TY - JOUR
T1 - Efficient key distribution for slow computing devices
T2 - Proceedings of the 1998 IEEE Symposium on Security and Privacy
AU - Carroll, Chris
AU - Frankel, Yair
AU - Tsiounis, Yiannis
PY - 1998/1/1
Y1 - 1998/1/1
N2 - Any system which contains some form of cryptographic authentication, confidentiality and/or identification requires the provisioning of a secure keg generation and distribution capability. The key distribution mechanism for wireless cellular systems, such as IS-95 CDMA, IS-136 TDMA and IS-91 Analog, has recently been investigated by the Telephone Industry Association's standards working groups. There are several requirements that a cellular key provisioning system must satisfy; however, the current approaches for such generation and distribution are in general inadequate. As with any commercial application the system must satisfy cost (e.g., efficiency by all parties, minimal specialized equipment, etc.), convenience and most of all security requirements. The cellular system requirements, however, are much more constraining than most environments since the customers' cellular phones have minimal computational capabilities and the authenticated setup protocol is generally performed with the user and carrier never meeting face to face. Moreover, the cellular phone companies are also insisting, for business competition needs, that the key distribution and generation mechanism is as convenient and transparent to the user (customer) as possible. Here we propose a cryptographically secure approach for such generation and distribution which will satisfy the phone industries' needs as well as the needs of other applications using slow devices.
AB - Any system which contains some form of cryptographic authentication, confidentiality and/or identification requires the provisioning of a secure keg generation and distribution capability. The key distribution mechanism for wireless cellular systems, such as IS-95 CDMA, IS-136 TDMA and IS-91 Analog, has recently been investigated by the Telephone Industry Association's standards working groups. There are several requirements that a cellular key provisioning system must satisfy; however, the current approaches for such generation and distribution are in general inadequate. As with any commercial application the system must satisfy cost (e.g., efficiency by all parties, minimal specialized equipment, etc.), convenience and most of all security requirements. The cellular system requirements, however, are much more constraining than most environments since the customers' cellular phones have minimal computational capabilities and the authenticated setup protocol is generally performed with the user and carrier never meeting face to face. Moreover, the cellular phone companies are also insisting, for business competition needs, that the key distribution and generation mechanism is as convenient and transparent to the user (customer) as possible. Here we propose a cryptographically secure approach for such generation and distribution which will satisfy the phone industries' needs as well as the needs of other applications using slow devices.
UR - http://www.scopus.com/inward/record.url?scp=0031682831&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=0031682831&partnerID=8YFLogxK
M3 - Conference article
AN - SCOPUS:0031682831
SN - 1063-7109
SP - 66
EP - 76
JO - Proceedings of the IEEE Computer Society Symposium on Research in Security and Privacy
JF - Proceedings of the IEEE Computer Society Symposium on Research in Security and Privacy
Y2 - 3 May 1998 through 6 May 1998
ER -