Analysis of a secure conference scheme for mobile communication

Dynamic participation is a feature of the secure conference schemes that allows new conferees to join and the old conferees to leave. The conferees who have left should not be able to decrypt the secure conference communication anymore. A secure conference scheme with dynamic participation was proposed in M.S. Hwang and W.P. Yang (1995) and later it was modified with the self-encryption mechanism in K.F. Hwang and C.C. Chang (2003) for a better performance. In this paper we analyze both the original scheme and the modified version. We show that both of them are subject to the active and passive attacks presented in this paper. Our active attack works in the way that a colluding group of attackers can still obtain the conference key even after they all leave the conference. The passive attack does not need any attacker to ever participate the conference. The conference key can be compromised with a large probability as long as the number of conferees is large.     

A secure conference scheme for mobile communications

A growing application area in mobile communications is mobile teleconference in which a group of mobile users collaborate in an interactive procedure, such as a board meeting, a task force, a scientific discussion, or even a virtual classroom. Wireless communications transmit conversations via radio, making them more susceptible to eavesdropping and unauthorized access than are conversations carried via wires. Therefore, it is crucial to ensure confidentiality and authenticity in a mobile teleconference. The authors design a new secure conference scheme for mobile communications. Based on a modular square root technique, this scheme is secure against eavesdropping, impersonating, and tracking attacks and allows a participant to join or quit a mobile teleconference dynamically.     

A secure and efficient conference scheme for mobile communications

A growing application area in mobile communications is mobile teleconferencing, in which a group of mobile users collaborate in an interactive procedure, such as a board meeting, a task force, a scientific discussion, or even a virtual classroom. Wireless communications transmit conversations via radio, making them more susceptible to eavesdropping and unauthorized access than are conversations carried via wires. Therefore, it is crucial to ensure confidentiality and authenticity in mobile teleconferencing. When deploying secure services in mobile teleconferences, it has to be taken into account that the mobility of users is usually built on portable devices with limited computing capability. A secure conference scheme for mobile communications needs to be executed efficiently on portable devices. We propose a new secure and efficient conference scheme for mobile communications. Based on a modular square root technique, this scheme is secure against eavesdropping, impersonating, and tracking attacks and allows a participant to join or quit a mobile teleconference dynamically. In addition, the scheme is particularly efficient on the mobile user's portable device because the mobile user needs to perform only single modular multiplication plus encryptions and decryptions of a secret key cryptosystem.     

移动网络环境下实现电力移动终端的安全通信

为了防范移动网络环境中所客观存在的恶意攻击、软件漏洞等安全风险,文中提出一种基于端到端信息交换的加密和认证的电力移动终端安全解决方案。在所设计的方案中,与当前地理位置相关联的对话伙伴经过处理的指纹用于生成寿命较短的对称密钥,同时还结合了加密算法、指纹特征和用户虹膜特征,确保在整个认证通信过程中的数据安全。测试结果表明,该方案能够在移动网络环境中高效实现对电力移动终端的身份验证和信息加密。     

A model for mobile code using interacting automata

The Internet supports migration of code from node to node. A number of paradigms exist for distributed computing and mobile code, including client/server, remote evaluation, code-on-demand, and mobile agents. We find them overly-restrictive views of reality. We propose a model that can express previous paradigms as special cases. We derive a model using cellular automata (CA) abstractions to study relations between local node behavior and global system behavior. Example mobile code systems are provided and existing paradigms are expressed in terms of the model. These examples include network attacks such as viruses, worms, and distributed denial of service (DDoS). A distributed system simulation tool based on the model is described. Simulation results provide insights gained from this work.     

Security issues for downloaded code in mobile phones

'Software defined radio' (SDR) is a technology that will appear in future generations of mobile phones, i.e. following the third-generation mobile phone technology that is currently being defined and developed. Early versions of 'pragmatic' SDR will allow the terminal to be reconfigured at any level of its protocol stack. Ultimately, the 'pure' SDR technology will allow a mobile phone or terminal to have its air interface software configured or reconfigured by other software (or software parameters) that have been downloaded to the terminal, e.g. over the air, or from a remote server via the Internet and one's personal computer (PC). A number of security issues arise with downloaded code that implements the air interface functions, and these may not be obvious simply from looking at the way PC software is updated on-line today. This paper starts with an outline of the code that allows a mobile phone to operate over a particular air interface. This sets the baseline for a discussion of the security issues surrounding the change of this code from one that is fixed and downloaded once only, to code that is reconfigurable during the life of a product.     

