Frequently, communication between two principals reveals their identities and presence to third parties. These privacy breaches can occur even if security protocols are in use; indeed, they may even be caused by security protocols. However, with some care, security protocols can provide authentication for principals that wish to communicate while protecting them from monitoring by third parties. This paper discusses the problem of private authentication and presents two protocols for private authentication of mobile principals. In particular, our protocols allow two mobile principals to communicate when they meet at a location if they wish to do so, without the danger of tracking by third parties. The protocols do not make the (dubious) assumption that the principals share a long-term secret or that they get help from an infrastructure of ubiquitous on-line authorities.
KeywordsAuthentication Protocol Security Protocol Cryptographic Protocol Encrypt Message Broadcast Encryption
Unable to display preview. Download preview PDF.
- 1.Martín Abadi and Andrew D. Gordon. A calculus for cryptographic protocols: The spi calculus. Information and Computation, 148(1):1–70, January 1999. An extended version appeared as Digital Equipment Corporation Systems Research Center report No. 149, January 1998.Google Scholar
- 2.Martín Abadi and Roger Needham. Prudent engineering practice for cryptographic protocols. IEEE Transactions on Software Engineering, 22(1):6–15, January 1996.Google Scholar
- 3.Martín Abadi and Phillip Rogaway. Reconciling two views of cryptography (The computational soundness of formal encryption). In Proceedings of the First IFIP International Conference on Theoretical Computer Science, volume 1872 of Lecture Notes in Computer Science, pages 3–22. Springer-Verlag, August 2000.Google Scholar
- 5.Mihir Bellare, Alexandra Boldyreva, Anand Desai, and David Pointcheval. Anonymous encryption. Unpublished manuscript, 2000.Google Scholar
- 6.V. Bharghavan and C. V. Ramamoorthy. Security issues in mobile communications. In Proceedings of the Second International Symposium on Autonomous Decentralized Systems, pages 19–24, 1995.Google Scholar
- 7.Specification of the Bluetooth system (core, v1.0b). On the Web at http://www.bluetooth.com, December 1, 1999.
- 8.Jan Camenisch and Anna Lysyanskaya. An efficient system for non-transferable anonymous credentials with optional anonymity revocation. In Birgit Pfitzmann, editor, Advances in Cryptology—EUROCRYPT 2001, volume 2045 of Lecture Notes in Computer Science, pages 93–118. Springer-Verlag, 2001.CrossRefGoogle Scholar
- 9.Luca Cardelli. Mobility and security. In F.L. Bauer and R. Steinbrueggen, editors, Foundations of Secure Computation, NATO Science Series, pages 1–37. IOS Press, 2000. Volume for the 20th International Summer School on Foundations of Secure Computation, held in Marktoberdorf, Germany (1999).Google Scholar
- 10.David Chaum. Untraceable electronic mail, return addresses, and digital pseudonyms. Communications of the Association for Computing Machinery, 24(2):84–88, February 1981.Google Scholar
- 11.Dorothy E. Denning and Giovanni Maria Sacco. Timestamps in key distribution protocols. Communications of the ACM, 24(7):533–535, August 1981.Google Scholar
- 12.C. Ellison, B. Frantz, B. Lampson, R. Rivest, B. Thomas, and T. Ylonen. SPKI certificate theory. On the Web at http://www.ietf.cnri.reston.va.us/rfc/rfc2693.txt, September 1999.
- 13.Hannes Federrath, Anja Jerichow, and Andreas Pfitzmann. MIXes in mobile communication systems: Location management with privacy. In Ross J. Anderson, editor, Information hiding: First international workshop, volume 1174 of Lecture Notes in Computer Science, pages 121–135. Springer-Verlag, 1996.Google Scholar
- 14.Alan O. Freier, Philip Karlton, and Paul C. Kocher. The SSL protocol: Version 3.0. On the Web at http://home.netscape.com/newsref/std/SSL.html, March 1996.
- 15.Shafi Goldwasser and Silvio Micali. Probabilistic encryption. Journal of Computer and System Sciences, 28:270–299, April 1984.Google Scholar
- 16.Markus Jakobsson. Privacy vs. Authenticity. PhD thesis, University of California, San Diego, 1997.Google Scholar
- 17.Markus Jakobsson, Kazue Sako, and Russell Impagliazzo. Designated verifier proofs and their applications. In Ueli Maurer, editor, Advances in Cryptology— EUROCRYPT 96, volume 1070 of Lecture Notes in Computer Science, pages 143–154. Springer-Verlag, 1996.Google Scholar
- 19.Hugo Krawczyk. SKEME: A versatile secure key exchange mechanism for internet. In Proceedings of the Internet Society Symposium on Network and Distributed Systems Security, February 1996. Available at http://bilbo.isu.edu/sndss/sndss96.html.
- 20.Butler Lampson, Martín Abadi, Michael Burrows, and Edward Wobber. Authentication in distributed systems: Theory and practice. ACM Transactions on Computer Systems, 10(4):265–310, November 1992.Google Scholar
- 22.Alfred J. Menezes, Paul C. van Oorschot, and Scott A. Vanstone. Handbook of Applied Cryptography. CRC Press, 1996.Google Scholar
- 23.Refik Molva, Didier Samfat, and Gene Tsudik. Authentication of mobile users. IEEE Network, 8(2):26–35, March/April 1994.Google Scholar
- 24.Roger M. Needham and Michael D. Schroeder. Using encryption for authentication in large networks of computers. Communications of the ACM, 21(12):993–999, December 1978.Google Scholar
- 25.L. C. Paulson. The inductive approach to verifying cryptographic protocols. Journal of Computer Security, 6(1–2):85–128, 1998.Google Scholar
- 26.Andreas Pfitzmann and Michael Waidner. Networks without user observability. Computers and Security, 6(2):158–166, April 1987.Google Scholar
- 27.Charles Rackoff and Daniel R. Simon. Cryptographic defense against traffic analysis. In Proceedings of the Twenty-Fifth Annual ACM Symposium on the Theory of Computing, pages 672–681, 1993.Google Scholar
- 28.Michael G. Reed, Paul F. Syverson, and David M. Goldschlag. Protocols using anonymous connections: Mobile applications. In B. Christianson, B. Crispo, M. Lomas, and M. Roe, editors, Security Protocols: 5th International Workshop, volume 1361 of Lecture Notes in Computer Science, pages 13–23. Springer-Verlag, 1997.CrossRefGoogle Scholar
- 30.Didier Samfat, Refik Molva, and N. Asokan. Untraceability in mobile networks. In Proceedings of the First Annual International Conference on Mobile Computing and Networking (MobiCom 1995), pages 26–36, 1995.Google Scholar
- 32.Alex C. Snoeren and Hari Balakrishnan. An end-to-end approach to host mobility. In Proceedings of the Sixth Annual International Conference on Mobile Computing and Networking (MobiCom 2000), pages 155–166, 2000.Google Scholar
- 33.Yongguang Zhang and Wenke Lee. Intrusion detection in wireless ad-hoc networks. In Proceedings of the Sixth Annual ACM/IEEE International Conference on Mobile Computing and Networking (MobiCom 2000), pages 275–283, 2000.Google Scholar