Subscribe

Issue No.03 - March (2014 vol.13)

pp: 469-481

Basel Alomair , Computer Research Institute (CRI), King Abdulaziz City for Science and Technology (KACST), Saudi Arabia

Radha Poovendran , University of Washington, Seattle

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/TMC.2012.252

ABSTRACT

With today's technology, many applications rely on the existence of small devices that can exchange information and form communication networks. In a significant portion of such applications, the confidentiality and integrity of the communicated messages are of particular interest. In this work, we propose two novel techniques for authenticating short encrypted messages that are directed to meet the requirements of mobile and pervasive applications. By taking advantage of the fact that the message to be authenticated must also be encrypted, we propose provably secure authentication codes that are more efficient than any message authentication code in the literature. The key idea behind the proposed techniques is to utilize the security that the encryption algorithm can provide to design more efficient authentication mechanisms, as opposed to using standalone authentication primitives.

INDEX TERMS

Encryption, Authentication, Message authentication, Algorithm design and analysis,pervasive computing, Authentication, unconditional security, computational security, universal hash-function families

CITATION

Basel Alomair, Radha Poovendran, "Efficient Authentication for Mobile and Pervasive Computing",

*IEEE Transactions on Mobile Computing*, vol.13, no. 3, pp. 469-481, March 2014, doi:10.1109/TMC.2012.252REFERENCES

