This paper was presented at the Sixth Conference on Security and Cryptography for Networks (SCN 2008), Amalfi, Italy. A new identity-based key agreement protocol designed to operate on the network layer is presented. Endpoint addresses, namely IP and MACaddresses, are used as public keys to authenticate the communication devices involved in a key agreement, which allows us to piggyback much of the security overhead for key management to the existing network infrastructure. The proposed approach offers solutions to some of the open problems of identity-based key agreement schemes when applied to the network layer, namely multi-domain key generation, key distribution, multi-domain public parameter distribution, inter-domain key agreement and network address translation traversal. Several issues for deploying the proposed system in practice are discussed. The authors show how the public parameters and the identity keys are distributed in multi-provider scenarios and how dynamic IP addresses are handled. Furthermore, a detailed description of how our system deals with the NAT problem is given. One of the important issues of any multi-organizational cryptographic system is the distribution of the public parameters and keys. It should be noted that a main requirement is to try to minimize the number of global distribution steps in favor of local distribution steps, since this distributes the workload and reduces the risk of a global compromise....
The most critical element in all IBEs or PKIs in key escrow mode is the distribution of identity keys (private keys) and the prevention of identity misbinding. In traditional PKI and IBE systems, this is usually done manually and out-of-band and thus creates a lot of work. While it can be argued that due to the fact that on the AS level most customers receive an out-of-band message when they receive their endpoint address, adding a fingerprint to the identity key would not put much extra burden on the system. However, a more elegant solution for the long term is to integrate the key distribution into the IP distribution system... Unlike other identity-based encryption solutions, the presented approach is based on the well tested mathematics also used in the traditional Diffie-Hellman key agreement and Rivest-Shamir-Adleman public key cryptography approaches instead of elliptic curves or quadratic residues. It has been shown how our identity-based key agreement protocol can be used as a generic low level security mechanism and how it can deal with the implementation issues of multidomain key generation, key distribution, multi-domain public parameter distribution, key expiration, inter-domain key agreement and network address translation traversal.
There are several areas of future work. For example, a more detailed description of the integration of the proposed identity-based approach into existing network management protocols and tools, in particular the integration into the DHCP protocol, should be provided. Furthermore, the large-scale practical deployment of the proposed approach in IP, Voice-over-IP, or mobile telephone communication scenarios is an interesting area for future work.
Read the complete paper by Christian Schridde, Matthew Smith, and Bernd Freisleben; cited by Robin Cover in XML Daily Newslink.
