Entity Authentication And Key Establishment Protocols In Pervasive Computing

Pervasive computing integrates the cyberspace and physical space. In this integration environment, users can obtain intelligent services pellucidly any time and anywhere. However the ubiquitous and mobility make the interactive principals stranger to each other, so the traditional security mechanisms designed for static network or closed systems are not suitable for the pervasive computing. In addition, the huge amount of sensors embedded in the environment help a lot to make the services pellucid, but at the same time cause great threat to the privacy of the users. Thus, authentication, access control and privacy become the important barriers to the pervasive computing.We propose three new entity authentication and key establishment protocols in this paper, these protocols are used to guarantee the security of intra-domain service, inter-domain service and multicast service respectively. The inter-domain authentication is based on the intra-domain authentication, while the multicast authentication is based on the other two. All the three protocols make up the complete system of authentication in pervasive computing. For the intra-domain protocol, using the biometric encryption not only authenticates the users mutually but also allows the user to interact staying anonymous. The improved Diffie-Hellman key exchange method makes the key establishment easier and more efficient. The inter-domain protocol is an extension of the intra-domain protocol for completing the authentication. As the servers take most of the authentication work, only a few resources are required from the users. The signcryption technique helps establish the authenticated and security session key efficiently. The multicast situation is the most complicated one. According to the real topology of the pervasive computing, we use the hierarchy architecture, which divides the system into two layers and the users into small subgroups. Group unique management cooperates with subgroup management makes the key update more light-weighted.The devices in the pervasive computing environment have limited computation ability, storage and communication ability. These bounds require a light-weighted and scalable protocol in pervasive computing. We analyze the security of these protocols and the results show that all the three protocols can defend some given kinds of attacks. And the results of SVO formal verification show that both the intra-domain and inter-domain protocols achieve the goal of mutual authentication. Compared with some other inter-domain protocols, the protocol proposed in this paper shows better performance in computation amount, storage amount and time delay. And so does the multicast key management protocol, it maintains the group using less computation, less storage and less communication.