Sep 13, 2007: Secret Handshakes with Dynamic and Fuzzy Matching
Filed in: Colloquium
Marina Blanton, University of
Notre Dame
The need for communication privacy over public networks is of growing concern in today's society. As a result, privacy-preserving authentication and key exchange protocols have become critical primitives in building secure distributed systems. Secret handshakes provide such a service by allowing two members of the same group to secretly and privately authenticate to each other and agree on a shared key for further communication.
Secret handshakes were also designed to work with roles, so that a group member A can specify the role another group member B must have in order to
successfully complete the protocol with A. Such extensions is what makes secret handshakes an interesting problem to work on. In this work, we extend
the flexibility of secret handshakes by allowing secret handshakes to be attribute-based which allows each party to specify the desired attributes of
the other. Furthermore, this extensions allows for approximate (or fuzzy) matching. We demonstrate the practicality and efficiency of our protocols by
evaluating a prototype implementation and integrating our dynamic matching protocol into IPsec.
Abstract
The need for communication privacy over public networks is of growing concern in today's society. As a result, privacy-preserving authentication and key exchange protocols have become critical primitives in building secure distributed systems. Secret handshakes provide such a service by allowing two members of the same group to secretly and privately authenticate to each other and agree on a shared key for further communication.
Secret handshakes were also designed to work with roles, so that a group member A can specify the role another group member B must have in order to
successfully complete the protocol with A. Such extensions is what makes secret handshakes an interesting problem to work on. In this work, we extend
the flexibility of secret handshakes by allowing secret handshakes to be attribute-based which allows each party to specify the desired attributes of
the other. Furthermore, this extensions allows for approximate (or fuzzy) matching. We demonstrate the practicality and efficiency of our protocols by
evaluating a prototype implementation and integrating our dynamic matching protocol into IPsec.