Authentication of Keys Distributed by the Diffie-Hellman Method for Mobile Devices based on Authentication Codes and Magnetometric Data

Q3 Mathematics

SPIIRAS Proceedings Pub Date : 2019-06-05 DOI:10.15622/SP.2019.18.3.705-740

V. Yakovlev

{"title":"Authentication of Keys Distributed by the Diffie-Hellman Method for Mobile Devices based on Authentication Codes and Magnetometric Data","authors":"V. Yakovlev","doi":"10.15622/SP.2019.18.3.705-740","DOIUrl":null,"url":null,"abstract":"The wide distribution of mobile wireless devices (smartphones, tablets, etc.) warrants cryptographic protection of information transmitted by these devices, which requires supplying these devices with keys and providing their authentication. Recently, research on key authentication methods within scenarios of pairing mobile devices, has been increasingly relevant. In these conditions, mobile devices are located close to each other, up to the physical contact, and an additional key sharing authenticated channel protected from interception is established for purposes of key authentication. \nThe analysis of additional channel versions: visual, acoustic, vibration, tactile, and magnetometric shows advantages of the latter one in terms of speed and reliability of authentication, as well as easer se of this channel compared to other methods. A magnetometer channel forms if there are magnetometers in mobile devices that measure the Earth’s magnetic field. Random fluctuations of the magnetic field at the measurement point allow to generate in a pair of mobile devices random sequences that coincide with a high probability and which can be used to authenticate session keys. \nThe “Magparing” protocol of mobile devices keys authentication, which are distributed by Diffie-Hellman method is studied. his protocol is based on the magnetometer data measuring. We demonstrate that the protocol is succeptible to “man-in-the-middle” attack. This fact is confirmed also by software AVISPA simulation. \nA new key authentication method based on the use of authenticating code (A-code) is proposed. Authenticators for Diffie-Hellman values are generated based on A-code blocks and random sequences obtained by the reading of magnetometer’s values. An approach for A-code parameters optimization, that conforms to the requirements for authentication key length and both to the probabilities of false key removal and false key deception, is investigated. We present an example of code parameters for key authentication with the length of 256 bits, providing the probability of a false key agreement of not greater than 10-9 and a probability of false rejection of a true key equal to –10–6, which shows viability of the proposed authentication method.","PeriodicalId":53447,"journal":{"name":"SPIIRAS Proceedings","volume":"65 1","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2019-06-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"SPIIRAS Proceedings","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.15622/SP.2019.18.3.705-740","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"Mathematics","Score":null,"Total":0}

引用次数: 1

Abstract

The wide distribution of mobile wireless devices (smartphones, tablets, etc.) warrants cryptographic protection of information transmitted by these devices, which requires supplying these devices with keys and providing their authentication. Recently, research on key authentication methods within scenarios of pairing mobile devices, has been increasingly relevant. In these conditions, mobile devices are located close to each other, up to the physical contact, and an additional key sharing authenticated channel protected from interception is established for purposes of key authentication. The analysis of additional channel versions: visual, acoustic, vibration, tactile, and magnetometric shows advantages of the latter one in terms of speed and reliability of authentication, as well as easer se of this channel compared to other methods. A magnetometer channel forms if there are magnetometers in mobile devices that measure the Earth’s magnetic field. Random fluctuations of the magnetic field at the measurement point allow to generate in a pair of mobile devices random sequences that coincide with a high probability and which can be used to authenticate session keys. The “Magparing” protocol of mobile devices keys authentication, which are distributed by Diffie-Hellman method is studied. his protocol is based on the magnetometer data measuring. We demonstrate that the protocol is succeptible to “man-in-the-middle” attack. This fact is confirmed also by software AVISPA simulation. A new key authentication method based on the use of authenticating code (A-code) is proposed. Authenticators for Diffie-Hellman values are generated based on A-code blocks and random sequences obtained by the reading of magnetometer’s values. An approach for A-code parameters optimization, that conforms to the requirements for authentication key length and both to the probabilities of false key removal and false key deception, is investigated. We present an example of code parameters for key authentication with the length of 256 bits, providing the probability of a false key agreement of not greater than 10-9 and a probability of false rejection of a true key equal to –10–6, which shows viability of the proposed authentication method.

查看原文本刊更多论文

基于认证码和磁测数据的移动设备Diffie-Hellman方法密钥认证

移动无线设备(智能手机、平板电脑等)的广泛分布要求对这些设备传输的信息进行加密保护，这就需要为这些设备提供密钥并提供其认证。近年来，对移动设备配对场景下的密钥认证方法的研究越来越有意义。在这些条件下，移动设备彼此靠近，直到物理接触，并且为了密钥身份验证的目的，建立了一个防止被拦截的额外密钥共享身份验证通道。通过对其他通道版本:视觉、声学、振动、触觉和磁测的分析，显示了后者在认证速度和可靠性方面的优势，并且与其他方法相比，该通道更容易被看到。如果在测量地球磁场的移动设备中有磁力计，则形成磁力计通道。测量点磁场的随机波动允许在一对移动设备中产生高概率重合的随机序列，并可用于验证会话密钥。研究了采用Diffie-Hellman方法分发的移动设备密钥认证的“Magparing”协议。他的方案是基于磁力计的数据测量。我们证明了该协议容易受到“中间人”攻击。AVISPA软件仿真也证实了这一事实。提出了一种基于认证码(A码)的密钥认证方法。Diffie-Hellman值的验证器是根据读取磁力计值获得的a码块和随机序列生成的。研究了一种既符合认证密钥长度要求，又符合假密钥去除概率和假密钥欺骗概率的a码参数优化方法。我们给出了一个长度为256位的密钥认证代码参数示例，提供了不大于10-9的假密钥协议概率和等于-10-6的假拒绝真密钥的概率，这表明了所提出的认证方法的可行性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

SPIIRAS Proceedings Mathematics-Applied Mathematics

CiteScore

1.90

自引率

0.00%

发文量

审稿时长

14 weeks

期刊介绍： The SPIIRAS Proceedings journal publishes scientific, scientific-educational, scientific-popular papers relating to computer science, automation, applied mathematics, interdisciplinary research, as well as information technology, the theoretical foundations of computer science (such as mathematical and related to other scientific disciplines), information security and information protection, decision making and artificial intelligence, mathematical modeling, informatization.