Specifically, we describe schemes with the following haracteristics: -- Non-interactive: any two nodes can compute a unique shared secret key without interaction; -- Identity-based: to compute the shared secret key, each node only needs its own secret key and the identity of its peer; -- Hierarchical: the scheme is decentralized through a hierarchy where intermediate nodes in the hierarchy can derive the secret keys for each of its children without any limitations or prior knowledge on the number of such children or their identities; -- Resilient: the scheme is fully resilient against compromise of {\em any number of leaves} in the hierarchy, and of a threshold number of nodes in each of the upper levels of the hierarchy.
Several schemes in the literature have three of these four properties, but the schemes in this work are the first to possess all four. This makes them well-suited for environments such as MANETs and tactical networks which are very dynamic, have significant bandwidth and energy constraints, and where many nodes are vulnerable to compromise. We provide rigorous analysis of the proposed schemes and discuss implementations aspects.
Category / Keywords: cryptographic protocols / Key Agreement, Hierarchical, Ad-Hoc Networks Publication Info: Accepted at ESORICS'08 Date: received 10 Jul 2008 Contact author: rosario at us ibm com Available format(s): PDF | BibTeX Citation Version: 20080711:003635 (All versions of this report) Short URL: ia.cr/2008/308 Discussion forum: Show discussion | Start new discussion