Cryptology ePrint Archive: Report 2008/308

Strongly-Resilient and Non-Interactive Hierarchical Key-Agreement in MANETs

Rosario Gennaro and Shai Halevi and Hugo Krawczyk and Tal Rabin and Steffen Reidt and Stephen D. Wolthusen

Abstract: Key agreement is a fundamental security functionality by which pairs of nodes agree on shared keys to be used for protecting their pairwise communications. In this work we study key-agreement schemes that are well-suited for the mobile network environment.

Specifically, we describe schemes with the following haracteristics: -- Non-interactive: any two nodes can compute a unique shared secret key without interaction; -- Identity-based: to compute the shared secret key, each node only needs its own secret key and the identity of its peer; -- Hierarchical: the scheme is decentralized through a hierarchy where intermediate nodes in the hierarchy can derive the secret keys for each of its children without any limitations or prior knowledge on the number of such children or their identities; -- Resilient: the scheme is fully resilient against compromise of {\em any number of leaves} in the hierarchy, and of a threshold number of nodes in each of the upper levels of the hierarchy.

Several schemes in the literature have three of these four properties, but the schemes in this work are the first to possess all four. This makes them well-suited for environments such as MANETs and tactical networks which are very dynamic, have significant bandwidth and energy constraints, and where many nodes are vulnerable to compromise. We provide rigorous analysis of the proposed schemes and discuss implementations aspects.

Category / Keywords: cryptographic protocols / Key Agreement, Hierarchical, Ad-Hoc Networks

Publication Info: Accepted at ESORICS'08

Date: received 10 Jul 2008

Contact author: rosario at us ibm com

Available format(s): PDF | BibTeX Citation

Version: 20080711:003635 (All versions of this report)

Discussion forum: Show discussion | Start new discussion

[ Cryptology ePrint archive ]