The Community for Technology Leaders
RSS Icon
Issue No.12 - December (2010 vol.9)
pp: 1666-1681
Yue-Hsun Lin , National Tsing Hua University, Taiwan
Ahren Studer , Carnegie Mellon University, Pittsburgh
Yao-Hsin Chen , National Tsing Hua University, Taiwan
Hsu-Chun Hsiao , Carnegie Mellon University, Pittsburgh
Li-Hsiang Kuo , Academia Sinica, Taiwan
Jason Lee , Carnegie Mellon University, Pittsburgh
Jonathan M. McCune , Carnegie Mellon University, Pittsburgh
King-Hang Wang , National Tsing Hua University, Taiwan
Maxwell Krohn , Carnegie Mellon University, Pittsburgh
Phen-Lan Lin , Providence University, Taiwan
Adrian Perrig , Carnegie Mellon University, Pittsburgh
Hung-Min Sun , National Tsing Hua University, Taiwan
Bo-Yin Yang , Academia Sinica, Taiwan
Establishing trust between a group of individuals remains a difficult problem. Prior works assume trusted infrastructure, require an individual to trust unknown entities, or provide relatively low probabilistic guarantees of authenticity (95 percent for realistic settings). This work presents SPATE, a primitive that allows users to establish trust via mobile devices and physical interaction. Once the SPATE protocol runs to completion, its participants' mobile devices have authentic data that their applications can use to interact securely (i.e., the probability of a successful attack is 2^{-24}). For this work, we leverage SPATE as part of a larger system to facilitate efficient, secure, and user-friendly collaboration via e-mail, file-sharing, and text messaging services. Our implementation of SPATE on Nokia N70 smartphones allows users to establish trust in small groups of up to eight users in less than one minute. The example SPATE applications provide increased security with little overhead noticeable to users once keys are established.
Authentication, security, human factors.
Yue-Hsun Lin, Ahren Studer, Yao-Hsin Chen, Hsu-Chun Hsiao, Li-Hsiang Kuo, Jason Lee, Jonathan M. McCune, King-Hang Wang, Maxwell Krohn, Phen-Lan Lin, Adrian Perrig, Hung-Min Sun, Bo-Yin Yang, "SPATE: Small-Group PKI-Less Authenticated Trust Establishment", IEEE Transactions on Mobile Computing, vol.9, no. 12, pp. 1666-1681, December 2010, doi:10.1109/TMC.2010.150
[1] A. Whitten and J. Tygar, “Why Johnny Can't Encrypt,” Proc. USENIX Security Symp., Aug. 1999.
[2] S. Sheng, L. Broderick, J. Hyland, and C. Koranda, “Why Johnny Still Can't Encrypt: Evaluating the Usability of Email Encryption Software,” Proc. Symp. Usable Privacy and Security, 2006.
[3] S. Gaw, E.W. Felten, and P. Fernandez-Kelly, “Secrecy, Flagging, and Paranoia: Adoption Criteria in Encrypted Email,” Proc. SIGCHI Conf. Human Factors in Computing Systems, pp. 591-600, 2006.
[4] N.S. Good and A. Krekelberg, “Usability and Privacy: A Study of Kazaa P2P File-Sharing,” Proc. SIGCHI Conf. Human Factors in Computing Systems (CHI '03), 2003.
[5] C. Castelluccia and P. Mutaf, “Shake Them Up! A Movement-Based Pairing Protocol for CPU-Constrained Devices,” Proc. ACM/Usenix MobiSys, 2005.
[6] J. Lester, B. Hannaford, and B. Gaetano, “Are You with Me?—Using Accelerometers to Determine if Two Devices are Carried by the Same Person,” Proc. Second Int'l Conf. Pervasive Computing, 2004.
[7] C. Soriente, G. Tsudik, and E. Uzun, “BEDA: Button-Enabled Device Association,” Proc. Int'l Workshop Security for Spontaneous Interaction (IWSSI), 2007.
[8] J.M. McCune, A. Perrig, and M.K. Reiter, “Seeing-Is-Believing: Using Camera Phones for Human-Verifiable Authentication,” Proc. IEEE Symp. Security and Privacy, May 2005.
[9] C. Soriente, G. Tsudik, and E. Uzun, “HAPADEP: Human Assisted Pure Audio Device Pairing,” Proc. Information Security Conf. (ISC), Sept. 2007.
[10] C. Ellison and S. Dohrmann, “Public-Key Support for Group Collaboration,” ACM Trans. Information and System Security, vol. 6, no. 4, pp. 547-565, 2003.
[11] A. Perrig and D. Song, “Hash Visualization: A New Technique to Improve Real-World Security,” Proc. Int'l Workshop Cryptographic Techniques and E-Commerce (CrypTEC '99), M. Blum and C. H. Lee, eds., pp. 131-138, Jul. 1999.
