Authors: Radim Ostadal, Petr Svenda, Vaclav Matyas
Abstract: We review the most important secrecy amplification protocols, which are especially suitable for ad-hoc networks of devices with limited resources, providing additional resistance against various attacks on used cryptographic keys without necessity for asymmetric cryptography. We discuss and evaluate different designs as well as approaches to create new protocols. A special focus is given to suitability of these protocols with respect to different underlying key distribution schemes and also to open research questions.
Bibtex:
@inproceedings{secrecyamplif_wistp2015, author = {Radim O\v{s}\v{t}\'{a}dal \Petr \v{S}venda \and V{\'a}clav Maty{\'a}\v{s}}, title = {On Secrecy Amplification Protocols}, booktitle = {The 9th WISTP International Conference on Information Security Theory and Practice (WISTP’2015), LNCS 9311}, year = {2015}, pages = {3--19}, doi = {10.1007/978-3-319-24018-3 1}, publisher = {Springer} }
The secrecy amplification protocol provides description how messages with a fresh key material should be propagated inside a target network to provide secure link key to nodes with key currently compromised by an attacker. As wireless networks running on batteries are targeted, not only protocol's success rate (number of newly secured links), but also message overhead (significantly impacting energy consumption) must be considered.
A secrecy amplification protocol can be pretty effective: a network with 50-70 % of compromised links can be turned into network with 95+ % secure links for the price of small hundreds of messages (per node) in only tens of seconds.
In this we paper, we:
Figure showing increase in the number of secured links after secrecy amplification protocols in the random compromise pattern on network with 20.3 legal neighbours on average. With in- creasing number of neighbouring nodes the general effectiveness of protocol grows. As can be seen, a strong majority of secure links (> 90%) can be obtained even when the initial network had 70% of compromised links.
Figure showing increase in the number of secured links per message used during the protocol execution (random compromise pattern, 20.3 legal neighbours on average). The higher value is better - more links are secured per single message. Node-oriented protocols send significantly more messages with rising network density making them less effective per single message. This stands especially for 4-party node-oriented protocols, which are the least effective. The best tradeoff shows group-oriented and hybrid protocols.