The Community for Technology Leaders
RSS Icon
Subscribe
Orcas Island, WA
Aug. 1, 2005 to Aug. 1, 2005
ISBN: 0-7695-2439-7
pp: 61-68
Anthony J. Nicholson , University of Michigan, USA
Junghee Han , Ohio State University, USA
David Watson , University of Michigan, USA
Brian D. Noble , University of Michigan, USA
ABSTRACT
Despite years of research on security and cryptography, the vast majority of Internet communications are still unencrypted. We argue the blame lies not with users but with the tools they have available to them. Securing a communication channel with encryption is easy - the hard part is distributing keys in the first place. Current solutions rely ultimately on user actions - verification of encryption keys by inspecting either fingerprints or certificates. <p>Instead, we present a model in which keys are established insecurely and automatically confirmed by exchanging cryptographic hashes of the key. To thwart an active attacker, hashes must travel over some path the attacker does not control. To do so, we exploit users? everyday mobility, plus the capabilities of an overlay network, to resend hashes from diverse access points. Initial simulation and field results support our claim that this generates routes sufficiently diverse to foil all but the most powerful attackers, without requiring explicit action on the part of users.</p>
INDEX TERMS
null
CITATION
Anthony J. Nicholson, Junghee Han, David Watson, Brian D. Noble, "Exploiting Mobility for Key Establishment", WMCSA, 2006, Proceedings 2006. 7th IEEE Workshop on Mobile Computing Systems and Applications, Proceedings 2006. 7th IEEE Workshop on Mobile Computing Systems and Applications 2006, pp. 61-68, doi:10.1109/WMCSA.2006.9
14 ms
(Ver 2.0)

Marketing Automation Platform Marketing Automation Tool