This preview shows page 1. Sign up to view the full content.
Unformatted text preview: tion (name, company, job title, security clearance, favorite pizza toppings, sexual preference, or whatever). This is also encrypted. To decrypt this information and enter it into the phone, the owner types his secret password on the phone’s keypad. After the phone uses this information to set up calls, it is erased after the owner removes his ignition key. The phone also stores a set of certificates from the network’s key management facility. These certificates authorize particular users to use particular phones. Calling
A call from Alice to Bob works as follows. (1) Alice inserts her ignition key into the phone and enters her password. (2) The phone interrogates the ignition key to determine Alice’s identity and gives Alice a dial tone. (3) The phone checks its set of certificates to ensure that Alice is authorized to use the particular phone. (4) Alice dials the number; the phone places the call. (5) The two telephones use a public-key cryptography key-exchange protocol to generate a unique and random session key. All subsequent protocol steps are encrypted using this key. (6) Alice’s phone transmits its certificate and user authentication. (7) Bob’s phone authenticates the signatures on both the certificate and the user authentication using the network’s public key. (8) Bob’s phone initiates a challenge-and-reply sequence. It demands real-time signed responses to time-dependent challenges. (This prevents an adversary from using certificates copied from a previous exchange.) One response must be signed by Alice’s phone’s private key; another must be signed by Alice’s private key. (9) Bob’s phone rings, unless he is already on the phone. (10) If Bob is home, he inserts his ignition key into the phone. His phone interrogates the ignition key and checks Bob’s certificate as in steps (2) and (3). (11) Bob transmits his certificate and user authentication. (12) Alice’s phone authenticates Bob’s signatures as in step (7), and initiates a challenge-and-reply sequence as in step (8). (13) Both...
View Full Document
- Fall '10