Public Key Cryptography Sans Certificates in Ad Hoc Networks

  • Nitesh Saxena
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3989)


Several researchers have proposed the use of threshold cryptographic model to enable secure communication in ad hoc networks without the need of a trusted center. In this model, the system remains secure even in the presence of a certain threshold t of corrupted/malicious nodes.

In this paper, we show how to perform necessary public key operations without node-specific certificates in ad hoc networks. These operations include pair-wise key establishment, signing, and encryption. We achieve this by using Feldman’s verifiable polynomial secret sharing (VSS) as a key distribution scheme and treating the secret shares as the private keys. Unlike in the standard public key cryptography, where entities have independent private/public key pairs, in the proposed scheme the private keys are related (they are points on a polynomial of degree t) and each public key can be computed from the public VSS information and node identifier. We show that such related keys can still be securely used for standard signature and encryption operations (using resp. Schnorr signatures and ElGamal encryption) and for pairwise key establishment, as long as there are no more that t collusions/corruptions in the system.

The proposed usage of shares as private keys can also be viewed as a threshold-tolerant identity-based cryptosystem under standard (discrete logarithm based) assumptions.


Secret Sharing Random Oracle Discrete Logarithm Random Oracle Model Choose Message Attack 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Zhou, L., Haas, Z.J.: Securing Ad Hoc Networks. IEEE Network Magazine 13, 24–30 (1999)CrossRefGoogle Scholar
  2. 2.
    Luo, H., Lu, S.: Ubiquitous and Robust Authentication Services for Ad Hoc Wireless Networks. Technical Report TR-2000, 30, Dept. of Computer Science, UCLA (2000) Available online at:
  3. 3.
    Kong, J., Zerfos, P., Luo, H., Lu, S., Zhang, L.: Providing Robust and Ubiquitous Security Support for MANET. In: IEEE 9th International Conference on Network Protocols (ICNP), pp. 251–260 (2001)Google Scholar
  4. 4.
    Kong, J., Luo, H., Xu, K., Gu, D.L., Gerla, M., Lu, S.: Adaptive Security for Multi-level Ad-hoc Networks. Journal of Wireless Communications and Mobile Computing (WCMC) 2, 533–547 (2002)CrossRefGoogle Scholar
  5. 5.
    Luo, H., Zerfos, P., Kong, J., Lu, S., Zhang, L.: Self-securing Ad Hoc Wireless Networks. In: Seventh IEEE Symposium on Computers and Communications (ISCC 2002) (2002)Google Scholar
  6. 6.
    Narasimha, M., Tsudik, G., Yi, J.H.: On the Utility of Distributed Cryptography in P2P and MANETs: The Case of Membership Control. In: IEEE International Conference on Network Protocol (ICNP), pp. 336–345 (2003)Google Scholar
  7. 7.
    Saxena, N., Tsudik, G., Yi, J.H.: Admission Control in Peer-to-Peer: Design and Performance Evaluation. In: ACM Workshop on Security of Ad Hoc and Sensor Networks (SASN), pp. 104–114 (2003)Google Scholar
  8. 8.
    Saxena, N., Tsudik, G., Yi, J.H.: Identity-based access control for Ad-Hoc groups. In: Park, C.-s., Chee, S. (eds.) ICISC 2004. LNCS, vol. 3506, pp. 362–379. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  9. 9.
    Liu, D., Ning, P.: Establishing Pairwise Keys in Distributed Sensor Networks. In: ACM Conference on Computers and Communication Security, pp. 52–61 (2003)Google Scholar
  10. 10.
    Shamir, A.: How to Share a Secret. Communications of the ACM 22, 612–613 (1979)MathSciNetCrossRefMATHGoogle Scholar
  11. 11.
    Feldman, P.: A Practical Scheme for Non-interactive Verifiable Secret Sharing. In: 28th Symposium on Foundations of Computer Science (FOCS), pp. 427–437 (1987)Google Scholar
  12. 12.
    Saxena, N., Tsudik, G., Yi, J.H.: Efficient node admission for short-lived mobile ad hoc networks. In: International Conference on Networking Protocols (ICNP) (2005)Google Scholar
  13. 13.
    Hu, Y.C., Perrig, A., Johnson, D.B.: Ariadne: A secure on-demand routing protocol for ad hoc networks. In: Proceedings of the Eighth ACM International Conference on Mobile Computing and Networking (Mobicom 2002) (2002)Google Scholar
