Issue No. 01 - January (2006 vol. 5)
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/TMC.2006.12
Srdjan Capkun , IEEE Computer Society
Jean-Pierre Hubaux , IEEE Computer Society
We propose a straightforward technique to provide peer-to-peer security in mobile networks. We show that far from being a hurdle, mobility can be exploited to set up security associations among users. We leverage on the temporary vicinity of users, during which appropriate cryptographic protocols are run. We illustrate the operation of the solution in two scenarios, both in the framework of mobile ad hoc networks. In the first scenario, we assume the presence of an offline certification authority and we show how mobility helps to set up security associations for secure routing; in this case, the security protocol runs over one-hop radio links. We further show that mobility can be used for the periodic renewal of vital security information (e.g., the distribution of hash chain/Merkle tree roots). In the second scenario, we consider fully self-organized security: Users authenticate each other by visual contact and by the activation of an appropriate secure side channel of their personal device; we show that the process can be fuelled by taking advantage of trusted acquaintances. We then show that the proposed solution is generic: It can be deployed on any mobile network and it can be implemented either with symmetric or with asymmetric cryptography. We provide a performance analysis by studying the behavior of the solution in various scenarios.
Index Terms- Mobile ad hoc networks, network-level security and protection.
J. Hubaux, L. Butty? and S. Capkun, "Mobility Helps Peer-to-Peer Security," in IEEE Transactions on Mobile Computing, vol. 5, no. , pp. 43-51, 2006.