The Community for Technology Leaders
Green Image
Issue No. 12 - December (2010 vol. 9)
ISSN: 1536-1233
pp: 1666-1681
Hung-Min Sun , National Tsing Hua University, Taiwan
Hsu-Chun Hsiao , Carnegie Mellon University, Pittsburgh
Li-Hsiang Kuo , Academia Sinica, Taiwan
King-Hang Wang , National Tsing Hua University, Taiwan
Yao-Hsin Chen , National Tsing Hua University, Taiwan
Jonathan M. McCune , Carnegie Mellon University, Pittsburgh
Phen-Lan Lin , Providence University, Taiwan
Ahren Studer , Carnegie Mellon University, Pittsburgh
Jason Lee , Carnegie Mellon University, Pittsburgh
Yue-Hsun Lin , National Tsing Hua University, Taiwan
Maxwell Krohn , Carnegie Mellon University, Pittsburgh
Adrian Perrig , Carnegie Mellon University, Pittsburgh
Bo-Yin Yang , Academia Sinica, Taiwan
ABSTRACT
Establishing trust between a group of individuals remains a difficult problem. Prior works assume trusted infrastructure, require an individual to trust unknown entities, or provide relatively low probabilistic guarantees of authenticity (95 percent for realistic settings). This work presents SPATE, a primitive that allows users to establish trust via mobile devices and physical interaction. Once the SPATE protocol runs to completion, its participants' mobile devices have authentic data that their applications can use to interact securely (i.e., the probability of a successful attack is 2^{-24}). For this work, we leverage SPATE as part of a larger system to facilitate efficient, secure, and user-friendly collaboration via e-mail, file-sharing, and text messaging services. Our implementation of SPATE on Nokia N70 smartphones allows users to establish trust in small groups of up to eight users in less than one minute. The example SPATE applications provide increased security with little overhead noticeable to users once keys are established.
INDEX TERMS
Authentication, security, human factors.
CITATION
Hung-Min Sun, Hsu-Chun Hsiao, Li-Hsiang Kuo, King-Hang Wang, Yao-Hsin Chen, Jonathan M. McCune, Phen-Lan Lin, Ahren Studer, Jason Lee, Yue-Hsun Lin, Maxwell Krohn, Adrian Perrig, Bo-Yin Yang, "SPATE: Small-Group PKI-Less Authenticated Trust Establishment", IEEE Transactions on Mobile Computing, vol. 9, no. , pp. 1666-1681, December 2010, doi:10.1109/TMC.2010.150
98 ms
(Ver 3.1 (10032016))