  14. 14.
    Dahill, B., Levine, B., Royer, E., Shields, C.: A secure routing protocol for ad hoc networks. Technical Report UM-CS-2001-037, University of Massachusetts (2001)Google Scholar
  15. 15.
    Hills, R.: Sensing for danger. Science Technology Report (2001) Available at:
  16. 16.
    Menezes, A.J., van Oorschot, P.C., Vanstone, S.A.: Handbook of applied cryptography. CRC Press series on discrete mathematics and its applications (1997) ISBN 0-8493-8523-7Google Scholar
  17. 17.
    Boneh, D., Franklin, M.: Identity-Based Encryption from the Weil Pairing. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 213–229. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  18. 18.
    Bazzi, R.A., Konjevod, G.: On the establishment of distinct identities in overlay networks. In: Principles of Distributed Computing (PODC) (2005)Google Scholar
  19. 19.
    Bellare, M., Rogaway, P.: Random Oracles are Practical: A Paradigm for Designing Efficient Protocols. In: ACM Conference on Computer and Communications Security, pp. 62–73 (1993)Google Scholar
  20. 20.
    Bellare, M., Rogaway, P.: The Exact Security of Digital Signatures - How to Sign with RSA and Rabin. In: Maurer, U.M. (ed.) EUROCRYPT 1996. LNCS, vol. 1070, pp. 399–416. Springer, Heidelberg (1996)CrossRefGoogle Scholar
  21. 21.
    ElGamal: A public-key cryptosystem and a signature scheme based on discrete logarithms. IEEE Transactions in Information Theory IT-31, 469–472 (1999)MathSciNetMATHGoogle Scholar
  22. 22.
    Schnorr, C.P.: Efficient Signature Generation by Smart Cards. Journal of Cryptology 4, 161–174 (1991)CrossRefMATHGoogle Scholar
  23. 23.
    Pointcheval, D., Stern, J.: Security Proofs for Signature Schemes. In: Maurer, U.M. (ed.) EUROCRYPT 1996. LNCS, vol. 1070, pp. 387–398. Springer, Heidelberg (1996)CrossRefGoogle Scholar
  24. 24.
    Goldwasser, S., Micali, S., Rivest, R.L.: A “paradoxical” solution to the signature problem. In: IEEE Annual Symposium of Foundations of Computer Science (FOCS 1984), pp. 441–448 (1984)Google Scholar
  25. 25.
    Goldwasser, S., Micali, S., Rivest, R.L.: A digital signature scheme secure against adaptive chosen-message attacks. SIAM Journal on Computing 17, 281–308 (1988)MathSciNetCrossRefMATHGoogle Scholar
  26. 26.
    Möller, B.: Algorithms for multi-exponentiation. Selected Areas in Cryptography, 165–180 (2001)Google Scholar
  27. 27.
    Maurer, U.M., Wolf, S.: Diffie-Hellman Oracles. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 268–282. Springer, Heidelberg (1996)Google Scholar
  28. 28.
    Goldwasser, S., Micali, S.: Probabilistic encryption. Journal of Computer and System Sciences 28, 270–299 (1989)MathSciNetCrossRefMATHGoogle Scholar
  29. 29.
    Baudron, O., Pointcheval, D., Stern, J.: Extended Notions of Security for Multicast Public Key Cryptosystems. In: Welzl, E., Montanari, U., Rolim, J.D.P. (eds.) ICALP 2000. LNCS, vol. 1853, pp. 499–511. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  30. 30.
    Bellare, M., Boldyreva, A., Micali, S.: Public-Key Encryption in a Multi-user Setting: Security Proofs and Improvements. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 259–274. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  31. 31.
    Bellare, M., Boldyreva, A., Palacio, A.: An uninstantiable random-oracle-model scheme for a hybrid-encryption problem. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 171–188. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  32. 32.
    Fujisaki, E., Okamoto, T.: Secure Integration of Asymmetric and Symmetric Encryption Schemes. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 537–554. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  33. 33.
    Cha, J., Cheon, J.: An Identity-Based Signature from Gap Diffie-Hellman Groups. In: Desmedt, Y.G. (ed.) PKC 2003. LNCS, vol. 2567, pp. 18–30. Springer, Heidelberg (2002)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Nitesh Saxena
    • 1
  1. 1.School of Information and Computer ScienceUniversity of CaliforniaIrvineUSA

Personalised recommendations