Title :
Exploiting Mobility for Key Establishment
Author :
Nicholson, Anthony J. ; Han, Junghee ; Watson, David ; Noble, Brian D.
Author_Institution :
Michigan Univ., Ann Arbor, MI
Abstract :
Despite years of research on security and cryptography, the vast majority of Internet communications are still unencrypted. We argue the blame lies not with users but with the tools they have available to them. Securing a communication channel with encryption is easy - the hard part is distributing keys in the first place. Current solutions rely ultimately on user actions -verification of encryption keys by inspecting either fingerprints or certificates. Instead, we present a model in which keys are established insecurely and automatically confirmed by exchanging cryptographic hashes of the key. To thwart an active attacker, hashes must travel over some path the attacker does not control. To do so, we exploit users´ everyday mobility, plus the capabilities of an overlay network, to resend hashes from diverse access points. Initial simulation and field results support our claim that this generates routes sufficiently diverse to foil all but the most powerful attackers, without requiring explicit action on the part of users
Keywords :
Internet; cryptography; telecommunication security; Internet communications; communication channel security; cryptographic hashes; encryption key verification; key distribution; overlay network; Automatic control; Communication channels; Data security; Fingerprint recognition; Internet; Power generation; Protocols; Public key; Public key cryptography; Usability;
Conference_Titel :
Mobile Computing Systems and Applications, 2006. WMCSA '06. Proceedings. 7th IEEE Workshop on
Conference_Location :
Orcas Island, WA
Print_ISBN :
0-7695-2439-7
DOI :
10.1109/WMCSA.2006.9
