WO2017135866A1 - Method and system for assurance of message integrity - Google Patents

Method and system for assurance of message integrity Download PDF

Info

Publication number
WO2017135866A1
WO2017135866A1 PCT/SE2017/050040 SE2017050040W WO2017135866A1 WO 2017135866 A1 WO2017135866 A1 WO 2017135866A1 SE 2017050040 W SE2017050040 W SE 2017050040W WO 2017135866 A1 WO2017135866 A1 WO 2017135866A1
Authority
WO
WIPO (PCT)
Prior art keywords
electronic device
message
signature
key shared
verifying
Prior art date
Application number
PCT/SE2017/050040
Other languages
French (fr)
Inventor
Aysajan Abidin
Ryan AMIRI
Erika ANDERSSON
Petros WALLDEN
Original Assignee
Itsecured Europe Ab
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from GBGB1601759.2A external-priority patent/GB201601759D0/en
Priority claimed from SE1650355A external-priority patent/SE542333C2/en
Application filed by Itsecured Europe Ab filed Critical Itsecured Europe Ab
Publication of WO2017135866A1 publication Critical patent/WO2017135866A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/123Applying verification of the received information received data contents, e.g. message integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/083Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/14Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms

Definitions

  • the present disclosure relates to a computer-implemented method for assurance of message integrity for a message transmitted within a network environment.
  • the disclosure also relates to a corresponding communication system and to a computer program product.
  • a digital signature is a cryptographic primitive that provides a means for a user or an entity to bind its identity to a piece of information.
  • a digital signature of a message is a sequence of bytes dependent on some secret known only to the signer, and, additionally, on the content of the message being signed. Such signatures must be verifiable, if a dispute arises as to whether a party signed the message.
  • the process of signing entails transforming the message and a key unique to a particular user into a tag called a digital signature.
  • a digital signature may be used to prove the identity of the sender and the integrity of data.
  • a recipient of a digitally signed message can use a verification rule associated with the digital signature scheme. Any attempt to modify the contents of the message or forge a signature will be detected when the signature is verified.
  • WO2010070459 provides an example within this area, specifically adapted for relaying messages between two or more radio transceivers in a radio network. Even though WO2010070459 provides a promising approach, the implementation is complicated and not specifically useful in when
  • the above is at least partly met by a computer-implemented method for assurance of message integrity for a message transmitted within a network environment, the network environment comprising a first, a second and a third electronic device connected by a network connection, the method comprising the steps of forming, at the first electronic device, the message, forming, at the first electronic device, a signature based on the message, a key shared between the first and the second electronic device and a key shared between the first and the third electronic device, transmitting the message and the signature from the first electronic device to the second electronic device, verifying, at the second electronic device, the signature, transmitting the message and the signature from the second electronic device to the third electronic device, verifying, at the third electronic device, the signature, wherein a successful verification at the third electronic device assures message integrity.
  • the present inventors have identified that it should be possible to in a trustful manner distribute and relay messages within a network environment comprising a plurality of electronic devices, without the absolute necessity of using a trusted third party as is commonly applied by prior-art solutions.
  • secrets may in some embodiments of the invention be shared directly between the electronic devices.
  • the keys applied for forming the signature may typically need fewer secret shared bits for achieving the same level of security as compared to prior-art solutions. This will accordingly result in shorter signatures and thus improves the computational efficiency of the disclosed method.
  • a first, a second and a third electronic device is comprised within the network environment. However, it should be understood that further electronic devices may be included. Keys must in such a case be shared between each of the electronic devices as will be further elaborated below.
  • the first electronic device also acts as entity of forming the keys to be shared between the electronic devices. This will accordingly result in that only the first electronic device may transmit a message to the second/third electronic device. It should however be understood that each of the second and the third electronic device may be configured in a similar manner and form keys to be shared between the remaining electronic devices. This will thus allow also the second/third electronic device to send messages to the remaining electronic devices.
  • the keys shared between the electronic devices are unconditionally secure keys. Communication using unconditional security will also for protection against all known attacks, as will be further elaborated below.
  • a communication system comprising a first, a second and a third electronic device connected by a network connection, wherein the communication system is configured for assurance of message integrity for a message transmitted between the electronic devices by forming, at the first electronic device, the message, forming, at the first electronic device, a signature based on the message, a key shared between the first and the second electronic device and a key shared between the first and the third electronic device, transmitting the message and the signature from the first electronic device to the second electronic device, verifying, at the second electronic device, the signature, transmitting the message and the signature from the second electronic device to the third electronic device, and verifying, at the third electronic device, the signature, wherein a successful verification at the third electronic device assures message integrity.
