{"title":"ZeroProKeS:用于大规模低成本应用的安全零配置密钥建立协议","authors":"S. K. Sakib, G. Amariucai, Yong Guan","doi":"10.1109/TDSC.2022.3207927","DOIUrl":null,"url":null,"abstract":"Traditional approaches to authenticated key establishment include the use of PKI or trusted third parties. While certificate deployment is sub-optimal for large-scale, low-cost applications, the use of trusted third parties is subject to human error and leaked credentials. For this context, co-location can be a valuable resource, and it is often exploited through common randomness harvesting techniques, but these, in turn, suffer from low achievable rates and usually from restrictive assumptions about the environment. Recent techniques for exploiting co-location are based on the notion of quality time and rely on sophisticated throttled clue-issuing mechanisms that allow a device with enough time to spend in the vicinity of the transmitter to find a secret key by collecting enough consecutive clues. By contrast, attackers are afforded only limited time to listen to, or interact with, the clue transmitter. Previous work in this direction deals solely with passive attackers and uses high-overhead information throttling mechanisms. This paper introduces the active attacker model for the quality-time paradigm and proposes a simple solution, a Zeroconf Key Establishment Protocol (ZeroProKeS). Additionally, the paper shows how to efficiently expand the proposed protocol to adhere to any customized information transfer function between legitimate users.","PeriodicalId":13047,"journal":{"name":"IEEE Transactions on Dependable and Secure Computing","volume":"20 1","pages":"3636-3652"},"PeriodicalIF":7.0000,"publicationDate":"2023-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"ZeroProKeS: A Secure Zeroconf Key Establishment Protocol for Large-Scale Low-Cost Applications\",\"authors\":\"S. K. Sakib, G. Amariucai, Yong Guan\",\"doi\":\"10.1109/TDSC.2022.3207927\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Traditional approaches to authenticated key establishment include the use of PKI or trusted third parties. While certificate deployment is sub-optimal for large-scale, low-cost applications, the use of trusted third parties is subject to human error and leaked credentials. For this context, co-location can be a valuable resource, and it is often exploited through common randomness harvesting techniques, but these, in turn, suffer from low achievable rates and usually from restrictive assumptions about the environment. Recent techniques for exploiting co-location are based on the notion of quality time and rely on sophisticated throttled clue-issuing mechanisms that allow a device with enough time to spend in the vicinity of the transmitter to find a secret key by collecting enough consecutive clues. By contrast, attackers are afforded only limited time to listen to, or interact with, the clue transmitter. Previous work in this direction deals solely with passive attackers and uses high-overhead information throttling mechanisms. This paper introduces the active attacker model for the quality-time paradigm and proposes a simple solution, a Zeroconf Key Establishment Protocol (ZeroProKeS). Additionally, the paper shows how to efficiently expand the proposed protocol to adhere to any customized information transfer function between legitimate users.\",\"PeriodicalId\":13047,\"journal\":{\"name\":\"IEEE Transactions on Dependable and Secure Computing\",\"volume\":\"20 1\",\"pages\":\"3636-3652\"},\"PeriodicalIF\":7.0000,\"publicationDate\":\"2023-09-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"IEEE Transactions on Dependable and Secure Computing\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://doi.org/10.1109/TDSC.2022.3207927\",\"RegionNum\":2,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Transactions on Dependable and Secure Computing","FirstCategoryId":"94","ListUrlMain":"https://doi.org/10.1109/TDSC.2022.3207927","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE","Score":null,"Total":0}
ZeroProKeS: A Secure Zeroconf Key Establishment Protocol for Large-Scale Low-Cost Applications
Traditional approaches to authenticated key establishment include the use of PKI or trusted third parties. While certificate deployment is sub-optimal for large-scale, low-cost applications, the use of trusted third parties is subject to human error and leaked credentials. For this context, co-location can be a valuable resource, and it is often exploited through common randomness harvesting techniques, but these, in turn, suffer from low achievable rates and usually from restrictive assumptions about the environment. Recent techniques for exploiting co-location are based on the notion of quality time and rely on sophisticated throttled clue-issuing mechanisms that allow a device with enough time to spend in the vicinity of the transmitter to find a secret key by collecting enough consecutive clues. By contrast, attackers are afforded only limited time to listen to, or interact with, the clue transmitter. Previous work in this direction deals solely with passive attackers and uses high-overhead information throttling mechanisms. This paper introduces the active attacker model for the quality-time paradigm and proposes a simple solution, a Zeroconf Key Establishment Protocol (ZeroProKeS). Additionally, the paper shows how to efficiently expand the proposed protocol to adhere to any customized information transfer function between legitimate users.
期刊介绍:
The "IEEE Transactions on Dependable and Secure Computing (TDSC)" is a prestigious journal that publishes high-quality, peer-reviewed research in the field of computer science, specifically targeting the development of dependable and secure computing systems and networks. This journal is dedicated to exploring the fundamental principles, methodologies, and mechanisms that enable the design, modeling, and evaluation of systems that meet the required levels of reliability, security, and performance.
The scope of TDSC includes research on measurement, modeling, and simulation techniques that contribute to the understanding and improvement of system performance under various constraints. It also covers the foundations necessary for the joint evaluation, verification, and design of systems that balance performance, security, and dependability.
By publishing archival research results, TDSC aims to provide a valuable resource for researchers, engineers, and practitioners working in the areas of cybersecurity, fault tolerance, and system reliability. The journal's focus on cutting-edge research ensures that it remains at the forefront of advancements in the field, promoting the development of technologies that are critical for the functioning of modern, complex systems.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
