Paper 2016/060
CrypTopology:Plug, Play and Recover Key Management
Amir Herzberg and Yehonatan Kfir
Abstract
Research on establishing and maintaining secure communi-cation, has two distinct categories: using cryptography, withpre-shared or certified keys, and using known, redundant network topology. We present the CrypTopology model, combining cryptography with topology, with benefits over the pure-crypto and pure-topology approaches. The model also considers deployment challenges, by taking into account legacy devices and routing, an aspect which is very relevant (but so far ignored)in topology-based protocols.We use the CrypTopology model to study key setup and management.We present the CrypTop protocol, that allows easy plug and play key setup, between new devices and a trusted authentication server(whose public key is known). Furthermore, CrypTop limits the impact of key exposures: it ensures proactive key refresh, re-establishing security after exposure. In addition, CrypTop supports incremental deployment, and is effective even for partial deployment.We analyze the properties of the CrypTop protocol and show sufficient topology conditions for its applicability. We prove its security against an attacker that is able control some of the devices in the network. We further present AR-CrypTop, an improvement of CrypTop that is secure even for Adversarial Routing.
Metadata
- Available format(s)
- Publication info
- Preprint. MINOR revision.
- Keywords
- Cryptography
- Contact author(s)
- yehonatank @ gmail com
- History
- 2019-07-29: last of 4 revisions
- 2016-01-25: received
- See all versions
- Short URL
- https://ia.cr/2016/060
- License
-
CC BY