323 key subset and symmetric certificates kssc scheme

Info icon This preview shows pages 55–57. Sign up to view the full content.

View Full Document Right Arrow Icon
3.2.3. Key Subset and Symmetric Certificates (KSSC) Scheme The concept of symmetric key certificates (SC) was first employed by Davis and Swick 11 in the context of Kerberos. An SC is derived by binding some arbitrary descriptor D ∈ { 0 , 1 } (a bit-string of arbitrary length) with a secret key K through a one-way function. For example, K D = h t ( K, D ) (7) Copyright © 2010. World Scientific Publishing Company. All rights reserved. May not be reproduced in any form without permission from the publisher, except fair uses permitted under U.S. or applicable copyright law. EBSCO Publishing : eBook Collection (EBSCOhost) - printed on 2/16/2016 3:46 AM via CGC-GROUP OF COLLEGES (GHARUAN) AN: 340572 ; Beyah, Raheem, Corbett, Cherita, McNair, Janise.; Security in Ad Hoc and Sensor Networks Account: ns224671
Image of page 55

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Key Distribution 43 is an SC derived from K . Note that an SC is derived in the same manner as a hashed message authentication code (HMAC). Furthermore, like HMACs, SCs can be truncated (say only 64 LSBs of the 160-bit hash is retained). However, unlike HMACs, SCs are treated as secrets . The SC is only privy to the issuer (the entity with secret K ) and the entity receiving the SC K D . In the KSSC scheme 12 the KDC chooses (1) m master secrets; (2) a hash function h () (for example, SHA-1); and (3) a pseudo-random function (PRF) f M m (), which when seeded by a value yields m uniformly distributed integers between 0 and M 1. The KDC generates a set of k = mM secrets S = { K ( i, j ) } 0 i m 1 , 0 j M 1. For an entity with ID A the KDC computes the PRF f M m ( A ) = [ a 0 · · · a m 1 ]. The node A is then assigned a set of m secrets S A and a set of mM SCs C A where S A = { K (0 , a 0 ) , K (1 , a 1 ) , . . . , K ( m 1 , a m 1 ) } C A = { K A ( i, j ) = h t ( K ( i, j ) , A ) } , 0 i m 1 , 0 j M 1 . Thus every node receives m secrets and mM SCs. Two nodes A and B can compute 2 m common secrets i S B A = K A ( i, b i ) , 0 i m 1 and (8) i S A B = K B ( i, a i ) , 0 i m 1 (9) More specifically (1) A computes { b i } = f M m ( B ) to determine the indices of m of its mM SCs i S B A C A (where 0 i m 1); (2) B uses its m secrets S B to compute m SCs i S B A C A ; (3) A uses its m secrets S A to compute m SCs i S A B C B ; and (4) B computes { a i } = f t m ( A ) to determine the indices of m of its mM SCs i S A B C B . All 2 m values are used to derive the pairwise secret K AB , simply by XOR- ing them together: K AB = { 0 S B A ⊕ · · · ⊕ m 1 S B A } ⊕ { 0 S A B ⊕ · · · ⊕ m 1 S A B } (10) Note that the SCs assigned to any node do not reveal any information about secrets or SCs assigned to other nodes. However, if the pool of secrets accumulated by the attacker includes all m secrets assigned to both A and Copyright © 2010. World Scientific Publishing Company. All rights reserved. May not be reproduced in any form without permission from the publisher, except fair uses permitted under U.S. or applicable copyright law.
Image of page 56
Image of page 57
This is the end of the preview. Sign up to access the rest of the document.

{[ snackBarMessage ]}

What students are saying

  • Left Quote Icon

    As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

    Student Picture

    Kiran Temple University Fox School of Business ‘17, Course Hero Intern

  • Left Quote Icon

    I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

    Student Picture

    Dana University of Pennsylvania ‘17, Course Hero Intern

  • Left Quote Icon

    The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

    Student Picture

    Jill Tulane University ‘16, Course Hero Intern