SEAD: secure efficient distance vector routing for mobile wireless ad hoc networks

An ad hoc network is a collection of wireless computers (nodes), communicating among themselves over possibly multihop paths, without the help of any infrastructure such as base stations or access points. Although many previous ad hoc network routing protocols have been based in part on distance vector approaches, they have generally assumed a trusted environment. In this paper, we design and evaluate the Secure Efficient Ad hoc Distance vector routing protocol (SEAD), a secure ad hoc network routing protocol based on the design of the Destination-Sequenced Distance-Vector routing protocol. In order to support use with nodes of limited CPU processing capability, and to guard against Denial-of-Service attacks in which an attacker attempts to cause other nodes to consume excess network bandwidth or processing time, we use efficient one-way hash functions and do not use asymmetric cryptographic operations in the protocol. SEAD performs well over the range of scenarios we tested, and is robust against multiple uncoordinated attackers creating incorrect routing state in any other node, even in spite of any active attackers or compromised nodes in the network.     

Detection technique for a serial DS-SS code synchronisation in afading mobile channel

A performance analysis of the threshold decision technique for direct-sequence spread-spectrum (DS-SS) code synchronisation is presented. The proposed serial acquisition system is compared to the conventional serial acquisition system, and a significant improvement in performance is shown in terms of the mean acquisition time     

PSP: proximity-based secure pairing of mobile devices using WiFi signals

Wireless Networks - Wireless device-to-device (D2D) communication, which enables direct communication between co-located devices without Internet access, is becoming common. Simultaneously,...     

A secure enhanced privacy-preserving key agreement protocol for wireless mobile networks

The rapid proliferation of mobile networks has made security an important issue, particularly for transaction oriented applications. Recently, Jo et al. presented an efficient authentication protocol for wireless mobile networks and asserted that their proposed approach provides all known security functionalities including session key (SK) security under the assumption of the widely-accepted Canetti–Krawczyk (CK) model. We reviewed Jo et al.’s proposed roaming protocol and we demonstrate that it fails to provide the SK-security under the CK-adversary setting. We then propose an enhancement to Jo et al.’s roaming protocol to address the security drawback found in Jo et al.’s protocol. In the enhanced roaming protocol, we achieve the SK-security along with reduced computation, communication and storage costs. We also simulate the enhanced roaming protocol using NS2 for end-to-end delay and network throughput, and the simulation results obtained demonstrate the efficiency of our protocol.     

A secure dynamic IP configuration scheme for mobile ad hoc networks

Secure dynamic IP addressing is a prime requirement for unicast communication between authorized hosts in mobile ad hoc networks (MANETs). Recently, several approaches have been proposed for dynamic addressing scheme. However, most of the approaches rely on broadcasting for address solicitation and/or duplicate address detection. As a result, several types of security threats in dynamic IP configuration can be observed. In this paper, we present an ID based dynamic IP configuration scheme that can securely allocate IP addresses to the authorized hosts for a mobile ad hoc network without broadcasting over the entire network. Each host in the MANET can generate an unique IP address from its own IP address for a new host. The proposed scheme provides authentication for address configuration without the help of a trusted third party while taking care of the security-threats associated with dynamic IP configuration. Performance analysis shows that even with added security mechanisms our proposed addressing scheme has fairly good addressing latency and control overhead compared to the similar existing schemes. Moreover, the proposed scheme is able to solve the problem of network partitions and mergers along with the arrival and departure of a host efficiently and securely.     

A framework for enhancing mobile workflow execution through injection of flexible security controls

Mobile workflow execution is gaining importance as traditional process execution systems are employed in many new scenarios such as mobile networks or the Internet of Things. Unfortunately, in these solutions, security is still based on control loops or computer science techniques which have not evolved as fast as current mobile systems and applications. In this context, in order to improve the security level of these systems, it is necessary to create a security framework tightly coupled with the mobile workflow execution platforms. To contribute filling this gap, we propose a framework to inject security controls in workflows, which supports mobile execution and allows a flexible decision making. This solution models security as control points where some relevant previously defined indicators are evaluated. Depending on the obtained values, the framework takes corrective, preventive or adaptive actions, considering also the execution system capabilities and the workflow being executed. In order to evaluate the effectiveness and performance of the proposed solution we include experimental validation.     

