SafeSlinger: Easy-to-use and secure public-key exchange

Proceedings of the Annual International Conference on Mobile Computing and Networking, MOBICOM

Volumn , Issue , 2013, Pages 417-428

  Farb, Michael ^a   Lin, Yue Hsun ^a   Kim, Tiffany Hyun Jin ^a   Mccune, Jonathan ^b   Perrig, Adrian ^c  

^a Carnegie Mellon CyLab Japan   (Japan)

^b GOOGLE INC   (United States)

^c ETH ZURICH   (Switzerland)

Author keywords

Secure communication; Security privacy; Trust establishment

Indexed keywords

DESIGN AND IMPLEMENTATIONS; FILE EXCHANGE; INSTANT MESSAGES; LEAP OF FAITHS; ON-LINE COMMUNICATION; SECURE CHANNELS; SECURE COMMUNICATIONS; TRUST ESTABLISHMENT;

COMMUNICATION;

MOBILE COMPUTING;

EID: 84887099940     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/2500423.2500428     Document Type: Conference Paper

References (37)

1. M. Abdalla, E. Bresson, O. Chevassut, and D. Pointcheval. Password-based group key exchange in a constant number of rounds. In Public Key Cryptography, pages 427-442, 2006.
2. N. Asokan and P. Ginzboorg. Key-agreement in ad-hoc networks. Computer Communications, 23(17):1627-1637, Nov. 2000.
3. D. Balfanz, D. K. Smetters, P. Stewart, and H. C. Wong. Talking to strangers: Authentication in ad-hoc wireless networks. In Proceedings of the 9th Annual Network and Distributed System Security Symposium (NDSS), 2002.
4. G. Bertoni, J. Daemen, M. Peeters, and G. V. Assche. The keccak sponge function family. http://keccak.noekeon.org.
5. N. Borisov, I. Goldberg, and E. Brewer. Off-the-record communication, or, why not to use PGP. In Proceedings of ACM Workshop on Privacy in the Electronic Society, pages 77-84. ACM, 2004.
6. V. A. Brennen. The Keysigning Party HOWTO. http://rhonda.deb.at/projects/ gpg-party/gpg-party.en.htmll Jan. 2008.
7. Bump technologies. http://bu.mp/.
8. M. Cagalj, S. Capkun, and J.-P. Hubaux. Key agreement in peer-to-peer wireless networks. IEEE (Special Issue on Cryptography), 94:467-478, 2006.
9. C. Castelluccia and P. Mutaf. Shake Them Up! A movement-based pairing protocol for CPU-constrained devices. In Proceedings of ACM/Usenix MobiSys, 2005.
10. C.-H. O. Chen, C.-W. Chen, C. Kuo, Y.-H. Lai, J. M. McCune, A. Studer, A. Perrig, B.-Y. Yang, and T.-C. Wu. GAnGS: Gather authenticate 'n group securely. In Proceedings of ACM MobiCom, Sept. 2008.
11. W. Diffie and M. Hellman. New directions in cryptography. IEEE Transactions on Information Theory, 22(6):644-654, Nov. 1976.
12. J. R. Douceur. The Sybil attack. In First International Workshop on Peer-to-Peer Systems (IPTPS), Mar. 2002.
13. L. E. Holmquist, F. Mattern, B. Schiele, P. Alahuhta, M. Beigl, and H.-W. Gellersen. Smart-its friends: A technique for users to easily establish connections between smart artefacts. In Proceedings of Ubicomp, 2001.
14. Y. Kim, A. Perrig, and G. Tsudik. Group key agreement efficient in communication. IEEE Transactions on Computers, 53(7):905-921, July 2004.
15. Y. Kim, A. Perrig, and G. Tsudik. Tree-based group key agreement. ACM Transactions on Information Systems Security, 7(1):60-96, May 2004.
16. C. Kuo, A. Studer, and A. Perrig. Mind your manners: Socially appropriate wireless key establishment for groups. Proceedings of First ACM WiSec, Mar. 2008.
