A Mobile World of Security

Security in mobile communications is a topic of increasing relevance in everyday life. We all use mobile devices for everyday communications, maybe even for exchanging confidential information with the work place. This requires security systems that are reliable and stable even though mobility and number of users are increasing. An established solution in today's systems is to use symmetric cryptographic systems by relying on pre-established secrets. There are a few drawbacks. The first problem is that all security information is stored in one central storage place. This implies that users are required to trust this storage place. They need to trust that data is properly handled and well protected. The mechanism of storing pre-established long-term secrets at a central storage also makes it vulnerable to adversaries. As soon as someone gains access to it, he automatically has access to all secret information necessary to capture communications. A second problem is that security mechanisms implemented in today's mobile communication systems were designed for a moderate number of users. Since then, the number of users has grown significantly and continues to do so. It would thus be desirable to have a system that is flexible in terms of the number of users it can handle. The third and maybe the most crucial problem is the fact that today's security systems rely on computational cryptography. This means that the security mechanisms in cellular communication systems were designed with limited computational power of the adversary in mind. However, the computational power of computers is growing and systems might be breakable in the near future. A complementary notion of security is information-theoretic security. Systems built in this spirit are unbreakable even with unlimited computational power. These systems exploit the knowledge of statistical properties of the environment. This means mainly that security systems can be proved to be secure with respect to assumptions on the correlated sources and with respect to the nature of the knowledge the adversary can gain. The main idea of information-theoretic security is that two communication partners have access to correlated random sources. An adversary being potentially present in the system, has only degraded access to the source. The common knowledge can be used in order to generate sequences that are very similar among each other. Because the adversary has access to the random source, he is able to generate his own version of the sequence. It is fundamental that the sequences of the communicationpartners are stronger correlated among each other than with respect to the adversary. This advantage in knowledge can be interpreted as a secret among the communication partners to the adversary. In communicating over an authenticated but public channel, this secret can be extracted from the original sequence by both parties. In order for both keys to be equal, the original sequences need to coincide. This

Graph Chatbot

Secure and Efficient Cryptographic Algorithms in a Quantum World

On the Theory and Practice of Modern Secure Messaging

Side-channel analysis of isogeny-based key encapsulation mechanisms and hash-based digital signatures

Secure and Efficient Cryptographic Algorithms in a Quantum World

On the Theory and Practice of Modern Secure Messaging

Side-channel analysis of isogeny-based key encapsulation mechanisms and hash-based digital signatures