## Abstract

Key agreement is a fundamental security functionality by which pairs of nodes agree on shared keys to be used for protecting their pairwise communications. In this work we study key-agreement schemes that are well-suited for the mobile network environment. Specifically, we describe schemes with the following characteristics:

• Non-interactive: any two nodes can compute a unique shared secret key without interaction;

• Identity-based: to compute the shared secret key, each node only needs its own secret key and the identity of its peer;

• Hierarchical: the scheme is decentralized through a hierarchy where intermediate nodes in the hierarchy can derive the secret keys for each of its children without any limitations or prior knowledge on the number of such children or their identities;

• Resilient: the scheme is fully resilient against compromise of any number of leaves in the hierarchy, and of a threshold number of nodes in each of the upper levels of the hierarchy.

Several schemes in the literature have three of these four properties, but the schemes in this work are the first to possess all four. This makes them well-suited for environments such as MANETs and tactical networks which are very dynamic, have significant bandwidth and energy constraints, and where many nodes are vulnerable to compromise. We provide rigorous analysis of the proposed schemes and discuss implementations aspects.

• Non-interactive: any two nodes can compute a unique shared secret key without interaction;

• Identity-based: to compute the shared secret key, each node only needs its own secret key and the identity of its peer;

• Hierarchical: the scheme is decentralized through a hierarchy where intermediate nodes in the hierarchy can derive the secret keys for each of its children without any limitations or prior knowledge on the number of such children or their identities;

• Resilient: the scheme is fully resilient against compromise of any number of leaves in the hierarchy, and of a threshold number of nodes in each of the upper levels of the hierarchy.

Several schemes in the literature have three of these four properties, but the schemes in this work are the first to possess all four. This makes them well-suited for environments such as MANETs and tactical networks which are very dynamic, have significant bandwidth and energy constraints, and where many nodes are vulnerable to compromise. We provide rigorous analysis of the proposed schemes and discuss implementations aspects.

Original language | English |
---|---|

Title of host publication | Computer Security - ESORICS 2008 |

Subtitle of host publication | Proc. 13th European Symposium on Research in Computer Security |

Publisher | Springer-Verlag |

Pages | 49-65 |

ISBN (Print) | 978-3-540-88313-5 |

DOIs | |

Publication status | Published - 6 Oct 2008 |