17. S. Laur, N. Asokan, and K. Nyberg. Efficient mutual data authentication using manually authenticated strings. Cryptology ePrint Archive, Nov. 2005.
18. S. Laur and K. Nyberg. Efficient mutual data authentication using manually authenticated strings. In Cryptology and Network Security (CANS), pages 90-107, 2006.
19. S. Laur and S. Pasini. Sas-based group authentication and key agreement protocols. In Proceedings of Public Key Cryptography, 2008.
20. J. Lester, B. Hannaford, and B. Gaetano. Are you with me? - Using accelerometers to determine if two devices are carried by the same person. In Proceedings of Pervasive, 2004.
21. Y.-H. Lin, A. Studer, H.-C. Hsiao, J. M. McCune, K.-H. Wang, M. Krohn, P.-L. Lin, A. Perrig, H.-M. Sun, and B.-Y. Yang. SPATE: Small-group PKI-less authenticated trust establishment. In Proceedings of ACM/Usenix MobiSys, June 2009.
22. Linksky, J. et al. Simple Pairing Whitepaper, revision v10r00. http://www.bluetooth.com/NR/rdonlyres/0A0B3F36-D15F-4470-85A6-F2CCFA26F70F/0/ SimplePairing-WP-V10r00.pdf, Aug. 2006.
23. M. Marlinspike. Breaking SSL with null characters. In Presented at Black Hat, 2009.
24. R. C. Merkle. A digital signature based on a conventional encryption function. In Advances in Cryptology (Crypto), pages 369-378, 1987.
25. G. Mezzour, A. Studer, M. Farb, J. Lee, J. McCune, H.-C. Hsiao, and A. Perrig. Ho-Po Key: Leveraging physical constraints on human motion to authentically exchange information in a group. Technical Report CMU-CyLab-11-004, CyLab, Carnegie Mellon University, Dec. 2010.
26. R. Nithyanand, N. Saxena, G. Tsudik, and E. Uzun. Groupthink: Usability of secure group association for wireless devices. In Proceedings of Ubicomp, Sept. 2010.
27. Silent Circle Co. Silent circle - global encrypted communications service. https://silentcircle.com, Sep. 2008.
28. C. Soghoian and S. Stamm. Certified lies: Detecting and defeating government interception attacks against SSL. In Proceedings of the Privacy Enhancing Technologies Symposium (PETS), July 2010.
29. F. Stajano and R. J. Anderson. The resurrecting duckling: Security issues for ad-hoc wireless networks. In Security Protocols Workshop, pages 172-194, 1999.
30. D. Steer, L. Strawczynski, W. Diffie, and M. Wiener. A Secure Audio Teleconference System. In Advances in Cryptology (Crypto), 1988.
31. M. Steiner, G. Tsudik, and M. Waidner. Key Agreement in Dynamic Peer Groups. IEEE Transactions on Parallel and Distributed Systems, 11(8):769-780, Aug. 2000.
32. A. Studer, T. Passaro, and L. Bauer. Don't bump, shake on it: The exploitation of a popular accelerometer-based smart phone exchange and its secure replacement. In Proceedings of ACSAC, 2011.
33. Tor Project Team. https://www.torproject.org, Dec. 2007.
34. J. Valkonen, N. Asokan, and K. Nyberg. Ad hoc security associations for groups. In Security and Privacy in Ad-Hoc and Sensor Networks (ESAS), pages 150-164, 2006.
35. S. Vaudenay. Secure communications over insecure channels based on short authenticated strings. In Advances in Cryptology (Crypto), pages 309-326, 2005.
36. A. Whitten and J. Tygar. Why Johnny can't encrypt. In USENIX Security, Aug. 1999.
37. P. R. Zimmermann. Pgpfone, pretty good privacy phone, owner's manual, version 1.0 beta 7. ftp://ftp.pgpi.org/pub/pgp/pgpfone/manual/pgpfone10b7.pdf, July 1996.