Efficient authentication for mobile and prevasive computing

Abstract

Message authentication is typically achieved by using message authentication codes (MACs) authenticated encryption or digital signatures. The message authentication code, also known as digital authenticator, is used as an integrity check based on a secret key shared by two parties to authenticate information transmitted betenthem. It is based on using a cryptographic hash or symmetric encryption algorithm. The authentication key is only shared by at least two parties or two communicating devices but it will fail in the existence of a third party since the algorithm will no longer be effective in detecting forgeries. In addition, the key must also be randomly generated to avoid its recovery through brute force searches and related key attacks designed to identify it from the messages transiting the medium. Securing the user message by providing authentication and security if the authenticated message must also be encrypted. With today's technology, many applications rely on the existence of small devices that can exchange information and form communication networks. In a significant portion of such applications, the confidentiality and integrity of the communicated messages are of particular interest. In this work, we propose two novel techniques for authenticating short encrypted messages that are directed to meet the requirements of mobile and pervasive applications. By taking advantage of the fact that the message to be authenticated must also be encrypted, we propose provably secure authentication codes that are more efficient than any message authentication code in the literature. The key idea behind the proposed techniques is to utilize the security that the encryption algorithm can provide to design more efficient authentication mechanisms, as opposed to using standalone authentication primitives.