- [1] L. Carter and M. Wegman, "Universal Hash Functions,"
J. Computer and System Sciences, vol. 18, no. 2, pp. 143-154, 1979.- [2] T. Helleseth and T. Johansson, "Universal Hash Functions from Exponential Sums over Finite Fields and Galois Rings,"
Proc. 16th Ann. Int'l Cryptology Conf. Advances in Cryptology (CRYPTO '96), pp. 31-44, 1996.- [3] V. Shoup, "On Fast and Provably Secure Message Authentication Based on Universal Hashing,"
Proc. 16th Ann. Int'l Cryptology Conf. Advances in Cryptology (CRYPTO '96), pp. 313-328, 1996.- [4] B. Alomair, A. Clark, and R. Poovendran, "The Power of Primes: Security of Authentication Based on a Universal Hash-Function Family,"
J. Math. Cryptology, vol. 4, no. 2, 2010.- [5] B. Alomair and R. Poovendran, "E-MACs: Towards More Secure and More Efficient Constructions of Secure Channels,"
IEEE Trans. Computers, 2012.- [6]
Federal Information Processing Standards (FIPS) Publication 113, Computer Data Authentication, FIPS, 1985.- [7]
ISO/IEC 9797-1:1999 Standard, Information Technology - Security Techniques - Message Authentication Codes (MACs) - Part 1: Mechanisms Using a Block Cipher, ISO/IEC, 1999.- [8] M. Dworkin, "Recommendation for Block Cipher Modes of Operation: The CMAC Mode for Authentication," 2005.
- [9] T. Iwata and K. Kurosawa, "OMAC: One-Key CBC MAC,"
Proc. Int'l Conf. Fast Software Encryption (FSE '03), pp. 129-153, 2003.- [10] M. Bellare, R. Guerin, and P. Rogaway, "XOR MACs: New Methods for Message Authentication Using Finite Pseudorandom Functions,"
Proc. 15th Ann. Int'l Cryptology Conf. Advances in Cryptology (CRYPTO '95), pp. 15-28, 1995.- [11] P. Rogaway and J. Black, "PMAC,"
Proposal to NIST for a Parallelizable Message Authentication Code, 2001.- [12] M. Bellare, J. Kilian, and P. Rogaway, "The Security of the Cipher Block Chaining Message Authentication Code,"
J. Computer and System Sciences, vol. 61, no. 3, pp. 362-399, 2000.- [13] B. Preneel and P. Van Oorschot, "On the Security of Iterated Message Authentication Codes,"
IEEE Trans. Information Theory, vol. 45, no. 1, pp. 188-199, Jan. 1999.- [14] G. Tsudik, "Message Authentication with One-Way Hash Functions,"
ACM SIGCOMM Computer Comm. Rev., vol. 22, no. 5, pp. 29-38, 1992.- [15] M. Bellare, R. Canetti, and H. Krawczyk, "Keying Hash Functions for Message Authentication,"
Proc. 16th Ann. Int'l Cryptology Conf. Advances in Cryptology (CRYPTO '96), pp. 1-15, 1996.- [16]
Federal Information Processing Standards (FIPS) Publication 198, The Keyed-Hash Message Authentication Code (HMAC), FIPS, 2002.- [17] B. Preneel and P.V. Oorschot, "MDx-MAC and Building Fast MACs from Hash Functions,"
Proc. 15th Ann. Int'l Cryptology Conf. Advances in Cryptology (CRYPTO '95), vol. 963, pp. 1-14, 1995.- [18]
ISO/IEC 9797-2:2002 Standard, Information Technology - Security Techniques - Message Authentication Codes (MACs) - Part 2: Mechanisms Using a Dedicated Hash-Function, ISO/IEC 2002.- [19] A. Bosselaers, R. Govaerts, and J. Vandewalle, "Fast Hashing on the Pentium,"
Proc. 16th Ann. Int'l Cryptology Conf. Advances in Cryptology (CRYPTO '96), pp. 298-312, 1996.- [20] J. Black, S. Halevi, H. Krawczyk, T. Krovetz, and P. Rogaway, "UMAC: Fast and Secure Message Authentication,"
Proc. 19th Ann. Int'l Cryptology Conf. Advances in Cryptology (CRYPTO '99), pp. 216-233, 1999.- [21] D. Bernstein, "The Poly1305-AES Message-Authentication Code,"
Proc. 12th Int'l Conf. Fast Software Encryption (FSE '05), pp. 32-49, 2005.- [22] S. Halevi and H. Krawczyk, "MMH: Software Message Authentication in the Gbit/Second Rates,"
Proc. Int'l Conf. Fast Software Encryption (FSE '97), pp. 172-189, 1997.- [23] H. van Tilborg,
