Fichiers

Résumé

We present a set of simple techniques for key establishment over a radio link in peer-to-peer networks. Our approach is based on the Diffie-Hellman key agreement protocol, which is known to be vulnerable to the ``man-in-the-middle" attack if the two users involved in the protocol share no authenticated information about each other (e.g., public keys, certificates, passwords, shared keys, etc.) prior to the protocol execution. In this paper, we show how the users can establish a shared key even if they share no authenticated information in advance; for this purpose, we leverage on the natural ability of users to authenticate each other by visual and verbal contact. Each of our techniques is based on a specific mechanism: (i) visual comparison of short strings, (ii) distance bounding, and (iii) integrity codes; in each case, the users do not need to enter any password or other data, nor do they need physical or infra-red connectivity between their devices. We base our analysis on a well-established methodology, leading us to a rigorous modularization and robustness proof of our proposal.

Détails

Actions

Aperçu