Project 312 (3rd year)
Investigation on Advanced Remote Authentication Technologies
| The project goals and research problems are focused on developing Remote Authentication Protocol for Mobile Devices used in ubiquitous or pervasive computing environment. In a public mobile digital network, the high-security remote authentication is a necessary component for establishing a trustworthy communication. This field is a part of the main research directions at CyLab at CMU. The internationally acclaimed team at CMU developed many theoretical and practical advances in remote authentication techniques, and this has made CMU as the leader of mainstream research in this area. |
| (1) | GAnGS: In the first half of this year, we focused on the distribution of authentic information in a group. Current security protocols for distributing authentic information fail to consider the human element. For example, many group protocols simply assume that people will always count the number of members and verify the list of members correctly. We take the human factor into consideration. We designed GAnGS (Group Authenticate n'Group Securely), the first fully implemented mobile system for enabling secure group communication. We implemented two variants on the Nokia N70. One variant (GAnGS-P) relies on a communication hub which need not be trusted. The second invariant (GAnGS-T) uses no infrastructure at all. |
| (2) | SPATE: In the second half year, we focused on exchanging authentic information in a small group. According to Zipf's law, small group occurs in human interactions all the time. Establishment of communication between people for exchanging authentic information is quite important and practical. Although GAnGS protocol can solve this problem, it is more suitable for large scale groups. In small groups, the performance is not as well as we expected. Therefore, we present SPATE (Small-group PKI-less Authenticated Trust Establishment) to meet the requirements. Similar to the GAnGS, SPATE lets user exchange authentic information through physical connection. The difference between two protocols is GAnGS uses peer-to-peer connection to exchange information, but SPATE is more efficient to make use of point-to-multiple-points connection to build a broadcast channel between devices. Moreover, we extend SPATE to the securing mail system. Traditional secure mail system should be deployed under PKI architecture. In SPATE, we adopt self-signed certificate authority to remove PKI deployment overhead. After users establish trust relation through physical connection, exchanged authentic information can be used for providing data privacy, integrity and user authentication in mail system. In addition, our work is not limited to the Symbian operation system using N70 smart phones. As part of the effort to strengthen the self-reliance for Taiwan in the information security sector, we have begun to implement the same protocols on Windows Mobile devices as a preliminary step for technology transfer to industry. Our version of SiB on a local DoPod handset is the first visually-cued authenticated key exchange protocol implemented on a Microsoft platform to the best of our knowledge. |
Achievements and Contributions
Member List
| Country | Organization | Full Name | Title | |
|---|---|---|---|---|
Taiwan |
TWISC |
Lin, Phen-Lan |
PI |
|
Taiwan |
TWISC |
Wu, Tzong-Chen |
Co-PI |
|
Taiwan |
TWISC |
Yang, Bo-Yin |
Co-PI |
|
Taiwan |
TWISC |
Sun, Hung-Min |
Investigator |
|
Taiwan |
TWISC |
Lai, Yan-Hao |
Student |
|
Taiwan |
TWISC |
Lin, Yue-Hsun |
Student |
|
Taiwan |
TWISC |
Wang, King-Hang |
Student |
|
Taiwan |
TWISC |
Chen, Jian-Xiang |
Student |
|
Taiwan |
TWISC |
Hu, Yu-Ming |
Student |
|
Taiwan |
TWISC |
Huang, Chia-Cheng |
Student |
|
Taiwan |
TWISC |
Lin Wei-Hua |
Student |
|
Taiwan |
TWISC |
Yeh, Chih-Wen |
Student |
|
Taiwan |
TWISC |
Tsang, Ping-Liu |
Student |
|
US |
CMU |
Adrian Perrig |
CPI |
|
US |
CMU |
Hsu-Chun Hsiao |
Student |
|
US |
CMU |
Jonathan M. McCune |
Student |
|
US |
CMU |
Ghita Mezzour |
Student |
|
US |
CMU |
Ahren Studer |
Student |
Project 300 Orgnization Chart (in Hanzi)
Required Documents (3rd year)
Self-Assessment Presentation File (Internal Review Meeting)
Midterm Report (External Review Meeting)
Final Report (External Review Meeting)