lack of infrastructure, mobility and resource constraints of devices, wireless communication links and other unique features of MANETs induce new challenges that make implementing security a very difficult task and require the design of specialized solutions. This thesis is concerned with the design and analysis of security solutions for MANETs. We identify the initial exchange of authentication and key credentials, referred to as pre-authentication, as well as authentication and key exchange as primary security goals. In particular, the problem of pre-authentication has been widely neglected in existing security solutions, even though it is a necessary prerequisite for other security goals. We are the first to classify and analyze different methods of achieving pairwise pre-authentication in MANETs. Out of this investigation, we identify identity-based cryptographic (IBC) schemes as well-suited to secure MANET applications that have no sufficient security solutions at this time. We use pairing-based IBC schemes to design an authentication and key exchange framework that meets the special requirements of MANETs. Our solutions are comprised of algorithms that allow for efficient and secure system set up, pre-authentication, mutual authentication, key establishment, key renewal, key revocation and key escrow prevention. In particular, we present the first fully self-organized key revocation scheme for MANETs that does not require any trusted third party in the network. Our revocation scheme can be used to amend existing IBC solutions, be seamlessly integrated in our security framework and even be adopted to conventional public key solutions for MANETs. Our scheme is based on propagated accusations and once the number of received accusations against a node reaches a defined threshold, the keys of the accused nodes are revoked. All communications are cryptographically protected, but unlike other proposed schemes, do not require computationally demanding digital signatures. Our scheme is the first that efficiently and securely enables nodes to revoke their own keys. Additionally, newly joining nodes can obtain previous accusations without performing computationally demanding operations such as verifying digital signatures. Several security and performance parameters make our scheme adjustable to the hostility of the MANET environment and the degree of resource constraints of network and devices. In our security analysis we show how security parameters can be selected to prevent attacks by colluding nodes and roaming adversaries. In our proposed security framework, we utilize special properties of pairing-based keys to design an efficient and secure method for pairwise pre-authentication and a set of ID-based authenticated key exchange protocols. In addition, we present a format for ID-based public keys that, unlike other proposed formats, allows key renewal before the start of a new expiry interval. Finally, we are the first to discuss the inherent key escrow property of IBC schemes in the context of MANETs. Our analysis shows that some special features of MANETs significantly limit the escrow capabilities of key generation centers (KGCs). We propose a novel concept of spy nodes that can be utilized by KGCs to increase their escrow capabilities and analyze the probabilities of successful escrow attacks with and without spy nodes. In summary, we present a complete authentication and key exchange framework that is tailored for MANET applications that have previously lacked such security solutions. Our solutions can be implemented using any pairing-based IBC scheme. The component design allows for the implementation of single schemes to amend existing solutions that do not provide certain functionalities. The introduction of several security and performance parameters make our solutions adjustable to different levels of resource constraints and security needs. In addition, we present extensions that make our solutions suitable for applications with sporadic infrastructure access as envisioned in the near future.

mobile ad hoc networks

authentication

key exchange

security

key revocation

identity-based cryptography

Electrical and Computer Engineering