Encyclopedia of Cryptography and Security. Springer, 2005.- [24] T. Krovetz, "UMAC: Fast and Provably Secure Message Authentication," http://fastcrypto.orgumac, 2006.
- [25] I. Akyildiz, W. Su, Y. Sankarasubramaniam, and E. Cayirci, "Wireless Sensor Networks: A Survey,"
Computer Networks, vol. 38, no. 4, pp. 393-422, 2002.- [26] A. Perrig, J. Stankovic, and D. Wagner, "Security in Wireless Sensor Networks,"
Comm. ACM, vol. 47, no. 6, pp. 53-57, 2004.- [27] B. Alomair, A. Clark, J. Cuellar, and R. Poovendran, "Toward a Statistical Framework for Source Anonymity in Sensor Networks,"
IEEE Trans. Mobile Computing, vol. 12, no. 2, pp. 248-260, doi:10.1109/TMC.2011.267, Feb. 2013.- [28]
Class-1 Generation-2 UHF Radio Frequency Identification Protocol Standard Version 1.2.0, EPCglobal, Inc., 2008.- [29] S. Sarma, S. Weis, and D. Engels, "RFID Systems and Security and Privacy Implications,"
Proc. Fourth Int'l Workshop Cryptographic Hardware and Embedded Systems (CHES '02), pp. 1-19, 2003.- [30] A. Juels, "RFID Security and Privacy: A Research Survey,"
IEEE J. Selected Areas in Comm., vol. 24, no. 2, pp. 381-394, Feb. 2006.- [31] B. Alomair and R. Poovendran, "Privacy versus Scalability in Radio Frequency Identification Systems,"
Computer Comm., vol. 33, no. 18, pp. 2155-2163, 2010.- [32] B. Alomair, A. Clark, J. Cuellar, and R. Poovendran, "Scalable RFID Systems: A Privacy-Preserving Protocol with Constant-Time Identification,"
IEEE Trans. Parallel and Distributed Systems, vol. 23, no. 8, pp. 1536-1550, Aug. 2012.- [33] K. Venkatasubramanian, A. Banerjee, and S. Gupta, "EKG-Based Key Agreement in Body Sensor Networks,"
Proc. IEEE INFOCOM, pp. 1-6, 2008.- [34] C. Tan, H. Wang, S. Zhong, and Q. Li, "Body Sensor Network Security: An Identity-Based Cryptography Approach,"
Proc. First ACM Conf. Wireless Network Security, pp. 148-153, 2008.- [35] M. Feldhofer, S. Dominikus, and J. Wolkerstorfer, "Strong Authentication for RFID Systems Using the AES Algorithm,"
Proc. Workshop Cryptographic Hardware and Embedded Systems (CHES '04), pp. 357-370, 2004.- [36] D. Hong, J. Sung, S. Hong, J. Lim, S. Lee, B. Koo, C. Lee, D. Chang, J. Lee, K. Jeong, H. Kim, J. Kim, and S. Chee, "HIGHT: A New Block Cipher Suitable for Low-Resource Device,"
Proc. Workshop Cryptographic Hardware and Embedded Systems (CHES '06), pp. 46-59, 2006.- [37] A. Bogdanov, L. Knudsen, G. Leander, C. Paar, A. Poschmann, M. Robshaw, Y. Seurin, and C. Vikkelsoe, "PRESENT: An Ultra-Lightweight Block Cipher,"
Proc. Workshop Cryptographic Hardware and Embedded Systems (CHES '07), pp. 450-466, 2007.- [38] A. Shamir, "SQUASH-A New MAC with Provable Security Properties for Highly Constrained Devices Such as RFID Tags,"
Proc. Int'l Conf. Fast Software Encryption (FSE '08), pp. 144-157, 2008.- [39] A. Bogdanov, G. Leander, C. Paar, A. Poschmann, M. Robshaw, and Y. Seurin, "Hash Functions and RFID Tags: Mind the Gap,"
Proc. 10th Int'l Workshop Cryptographic Hardware and Embedded Systems (CHES '08), pp. 283-299, 2008.- [40] O. Goldreich,
Foundations of Cryptography. Cambridge Univ., 2001.- [41] S. Goldwasser and S. Micali, "Probabilistic Encryption,"
J. Computer and System Sciences, vol. 28, no. 2, pp. 270-299, 1984.- [42] T. Kohno, J. Viega, and D. Whiting, "CWC: A High-Performance Conventional Authenticated Encryption Mode,"
Proc. Int'l Conf. Fast Software Encryption (FSE '04), pp. 408-426, 2004.- [43] M. Luby and C. Rackoff, "How to Construct Pseudorandom Permutations from Pseudorandom Functions,"
SIAM J. Computing, vol. 17, pp. 373-386, 1988.- [44] M. Bellare, A. Desai, E. Jokipii, and P. Rogaway, "A Concrete Security Treatment of Symmetric Encryption,"
