Abstract-The wireless and dynamic nature of mobile ad hoc networks (MANETs) leaves them more vulnerable to security attacks than their wired counterparts. The nodes act both as routers and communication end-points. This makes the network layer more prone to security attacks. A main challenge is to judge whether a routing message originates from a trustworthy node or not. The solution so far is cryptographically signed messages. The general assumption is that nodes are in possession of a valid secret key can be trusted. Consequently, a secure and efficient key management scheme is crucial.Keys are also required for protection of application data. However, the focus here is on network layer management information. Whereas key management schemes for the upper layers can assume an already running network service, schemes for the protection of the network layer cannot. Keys are a prerequisite to bootstrap a protected network service. This paper surveys the state of the art within key management for ad hoc networks, and analyzes their applicability for network layer security. The analysis puts some emphasis on their applicability in scenarios such as emergency and rescue operations as this work was initiated by a study of security in MANETs for emergency and rescue operations. IndexTerms-Ad hoc networks, key management, security, network layer, emergency and rescue operations.
Automatic security protocol analysis is currently feasible only for small protocols. Since larger protocols quite often are composed of many small protocols, compositional analysis is an attractive, but non-trivial approach.We have developed a framework for compositional analysis of a large class of security protocols. The framework is intended to facilitate automatic as well as manual verification of large structured security protocols. Our approach is to verify properties of component protocols in a multi-protocol environment, then deduce properties about the composed protocol. To reduce the complexity of multi-protocol verification, we introduce a notion of protocol independence and prove a number of theorems that enable analysis of independent component protocols in isolation.To illustrate the applicability of our framework to real-world protocols, we study a key establishment sequence in WiMAX consisting of three subprotocols. Except for a small amount of trivial reasoning, the analysis is done using automatic tools.
Chaum, Fiat. and Naor proposed an offline check system [l], which has the advantage that the wirhdrawai and (anonymous) payment of a check are unlinkable. Here we present an improved protocol that saves 91% of the signatures, 41% of the other multiplications, 73% of the divisions, and 33% of the bit transmissions.
Abstract. CAFE ("Conditional Access for Europe") is an ongoing project in the European Community's ESPRIT program. The goal of GAFFE is to develop innovative systems for conditional access, and in particular, digital payment systems. An important aspect of CAFE is high security of all parties concerned, with the least possible requirements that they are forced to trust other parties (so-called multi-party security). This should give legal certainty to everybody at all times. Moreover, both the electronic money issuer and the individual users are less dependent on the tamper-resistance of devices than in usual digital payment systems. Since GAFFE aims at the market of small everyday payments that is currently dominated by cash, payments are offline, and privacy is an important issue.The basic devices used in GAFFE are so-called electronic wallets, whose outlook is quite similar to pocket calculators or PDAs (Personal Digital Assistant). Particular advantages of the electronic wallets are that PINs can be entered directly, so that fake-terminal attacks are prevented. Other features are: 9 Loss tolerance: If a user loses an electronic wallet, or the wallet breaks or is stolen, the user can be given the money back, although it is a prepaid payment system. 9 Different currencies. 9 Open architecture and system. The aim is to demonstrate a set of the systems developed in one or more field trials at the end of the project. Note that these will be real hardware systems, suitable for mass production. This paper concentrates on the basic techniques used in the CAFE protocols.
IMSI Catchers are tracking devices that break the privacy of the subscribers of mobile access networks, with disruptive effects to both the communication services and the trust and credibility of mobile network operators. Recently, we verified that IMSI Catcher attacks are really practical for the state-of-the-art 4G/LTE mobile systems too. Our IMSI Catcher device acquires subscription identities (IMSIs) within an area or location within a few seconds of operation and then denies access of subscribers to the commercial network. Moreover, we demonstrate that these attack devices can be easily built and operated using readily available tools and equipment, and without any programming. We describe our experiments and procedures that are based on commercially available hardware and unmodified open source software.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.