BLIND: A complete identity protection framework for end-points

Jukka Ylitalo; Pekka Nikander; Matt Blaze; Pasi Eronen

BLIND: A complete identity protection framework for end-points

Jukka Ylitalo^*, Pekka Nikander, Matt Blaze, Pasi Eronen

^*Tämän työn vastaava kirjoittaja

Ei julkaistu Aalto-yliopiston affiliaatiolla

Tutkimustuotos: Artikkeli kirjassa/konferenssijulkaisussa › Conference contribution › Scientific › vertaisarvioitu

9 Sitaatiot (Scopus)

Abstrakti

In this paper, we present a security framework that provides identity protection against active and passive attacks for end-points. The framework is based on a two-round-trip authenticated Diffie-Hellman key exchange protocol that identifies the end-points to each other and creates a security association between the peers. The protocol hides the public key based identifiers from attackers and eavesdroppers by blinding the identifiers. We complete the identity protection by offering location privacy with forwarding agents. To our knowledge, our privacy enhanced protocol is the first denial-of-service resistant two-round-trip key exchange protocol that offers identity protection for both communicating peers.

Alkuperäiskieli	Englanti
Otsikko	Security Protocols - 12th International Workshop, Revised Selected Papers
Kustantaja	Springer Verlag
Sivut	163-178
Sivumäärä	16
ISBN (painettu)	3540409254, 9783540409250
Tila	Julkaistu - 1 tammikuuta 2006
OKM-julkaisutyyppi	A4 Artikkeli konferenssijulkaisuussa
Tapahtuma	International Security Protocols Workshop - Cambridge, Iso-Britannia Kesto: 26 huhtikuuta 2004 → 28 huhtikuuta 2004

Julkaisusarja

Nimi	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Vuosikerta	3957 LNCS
ISSN (painettu)	0302-9743
ISSN (elektroninen)	1611-3349

Workshop

Workshop	International Security Protocols Workshop
Maa	Iso-Britannia
Kaupunki	Cambridge
Ajanjakso	26/04/2004 → 28/04/2004

Pääsy asiakirjaan

Link to publication in Scopus

Sormenjälki Sukella tutkimusaiheisiin 'BLIND: A complete identity protection framework for end-points'. Ne muodostavat yhdessä ainutlaatuisen sormenjäljen.

Siteeraa tätä

Ylitalo, J., Nikander, P., Blaze, M., & Eronen, P. (2006). BLIND: A complete identity protection framework for end-points. teoksessa Security Protocols - 12th International Workshop, Revised Selected Papers (Sivut 163-178). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vuosikerta 3957 LNCS). Springer Verlag.

Ylitalo, Jukka ; Nikander, Pekka ; Blaze, Matt ; Eronen, Pasi. / BLIND : A complete identity protection framework for end-points. Security Protocols - 12th International Workshop, Revised Selected Papers. Springer Verlag, 2006. Sivut 163-178 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inproceedings{1e2f9f32605841c79281d8accfe6bc16,

title = "BLIND: A complete identity protection framework for end-points",

abstract = "In this paper, we present a security framework that provides identity protection against active and passive attacks for end-points. The framework is based on a two-round-trip authenticated Diffie-Hellman key exchange protocol that identifies the end-points to each other and creates a security association between the peers. The protocol hides the public key based identifiers from attackers and eavesdroppers by blinding the identifiers. We complete the identity protection by offering location privacy with forwarding agents. To our knowledge, our privacy enhanced protocol is the first denial-of-service resistant two-round-trip key exchange protocol that offers identity protection for both communicating peers.",

author = "Jukka Ylitalo and Pekka Nikander and Matt Blaze and Pasi Eronen",

year = "2006",

month = jan,

day = "1",

language = "English",

isbn = "3540409254",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

publisher = "Springer Verlag",

pages = "163--178",

booktitle = "Security Protocols - 12th International Workshop, Revised Selected Papers",

address = "Germany",

note = "International Security Protocols Workshop ; Conference date: 26-04-2004 Through 28-04-2004",

}

Ylitalo, J, Nikander, P, Blaze, M & Eronen, P 2006, BLIND: A complete identity protection framework for end-points. julkaisussa Security Protocols - 12th International Workshop, Revised Selected Papers. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), Vuosikerta 3957 LNCS, Springer Verlag, Sivut 163-178, International Security Protocols Workshop, Cambridge, Iso-Britannia, 26/04/2004.

BLIND : A complete identity protection framework for end-points. / Ylitalo, Jukka; Nikander, Pekka; Blaze, Matt; Eronen, Pasi.

Security Protocols - 12th International Workshop, Revised Selected Papers. Springer Verlag, 2006. s. 163-178 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vuosikerta 3957 LNCS).

Tutkimustuotos: Artikkeli kirjassa/konferenssijulkaisussa › Conference contribution › Scientific › vertaisarvioitu

TY - GEN

T1 - BLIND

T2 - International Security Protocols Workshop

AU - Ylitalo, Jukka

AU - Nikander, Pekka

AU - Blaze, Matt

AU - Eronen, Pasi

PY - 2006/1/1

Y1 - 2006/1/1

N2 - In this paper, we present a security framework that provides identity protection against active and passive attacks for end-points. The framework is based on a two-round-trip authenticated Diffie-Hellman key exchange protocol that identifies the end-points to each other and creates a security association between the peers. The protocol hides the public key based identifiers from attackers and eavesdroppers by blinding the identifiers. We complete the identity protection by offering location privacy with forwarding agents. To our knowledge, our privacy enhanced protocol is the first denial-of-service resistant two-round-trip key exchange protocol that offers identity protection for both communicating peers.

AB - In this paper, we present a security framework that provides identity protection against active and passive attacks for end-points. The framework is based on a two-round-trip authenticated Diffie-Hellman key exchange protocol that identifies the end-points to each other and creates a security association between the peers. The protocol hides the public key based identifiers from attackers and eavesdroppers by blinding the identifiers. We complete the identity protection by offering location privacy with forwarding agents. To our knowledge, our privacy enhanced protocol is the first denial-of-service resistant two-round-trip key exchange protocol that offers identity protection for both communicating peers.

UR - http://www.scopus.com/inward/record.url?scp=33749665654&partnerID=8YFLogxK

M3 - Conference contribution

AN - SCOPUS:33749665654

SN - 3540409254

SN - 9783540409250

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 163

EP - 178

BT - Security Protocols - 12th International Workshop, Revised Selected Papers

PB - Springer Verlag

Y2 - 26 April 2004 through 28 April 2004

ER -