Key negotiation for BAB

1. Key negotiation for BAB 15th, Nov, 2007 – Lehigh EDIFY Team, Lehigh University • Per hop • HMAC – keyed hash function • Symmetric keys • Keys negotiated via LU protocol at right • PKI used is Identity Based Encryption • Public key is EID • Elliptic curve crypto system • Built on MIRACL cryptography library • Keys and negotiation state stored in LU keystore • Final keys replicated in BBN keystore since Sparta’s BAB code uses it

2. CB/PSB 15th, Nov, 2007 – Lehigh EDIFY Team, Lehigh University • CB provides E2E payload encryption • Uses ephemeral key to encrypt. The ephemeral key is passed to Keysteward class to be encrypted. Encrypted Ephemeral key is sent in CB block for decryption at the receiver • LU Keysteward implementation for CB • Key encrypted/decrypted via AES using symmetric keys. • Use BBN ‘security setkey’ command to manually set CB key for a particular remote EID in BBN keystore • LU keysteward implementation then retrieves key from BBN keystore • Built on MIRACL cryptography library • Sparta’s PSB feature makes a SHA-256 hash of payload, and passes the hash value to key management module to be signed. • LU Keysteward implementation • Uses Hess Identity Based Signature Scheme • Public key is hash of EID • Built on Stanford Pairing Based Cryptography library • Private key is manually copied to node during setup of node • LU ‘security setkeyfile <EID> <filename>’ command • Associates a file containing a private key to a particular local EID • Allows for multiple local EIDs (useful in multicast environment)