Simultaneous Authentication of Equals: A Secure, Password-Based Key Exchange for Mesh Networks

Author

Harkins, Dan

Author_Institution

Aruba Networks, Sunnyvale, CA

fYear

2008

fDate

25-31 Aug. 2008

Firstpage

839

Lastpage

844

Abstract

We propose a simple protocol for authentication using only a password. The result of the protocol is a cryptographically strong shared secret for securing other data - e.g. network communication. SAE is resistant to passive attack, active attack, and dictionary attack. It provides a secure alternative to using certificates or when a centralized authority is not available. It is a peer-to-peer protocol, has no asymmetry, and supports simultaneous initiation. It is therefore well-suited for use in mesh networks. It supports the ability to tradeoff speed for strength of the resulting shared key. SAE has been implemented for 802.11-based mesh networks and can easily be adapted to other wireless mesh technology.

Keywords

cryptographic protocols; peer-to-peer computing; wireless LAN; 802.11-based mesh networks; active attack; cryptographically strong shared secret; dictionary attack; mesh networks; passive attack; password-based key exchange; peer-to-peer protocol; Authentication; Communication system security; Cryptographic protocols; Cryptography; Dictionaries; Information security; Intelligent networks; Mesh networks; Network servers; Peer to peer computing; cryptography; password authentication; peer-to-peer;

fLanguage

English

Publisher

ieee

Conference_Titel

Sensor Technologies and Applications, 2008. SENSORCOMM '08. Second International Conference on

Conference_Location

Cap Esterel

Print_ISBN

978-0-7695-3330-8

Electronic_ISBN

978-0-7695-3330-8

Type

conf

DOI

10.1109/SENSORCOMM.2008.131

Filename

4622764