[12] M. Burmester and Y. Desmedt, “Efficient and Secure Conference Key Distribution,” Proc. Int'l Workshop Security Protocols, pp. 119-129, Apr. 1997.
[13] S. Capkun, J.-P. Hubaux, and L. Buttyan, “Mobility Helps Security in Ad Hoc Networks,” Proc. ACM MobiHoc, 2003.
[14] M. Just and S. Vaudenay, “Authenticated Multi-Party Key Agreement,” Proc. Advances in Cryptology (ASIACRYPT), pp. 36-49, 1996.
[15] Y. Kim, A. Perrig, and G. Tsudik, “Simple and Fault-Tolerant Key Agreement for Dynamic Collaborative Groups,” Proc. ACM Conf. Computer and Comm. Security (CCS), pp. 235-244, Nov. 2000.
[16] D. Steer, L. Strawczynski, W. Diffie, and M. Wiener, “A Secure Audio Teleconference System,” Proc. Advances in Cryptology (Crypto '90), pp. 520-528, 1990.
[17] M. Steiner, G. Tsudik, and M. Waidner, “Key Agreement in Dynamic Peer Groups,” IEEE Trans. Parallel and Distributed Systems, vol. 11, no. 8, pp. 769-780, Aug. 2000.
[18] W.-G. Tzeng and Z. Tzeng, “Round-Efficient Conference-Key Agreement Protocols with Provable Security,” Proc. Advances in Cryptology (ASIACRYPT), pp. 614-628, 2000.
[19] V.A. Brennen, “The Keysigning Party HOWTO,” http://cryptnet. net/fdp/crypto/keysigning_party/ enkeysigning_party.html, Jan. 2008.
[20] N. Asokan and P. Ginzboorg, “Key-Agreement in Ad-Hoc Networks,” Computer Comm., vol. 23, no. 17, pp. 1627-1637, Nov. 2000.
[21] D. Balfanz, D.K. Smetters, P. Stewart, and H.C. Wong, “Talking to Strangers: Authentication in Ad-Hoc Wireless Networks,” Proc. Ninth Ann. Network and Distributed System Security Symp. (NDSS), 2002.
[22] M. Cagalj, S. Capkun, and J.-P. Hubaux, “Key Agreement in Peer-to-Peer Wireless Networks,” Proc. IEEE, special issue on cryptography, vol. 94, no. 2, pp. 467-478, Feb. 2006.
[23] NFC Forum, “NFC Forum: Specifications,” http://www.nfc- forum.orgspecs, 2010.
[24] F. Stajano and R.J. Anderson, “The Resurrecting Duckling: Security Issues for Ad-Hoc Wireless Networks,” Proc. Security Protocols Workshop, pp. 172-194, 1999.
[25] E. Uzun, K. Karvonen, and N. Asokan, “Usability Analysis of Secure Pairing Methods,” Proc. Int'l Conf. Usable Security (USEC), Feb. 2007.
[26] C.-H.O. Chen, C.-W. Chen, C. Kuo, Y.-H. Lai, J.M. McCune, A. Studer, A. Perrig, B.-Y. Yang, and T.-C. Wu, “GAnGS: Gather Authenticate 'n Group Securely,” Proc. ACM MobiCom, Sept. 2008.
[27] C. Kuo, “Reduction of End User Errors in the Design of Scalable, Secure Communication,” PhD dissertation, Carnegie Mellon Univ., 2008.
[28] J. Linksky et al., “Simple Pairing Whitepaper, Revision v10r00,” 0SimplePairing_WP_V10r00.pdf , Aug. 2006.
[29] S. Laur and K. Nyberg, “Efficient Mutual Data Authentication Using Manually Authenticated Strings,” Proc. Cryptology and Network Security (CANS), pp. 90-107, 2006.
[30] “Wi-Fi Protected Setup Specification,” WiFi Alliance Document, 2007.
[31] B. Ford, J. Strauss, C. Lesniewski-Laas, S. Rhea, F. Kaashoek, and R. Morris, “Persistent Personal Names for Globally Connected Mobile Devices,” Proc. Seventh USENIX Symp. Operating Systems Design and Implementation (OSDI), Nov. 2006.
[32] M.T. Goodrich, M. Sirivianos, J. Solis, G. Tsudik, and E. Uzun, “Loud and Clear: Human-Verifiable Authentication Based on Audio,” Proc. Int'l Conf. Distributed Computing (ICDCS), p. 10, 2006.
[33] C. Glasbey, G. van der Heijden, V.F.K. Toh, and A. Gray, “Colour Displays for Categorical Images,” Color Research and Application, vol. 32, no. 4, pp. 304-309, June 2007.
