Secure Pervasive Computing without a Trusted Third Party

Abstract

The miniaturization of computing devices and the need for ubiquitous communication has augmented the demand for pervasive computing. Security demands that all devices in a pervasive system must be able to authenticate each other and communicate in a secure manner. This is usually achieved through a Trusted Third Party like a Public Key Infrastructure (PKI) or a Key Distribution Centre (KDC). The establishment of such an entity in such a dynamic environment is neither feasible nor pragmatic. In this paper we present a novel mechanism for authentication and key exchange that can operate seamlessly in pervasive computing environments without the presence of a Trusted Third Party. The proposed scheme has minimal computational requirements, which makes it most suitable for devices with limited resources.