Bootstrapping multi-party ad-hoc security

  • Authors:

  • Sadie Creese;Michael Goldsmith;Bill Roscoe;Ming Xiao

  • Affiliations:

  • QinetiQ, Malvern, UK;Formal Systems (Europe) Ltd, Oxford, UK and Worcester College, Oxford, UK;Oxford University Computing Laboratory, Oxford, UK;Oxford University

  • Venue:
  • Proceedings of the 2006 ACM symposium on Applied computing
  • Year:
  • 2006

Quantified Score

Hi-index 0.00

Visualization

Abstract

In pervasive-computing scenarios users may wish to achieve some degree of security in their interaction with other people or equipment, in contexts where they cannot be confident of the others' long-term identities and where there may be no reliable PKI. We examine the problem of bootstrapping security in an ad-hoc network formed by a group of users.In [4] a number of protocols using low-bandwidth channels involving the human agent(s) "in the loop" to bootstrap secure communication over an untrusted infrastructure were presented, the point being that the attacker's powers are more limited with regard to these empirical channels in one or more respects than in the standard Dolev-Yao view. The two-party protocols proved easy to verify [3] (relative to those weakened powers) by adapting the CSP/FDR-based approach of Casper[9], but the multi-party network-formation protocol (based on a combination of low bandwidth non-forgeable channels and an ordinary Dolev-Yao communication medium) proved more problematic.Addressing the verification of this protocol [11] led to consideration of a number of simplified variants, which appear interesting in their own right.