Abstract
This article presents an efficient public-key protocol for mutual authentication and key exchange designed for third generation mobile communications systems. The paper also demonstrates how a micropayment scheme can be integrated into the authentication protocol; this payment protocol allows for the provision of incontestable charging. The problem of establishing authenticated public keys through cross-certification is addressed.
F.W.O. postdoctoral researcher, sponsored by the Fund for Scientific Research, Flanders (Belgium).
Chapter PDF
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
R. Anderson, H. Manifavas, C. Sutherland. “A practical electronic cash system.” Available from http://www.cl.cam.ac.uk/users/rja14/
A. Aziz, W. Diffie, “Privacy and Authentication for Wireless Local Area Networks,” IEEE Personal Communications, 1st Q 1994, pp. 25–31.
M.J. Beller, Y. Yacobi, “Authentication and key agreement protocol for PCS,” Joint experts meeting on privacy and authentication for PCS, P&A JEM/93012, Nov. 8, 1993.
W. Diffie, M.E. Hellman, “New directions in cryptography,” IEEE Trans. on Information Theory, Vol. IT-22, No. 6, 1976, pp. 644–654.
W. Diffie, P. van Oorschot, M. Wiener, “Authentication and authenticated key exchanges,” Design, Codes and Cryptography, Vol. 2, 1992, pp. 107–125.
H. Dobbertin, A. Bosselaers, B. Preneel, “RIPEMD-160: a strengthened version of RIPEMD,” Fast Software Encryption, LNCS 1039, D. Gollmann, Ed., Springer-Verlag, 1996, pp. 71–82.
T. ElGamal, “A public key cryptosystem and a signature scheme based on discrete logarithms,” IEEE Trans. on Information Theory, Vol. IT-31, No. 4, 1985, pp. 469–472.
ETSI ETS GSM 02.09, “European Digital Cellular Telecommunications System (Phase 2); Security Aspects,” Version 4.2.4, September 1994.
ETSI ETS 300175-7, “DECT Common Interface, Part 7: Security Features,” October 1992.
ETSI ETR 33.20, “Security Principles for the Universal Mobile Telecommunications System (UMTS),” Draft 1, 1997.
ETSI SMG SG DOC 73/95, “A public key based protocol for UMTS providing mutual authentication and key agreement”.
FIPS 180-1, “Secure Hash Standard,” Federal Information Processing Standard (FIPS), Publication 180-1, National Institute of Standards and Technology, US Department of Commerce, Washington D.C., April 1995.
R. Hauser, M. Steiner, M. Waidner, “Micro-payments based on iKP,” Presented at SECURICOM 96. Available from http://www.zurich.ibm.com.
ISO/IEC 9796-2, “Information technology — Security techniques — Digital signature schemes giving message recovery, Part 2: Mechanisms using a hash-function,“ 1997.
ISO/IEC 10118, “Information technology — Security techniques — Hash-functions, Part 1: General,” 1994, “Part 2: Hash-functions using an n-bit block cipher algorithm,” 1994, “Part 3: Dedicated hash-functions,” 1998.
ISO/IEC 11770-3, “Information technology — Security techniques — Key man-agement, Part 3: Mechanisms using asymmetric techniques,” 1997.
ISO/IEC FCD 14888-3, “Information technology — Security techniques — Digital signature with appendix, Part 3: Certificate-based mechanisms”, 1997.
ITU-T Recommendations X.509, “Authentication Framework,” Geneva 1989.
ITU, “Security Principles for Future Public Land Mobile Telecommunication Systems,” Rec. ITU-R M. 1078.
C.S. Jutla, M. Yung, “Paytree: amortised-signature for flexible micropayments,” Proc. of Second USENIX Association Workshop on Electronic Commerce, November 1996, pp. 213–221.
L.R. Knudsen, B. Preneel, “One-way functions for tick payments,” in preparation.
L. Lamport, “Password authentication with insecure communication,” Communications of the ACM, Vol. 24, 1981, pp. 770–772.
H. Lin, L. Harn, “Authentication in Wireless Communications,” Proc. GLOBECOM 1993.
K.M. Martin, B. Preneel, C.J. Mitchell, H.J. Hitz, G. Horn, A. Poliakova, P. Howard, “Secure billing for mobile information services in UMTS,” Proc. IS&N’98, to appear.
A. Menezes, “Elliptic Curve Public Key Cryptosystems”, Kluwer Academic Publishers, Boston, 1993.
A. Menezes, P. van Oorschot, S. Vanstone, “Handbook of Applied Cryptography”, CRC Press, Boca Raton, 1997.
T. Pedersen, “Electronic payments of small amounts,” Security Protocols, LCNS 1361, M. Lomas, Ed., Springer-Verlag, 1997, pp. 59–68. See also DAIMI PB-495, Computer Science Department, Aarhus University, August 1995.
R.L. Rivest, A. Shamir, “PayWord and MicroMint: two simple micropayment schemes,” Security Protocols, LCNS 1361, M. Lomas, Ed., Springer-Verlag, 1997, pp. 69–87.
R. Rueppel, P. van Oorschot, “Modern key agreement techniques,” Computer Comm., Vol. 17, No. 7, July 1994.
UMTS Forum, “A regulatory framework for UMTS,” Report no. 1, 1997.
M. Wiener, “Performance comparisons of public-key cryptosystems,” Presented at the 1998 RSA Data Security Conference, San Francisco, January 12–16, 1998.
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 1998 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Horn, G., Preneel, B. (1998). Authentication and payment in future mobile systems. In: Quisquater, JJ., Deswarte, Y., Meadows, C., Gollmann, D. (eds) Computer Security — ESORICS 98. ESORICS 1998. Lecture Notes in Computer Science, vol 1485. Springer, Berlin, Heidelberg. https://doi.org/10.1007/BFb0055870
Download citation
DOI: https://doi.org/10.1007/BFb0055870
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-65004-1
Online ISBN: 978-3-540-49784-4
eBook Packages: Springer Book Archive