Browse > Article
http://dx.doi.org/10.13089/JKIISC.2007.17.4.131

Fixing Security Flaws of URSA Ad hoc Signature Scheme  

Yi, Jeong-Hyun (Samsung Advanced Institute of Technology)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.17, no.4, 2007 , pp. 131-136 More about this Journal
Abstract
Ad hoc networks enable efficient resource aggregation in decentralized manner, and are inherently scalable and fault-tolerant since they do not depend on any centralized authority. However, lack of a centralized authority prompts many security-related challenges. Moreover, the dynamic topology change in which network nodes frequently join and leave adds a further complication in designing effective and efficient security mechanism. Security services for ad hoc networks need to be provided in a scalable and fault-tolerant manner while allowing for membership change of network nodes. In this paper, we investigate distributed certification mechanisms using a threshold cryptography in a way that the functions of a CA(Certification Authority) are distributed into the network nodes themselves and certain number of nodes jointly issue public key certificates to future joining nodes. In the process, we summarize one interesting report [5] in which the recently proposed RSA-based ad hoc signature scheme, called URSA, contains unfortunate yet serious security flaws. We then propose new scheme by fixing their security flaws.
Keywords
Ad hoc network; threshold cryptography; distributed PKI; verifiable secret sharing;
Citations & Related Records
연도 인용수 순위
  • Reference
1 C. P. Schnorr. 'Efficient Signature Generation by Smart Cards', Journal of Cryptology, Vol. 4, No. 3, pp.161-174, 1991
2 A. Shamir, 'How to Share a Secret', Communications of the ACM, 22(11), 1979
3 M. Narasimha, G. Tsudik, and J. H. Yi, 'On the Utility of Distributed Cryptography in P2P and MANETs: the Case of Membership Control', IEEE International Conference on Network Protocols (ICNP'03), pp.336-345, 2003
4 K. Barr and K. Asanovic, 'Energy Aware Lossless Data Compression', International Conference on Mobile Systems, Applications, and Services (MobiSys'03), May 2003
5 T. P. Pedersen, 'A Threshold Cryptosystem without a Trusted Party', Eurocrypt'91, LNCS No. 547, pp.522-526, 1991
6 J. Kong, H. Luo, K. Xu, D. L. Gu, M. Gerla, and S. Lu, 'Adaptive Security for Multi-level Ad-hoc Networks', Journal of Wireless Communications and Mobile Computing, volume 2, pp.533-547, 2002   DOI   ScienceOn
7 J. Kong, P. Zerfos, H. Luo, S. Lu, and L. Zhang, 'Providing Robust and Ubiquitous Security Support for MANET', IEEE International Conference on Network Protocols (ICNP'01), pp.251-260, 2001
8 H. Luo, J. Kong, P. Zerfos, S. Lu, and L. Zhang, 'URSA: Ubiquitous and Robust Access Control for Mobile Ad Hoc Networks', IEEE/ACM Transactions on Networking, 12(6), pp.1049-1063, 2004   DOI   ScienceOn
9 P. Feldman, 'A Practical Scheme for Non-interactive Verifiable Secret Sharing', Symposium on Foundations of Computer Science (FOCS'87), pp.427-437, 1987