1 / 13

Environmental Key Generation towards Clueless Agents

Environmental Key Generation towards Clueless Agents. James Riordan School of Mathematics University of Minnesota. Bruce Schneier Counterpane Systems. Published: Mobile Agents and Security, G. Vigna, ed., Springer-Verlag, 1998, pp. 15-24

Télécharger la présentation

Environmental Key Generation towards Clueless Agents

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Environmental Key Generation towards Clueless Agents James Riordan School of Mathematics University of Minnesota. Bruce Schneier Counterpane Systems. Published: Mobile Agents and Security, G. Vigna, ed., Springer-Verlag, 1998, pp. 15-24 Presented by Chinchi,Lo

  2. Outline • Introduction • Basic constructions • Time constructions • Further constructions • Conclusions

  3. Introduction • Environmental Key Generation: Keying material that is constructed from certain classes of environmental data. • Clueless agent: Without the environmentally supplied input, the agent cannot decrypt its own message. • The difficulty is that attacker has complete control over the environment.

  4. Basic Constructions • Usenet news groups • Web pages • Mail messages • File systems • Local network resources

  5. Time Constructions (1/) • The time-based constructions allow key generation based on the time. • These constructions rely upon the presence of a minimally trusted third party to prevent a date based dictionary attack. • The third party does not need to know either of the two parties nor the nature of the material to generate keys.

  6. Time Constructions (2/) These protocols have three distinct stages: • The programmer-server interaction • The programmer-agent interaction • The agent-server interaction

  7. Notations • N: an integer corresponding to an environmental observation. • H: a one way hash function. • M: the hash H of the observation N needed for activation. It is carried by agent. • R: a nonce. • K: a key. • S: a secret belonging to the server. • T*: the target time. • Ti: the current time.

  8. Time Constructions (3/) • Forward-Time Hash Function • The programmer sends to the server. • The server sets T to the current time and returns to the programmer T and • The programmer set and . The programmer uses K to encrypt the message to the agent, and gives the agent a copy of P. • The agent continuously requests the current time’s secret from the server. • The server returns . • The agent tries to use to decrypt its instructions when where

  9. Time Constructions (4/) • Forward-Time Public Key For each time , the server has a method of generating a public/secret key pair . The server can either store these key pairs, or regenerate them as required. • The programmer sends a to the server. • The server returns the public key, ,for that time. • The programmer uses to encrypt the message to the agent. • The agent continuously requests the current time’s private key from the server. • The server returns . • The agent tries to use to decrypt its instructions, when where

  10. Time Constructions (5/) • Backward-Time Hash Function • The programmer sends the to the server. • The server returns if and only if is in the future. • The programmer sets K to the returned value and gives the agent a copy of and . • At time T, the agent sends the to the server. It will receive the valid key K in return if and only if is later than T.

  11. The programmer sends the server a program P and the hash of a particular possible output of the program P. The server returns and . The programmer sets and uses it to encrypt the message to the agent. The programmer then gives to the agent. The agent gives to the server. The server decrypts the program , executes it, and setsM = H(P’s output). It then return H(S,P,M) to the agent. The agent tries to use the returned value as it key. It will succeed precisely when the output of the run program matches the programmer’s expectations. General Server Constructions

  12. Further Constructions • Thresholding • Nesting • Forward-time + Backward-time = time interval. • Forward-time + Basic = Forward time, but only if a specific event has occurred.

  13. Conclusions • Cryptographic key constructions built from environmental data that are resistant to adversarial analysis and deceit. • The primary envisioned use of these constructions is in the creation of mobile agents whose analysis does not reveal their exact purpose.

More Related