Proc. 38th Ann. Symp. Foundation of Computer Science (FOCS '97), pp. 394-403, 1997.- [45] J. Daemen and V. Rijmen,
The Design of Rijndael: AES - The Advanced Encryption Standard. Springer Verlag, 2002.- [46] S. Schwarz, "The Role of Semigroups in the Elementary Theory of Numbers,"
Math. Slovaca, vol. 31, no. 4, pp. 369-395, 1981.- [47] Z. Liu and D. Peng, "True Random Number Generator in RFID Systems against Traceability,"
Proc. IEEE Consumer Comm. and Networking Conf. (CCNS '06), pp. 620-624, 2006.- [48] D. Holcomb, W. Burleson, and K. Fu, "Power-Up SRAM State as an Identifying Fingerprint and Source of True Random Numbers,"
IEEE Trans. Computers, vol. 58, no. 9, pp. 1198-1210, Sept. 2009.- [49] C. Petrie and J. Connelly, "A Noise-Based IC Random Number Generator for Applications in Cryptography,"
IEEE Trans. Circuits and Systems I: Fundamental Theory and Applications, vol. 47, no. 5, pp. 615-621, May 2000.- [50] S. Callegari, R. Rovatti, and G. Setti, "Embeddable ADC-Based True Random Number Generator for Cryptographic Applications Exploiting Nonlinear Signal Processing and Chaos,"
IEEE Trans. Signal Processing, vol. 53, no. 2, pp. 793-805, Feb. 2005.- [51] J. Nakajima and M. Matsui, "Performance Analysis and Parallel Implementation of Dedicated Hash Functions,"
Proc. Int'l Conf. Theory and Applications of Cryptographic Techniques: Advances in Cryptology (EUROCRYPT), pp. 165-180, 2002.- [52] B. Preneel, "Using Cryptography Well," http://secappdev.org/handouts/2010Bart, 2010.
- [53] J. Großschädl, R. Avanzi, E. Savaş, and S. Tillich, "Energy-Efficient Software Implementation of Long Integer Modular Arithmetic,"
Proc. Seventh Int'l Conf. Cryptographic Hardware and Embedded Systems (CHES '05), pp. 75-90, 2005.- [54] N. Ferguson, D. Whiting, B. Schneier, J. Kelsey, and T. Kohno, "Helix: Fast Encryption and Authentication in a Single Cryptographic Primitive,"
Proc. Int'l Conf. Fast Software Encryption (FSE '03), pp. 330-346, 2003.- [55] D. Whiting, B. Schneier, S. Lucks, and F. Muller, "Phelix-Fast Encryption and Authentication in a Single Cryptographic Primitive, eSTREAM," ECRYPT Stream Cipher Project, Report 2005/020, http://www.ecrypt.eu.orgstream, 2005.
- [56] F. Muller, "Differential Attacks against the Helix Stream Cipher,"
Proc. Int'l Conf. Fast Software Encryption (FSE '04), pp. 94-108, 2004.- [57] H. Wu and B. Preneel, "Differential-Linear Attacks Against the Stream Cipher Phelix,"
Proc. Int'l Conf. Fast Software Encryption (FSE '07), pp. 87-100, 2007.- [58] D. Stinson,
Cryptography: Theory and Practice. CRC, 2006.- [59] M. Bellare and C. Namprempre, "Authenticated Encryption: Relations among Notions and Analysis of the Generic Composition Paradigm,"
J. Cryptology, vol. 21, no. 4, pp. 469-491, 2008.- [60] J. Katz and Y. Lindell,
Introduction to Modern Cryptography. Chapman & Hall/CRC, 2008.- [61] M. Fürer, "Faster Integer Multiplication,"
Proc. ACM Symp. Theory of Computing (STOC '07), p. 66, 2007.- [62] C. Jutla, "Encryption Modes with Almost Free Message Integrity,"
J. Cryptology, vol. 21, no. 4, pp. 547-578, 2008.- [63] P. Rogaway, M. Bellare, and J. Black, "OCB: A Block-Cipher Mode of Operation for Efficient Authenticated Encryption,"
ACM Trans. Information and System Security, vol. 6, no. 3, pp. 365-403, 2003.- [64] A. Menezes, P.V. Oorschot, and S. Vanstone,
Handperiodical of Applied Cryptography. CRC, 1997.- [65] B. Alomair and R. Poovendran, "Efficient Authentication for Mobile and Pervasive Computing,"
Proc. 12th Int'l Conf. Information and Comm. Security (ICICS '10), 2010. |