Cryptology ePrint Archive: Report 2016/060

CrypTopology:Plug, Play and Recover Key Management

Amir Herzberg and Yehonatan Kfir

Abstract: Research on establishing and maintaining secure communi-cation, has two distinct categories: using cryptography, withpre-shared or certified keys, and using known, redundant network topology. We present the CrypTopology model, combining cryptography with topology, with benefits over the pure-crypto and pure-topology approaches. The model also considers deployment challenges, by taking into account legacy devices and routing, an aspect which is very relevant (but so far ignored)in topology-based protocols.We use the CrypTopology model to study key setup and management.We present the CrypTop protocol, that allows easy plug and play key setup, between new devices and a trusted authentication server(whose public key is known). Furthermore, CrypTop limits the impact of key exposures: it ensures proactive key refresh, re-establishing security after exposure. In addition, CrypTop supports incremental deployment, and is effective even for partial deployment.We analyze the properties of the CrypTop protocol and show sufficient topology conditions for its applicability. We prove its security against an attacker that is able control some of the devices in the network. We further present AR-CrypTop, an improvement of CrypTop that is secure even for Adversarial Routing.

Category / Keywords: Cryptography

Date: received 24 Jan 2016, last revised 7 May 2016

Contact author: yehonatank at gmail com

Available format(s): PDF | BibTeX Citation

Version: 20160507:184443 (All versions of this report)

Short URL:

Discussion forum: Show discussion | Start new discussion

[ Cryptology ePrint archive ]