[34] S. Vaudenay, “Secure Communications over Insecure Channels Based on Short Authenticated Strings,” Proc. Advances in Cryptology (Crypto), pp. 309-326, 2005.
[35] L.E. Holmquist, F. Mattern, B. Schiele, P. Alahuhta, M. Beigl, and H.-W. Gellersen, “Smart-Its Friends: A Technique for Users to Easily Establish Connections between Smart Artefacts,” Proc. Int'l Symp. Ubiquitous Computing (Ubicomp), 2001.
[36] J. Valkonen, N. Asokan, and K. Nyberg, “Ad Hoc Security Associations for Groups,” Proc. Security and Privacy in Ad-Hoc and Sensor Networks (ESAS), pp. 150-164, 2006.
[37] M. Abdalla, E. Bresson, O. Chevassut, and D. Pointcheval, “Password-Based Group Key Exchange in a Constant Number of Rounds,” Proc. Public Key Cryptography (PKC), pp. 427-442, 2006.
[38] A. Shamir, “Identity-Based Cryptosystems and Signature Schemes,” Proc. Advances in Cryptology, pp. 47-53, 1984.
[39] D. Boneh and M. Franklin, “Identity-Based Encryption from the Weil Pairing,” Proc. Advances in Cryptology (CRYPTO '01), pp. 213-229, 2001.
[40] S.N. Foley and J. Jacob, “Specifying Security for CSCW Systems,” Proc. Eighth IEEE Workshop Computer Security Foundations, 1995.
[41] M. Blum, “Coin Flipping by Telephone,” Proc. Advances in Cryptography, pp. 11-15, Aug. 1982.
[42] M. Jakobsson, “Issues in Security and Privacy,” Lecture Slides, i400, 2006.
[43] Y.-H. Lin, A. Studer, H.-C. Hsiao, J.M. McCune, K.-H. Wang, M. Krohn, P.-L. Lin, A. Perrig, H.-M. Sun, and B.-Y. Yang, “SPATE: Small-Group PKI-Less Authenticated Trust Establishment,” Proc. ACM MobiSys, June 2009.
[44] T. Howes and M. Smith, “A MIME Content-Type for Directory Information,” IETF RFC 2425, Sept. 1998.
[45] Mozilla, “Thunderbird 2,”, Dec. 2008.
[46] B. Cohen, “Bittorrent,” http:/, Apr. 2001.
[47] D. Houston and A. Ferdowsi, “Dropbox,” https:/www.getdrop, Sept. 2008.
[48] N. Zennström, J. Friis, and P. Kasesalu, “KaZaA Media Desktop,” http:/, Mar. 2001.
[49] M. Szeredi, “SSH Filesystem,” http://fuse.sourceforge.netsshfs. html, Jan. 2005.
[50] MDA: Mobile Data Assoc., “The Q1 2008 UK Mobile Trends Report,” http://www.swiftcrm.netMDA_Q1_2008_UK_mobile_ report.pdf , 2009.
[51] A. Grillo, A. Lentini, G. Me, and G.F. Italiano, “Transaction Oriented Text Messaging with Trusted-SMS,” Proc. Ann. Computer Security Applications Conf., pp. 485-494, 2008.
[52] Kryptext, “Kryptext—Offers Software to Encrypt SMS Text Messages from Mobile to PC,” http:/, 2010.
[53] CryptoSMS, “CryptoSMS—Protecting Your Confidential SMS Messages,” http:/, 2008.
[54] D. Scott, R. Sharp, A. Madhavapeddy, and E. Upton, “Using Visual Tags to Bypass Bluetooth Device Discovery,” ACM Mobile Computer Comm. Rev., vol. 9, no. 1, pp. 41-53, Jan. 2005.
[55] M. Rohs and B. Gfeller, “Using Camera-Equipped Mobile Phones for Interacting with Real-World Objects,” Proc. Advances in Pervasive Computing, pp. 265-271, Apr. 2004.
[56] M.J. Cox and R.S. Engelschall, “OpenSSL: Open Source Toolkit Implementing for SSL/TLS,” http:/, May 1999.
[57] B. Ramsdell, “Secure/Multipurpose Internet Mail Extensions (S/MIME) Version 3.1 Message Specification,” IETF RFC 3851, July 2004.
[58] “Scponly,” http://sublimation.orgscponly, 2009.
[59] M. Bellare and C. Namprempre, “Authenticated Encryption: Relations Among Notions and Analysis of the Generic Composition Paradigm,” Proc. Advances in Cryptology (ASIACRYPT '00), pp.531-545, 2000.
[60] H. Krawczyk, “The Order of Encryption and Authentication for Protecting Communications (Or: How Secure is SSL?),” Proc. Advances in Cryptology (CRYPTO '01), pp. 310-331, 2001.
13 ms
(Ver 2.0)

Marketing Automation Platform Marketing Automation Tool