Efficient key distribution for slow computing devices: achieving fast over the air activation for wireless systems

Any system which contains some form of cryptographic authentication, confidentiality and/or identification requires the provisioning of a secure key generation and distribution capability. The key distribution mechanism for wireless cellular systems, such as IS-95 CDMA, IS-136 TDMA and IS-91 Analog, has recently been investigated by the Telephone Industry Association´s standards working groups. There are several requirements that a cellular key provisioning system must satisfy; however, the current approaches for such generation and distribution are in general inadequate. As with any commercial application, the system must satisfy cost (e.g., efficiency by all parties, minimal specialized equipment, etc.), convenience and most of all security requirements. The cellular system requirements, however, are much more constraining than most environments since the customers´ cellular phones have minimal computational capabilities and the authenticated setup protocol is generally performed with the user and carrier never meeting face to face. Moreover, the cellular phone companies are also insisting, for business competition needs, that the key distribution and generation mechanism is as convenient and transparent to the user (customer) as possible. We propose a cryptographically secure approach for such generation and distribution which will satisfy the phone industries´ needs as well as the needs of other applications using slow devices