An adaptive coding scheme with code combining for mobile radiosystems

The authors propose and study an adaptive error-control coding scheme for binary digital FM (BFM) mobile radio transmission. The scheme employs code combining through packet retransmissions. The number of transmissions of a packet is in proportion to the channel fading/noise levels, which is in contrast to time diversity techniques where a fixed number of repetitions of a data packet is performed even in the absence of channel errors. Furthermore, the receiver uses received signal envelopes as channel state information, which significantly improves the throughput and bit error rate (BER) performance. Performance of the proposed scheme is analyzed for frequency-flat Rayleigh fading channels with additive white Gaussian noise (AWGN), co-channel interference and random FM noise     

Modelling the land mobile satellite channel: a review

The use of satellite systems in the implementation of third-generation mobile communication systems obviously involves a propagation environment for the signal different from that in the conventional terrestrial first- and second-generation systems. The propagation conditions and phenomena met with are embraced by the expression `land mobile satellite (LMS) channel'. This paper reviews the studies of the LMS channel reported in the literature. The various models are classified and compared in such a way that their similarities and differences are apparent     

A secure group key management scheme for hierarchical mobile ad hoc networks

In this paper, we present a secure group key management scheme for hierarchical mobile ad hoc networks. Our approach aims to improve both scalability and survivability of group key management for large-scale wireless ad hoc networks. To achieve our goal, we propose the following approaches: (1) a multi-level security model, which follows a modified Bell-La Padula security model that is suitable in a hierarchical mobile ad hoc networking environment, and (2) a decentralized group key management infrastructure to achieve such a multi-level security model. Our approaches reduce the key management overhead and improve resilience to any single point failure problem. In addition, we have developed a roaming protocol that is able to provide secure group communication involving group members from different groups without requiring new keys; an advantage of this protocol is that it is able to provide continuous group communication even when the group manager fails.     

Cryptanalysis of digital multisignature schemes for authenticating delegates in mobile code systems

Shieh et al. proposed two multisignature schemes for message recovery -the parallel multisignature scheme and the serial multisignature scheme - for authenticating delegates in mobile code systems. In this paper, we will show that Shieh et al.'s multisignature schemes are vulnerable to insider forgery attacks hence cannot achieve the security requirements they claimed.     

An efficient and provably secure authenticated key agreement scheme for mobile edge computing

Wireless Networks - Though Mobile Cloud Computing (MCC) and Mobile Edge Computing (MEC) technologies have brought more convenience to mobile services over past few years, but security concerns like...     

A performance comparison of orthogonal code divisionmultiple-access techniques for mobile satellite communications

In recent years, code division multiple-access (CDMA) techniques have received a great deal of attention for mobile terrestrial/satellite communication systems. Primarily considered for the noteworthy features of low power flux density emission and robustness to interference and multipath, CDMA is known to bear reduced bandwidth and power efficiency when compared to traditional TDMA and FDMA due to the intrinsic cochannel self-noise. Early attempts to increase the capacity of CDMA-based systems for commercial applications relied on voice activation and frequency reuse. More recently, practical solutions to implement (synchronous) orthogonal CDMA signaling are being developed independently in Europe and in the USA. This paper is focused on the comparative performance analysis of those two orthogonal CDMA schemes in the operating renditions of a mobile satellite communications system. In particular, the two CDMA systems are compared in the presence of that and frequency-selective multipath fading and a typical satellite transponder nonlinearity. Most numerical results are derived through a time-domain system simulation that confirms and integrates the theoretical findings     

Analysis of a direct-sequence CDMA mobile radio system with reducedset of code sequences

A code-division multiple-access scheme that requires a reduced set of code sequences, in which the size of the set is much less than the number of users in the system, is proposed for mobile radio communications. A direct-sequence spread-spectrum signaling is adopted to exploit the property of high time resolution and combat fading effects through multipath diversity reception. Theoretical performance of the proposed system is analyzed by deriving the collision-free path distribution and determining the proper size of the set without reducing the effect of multipath diversity. In connection with the proposed system, two combining schemes are investigated to characterize the effects of the primary and secondary user interferences and evaluate the behavior of the error rate when compared to the original CDMA system