  • a computer program product comprising a computer program product comprising a computer readable medium having stored thereon computer program means for a communication system comprising a first, a second and a third electronic device connected by a network connection, wherein the communication system is configured for assurance of message integrity for a message transmitted between the electronic devices
  • the computer program product comprises code for forming, at the first electronic device, the message, code for forming, at the first electronic device, a signature based on the message, a key shared between the first and the second electronic device and a key shared between the first and the third electronic device, code for transmitting the message and the signature from the first electronic device to the second electronic device, code for verifying, at the second electronic device, the signature, code for transmitting the message and the signature from the second electronic device to the third electronic device, and code for verifying, at the third electronic device, the signature, wherein a successful verification at the third electronic
  • a software executed by the server for operation in accordance to the invention may be stored on a computer readable medium, being any type of memory device, including one of a removable nonvolatile random access memory, a hard disk drive, a floppy disk, a CD-ROM, a DVD-ROM, a USB memory, an SD memory card, or a similar computer readable medium known in the art.
  • Fig. 1 conceptually illustrates a network environment comprising a plurality of electronic devices, where the present concept may be applied;
  • Fig. 2 illustrates an exemplary secret key sharing scheme according to an embodiment of the invention.
  • Fig. 3 illustrates an exemplary messaging phase in line with a currently preferred embodiment of the invention.
  • a “receiver” is a party to an integral communication transaction that operates to receive a message, perhaps encrypted, from a sender.
  • a "sender” is a party to an integral communication transaction that operates to send a message to the receiver.
  • the message that is sent may in some embodiments of the invention be encrypted.
  • a “signature” means an electronic signature, which may comprise a digital electronic signature.
  • an electronic signature is the transformation of a message using a cryptosystem (e.g., an asymmetric cryptosystem) such that a machine having the initial message and the signer's public key can accurately determine whether the transformation was created using the private key that corresponds to the signer's public key, and whether the initial message has been altered since the transformation was made.
  • a "trusted third party” or TTP is an entity that facilitates interactions between two parties (e.g., a sender and a receiver) that both trust the third party. The parties that trust the TTP use this trust to secure their own interactions.
  • Embodiments of the invention can be implemented in a variety of architectural platforms, operating and server systems, devices, systems, nodes, and applications. Any particular architectural layout or implementation presented herein is thus provided for purposes of illustration and
  • the electronic devices 102, 104, 106 may for example include mobile phones, desktop computers, laptops, tablets, servers, etc.
  • the electronic devices 102, 104, 106 are connected to each other using a network communication (wired or wireless), such as using a WAN, LAN or an Internet connection.
  • the electronic devices 102, 104, 106 may be components of a wireless ad hoc network (WANET), being a decentralized type of wireless network.
  • the message may be sensor data collected (measured and/or received) e.g. by the first electronic 102.
  • the sensor data/message is then to be provided to an end node in a safe manner, where it is desirable to provide assurance of message integrity for the sensor data once received at the end node.
  • Exemplary implementations may for example include industry automation, military, agriculture, etc.
  • appropriate sensors may be connected to e.g. the first electronic device 102 and relayed by the second electronic device 104 to the third electronic device 106 (to a fourth electronic device, etc.).
  • a humidity level may be measured and relayed to the end node.
  • a typical implementation of the invention includes a setup phase and a messaging phase.
  • secret keys are shared between the electronic devices 102, 104, 106.
  • a first set of secret keys are shared between the first 102 and the second 104 electron device.
  • a second set of secret keys are also shared between the first 102 and the third 106 electronic device, as well as a third set of secret keys shared between the second 104 and the third 106 electronic device.
  • a plurality of functions are chosen from a set of universal hash functions for forming the sets of secret keys.
  • the first electronic device 102 is configured to generate the sets of secret keys.
  • a first portion of the secret keys (f-i , f 2 , ... , f 2 k) are provided from the first electronic device 102 to the second electronic device 104, and a second portion of the secret keys (f 2 k+i , f2k+2, ⁇ f k) are provided from the first electronic device 102 to the third electronic device 106.
  • the second electronic device 104 provides a subset of the first portion of secret keys to the third electronic device 106
  • the third electronic device 106 provides a subset of the second portion of secret of keys to the second electronic device 104.
  • the subsets of keys provided/received from the respective second 104 and third 106 electronic devices are selected in a predetermined manner, for example based on a predetermined selection scheme, randomly, semi-randomly, or in any similar way.
  • the portion/sets/subsets of secret keys are preferably shared between the electronic devices 102, 104, 106 in a secret manner, for example using a secure channel connecting the electronic devices 102, 104, 106.
  • the secure channel must not necessarily be the same communication channel (network) as used for communicating the message between the electronic devices 102, 104, 106.
  • the secret keys are generated "off line" in a manufacturing phase for the electronic devices 102, 104, 106.
  • Such an implementation could for example be useful in relation to the above mentioned ad hoc implementation of the invention. Accordingly, in such an implementation the electronic devices 102, 104, 106 will be preprogrammed with a plurality of secrets shared between each of the electronic devices 102, 104, 106. It should be understood that such an implementation would make it possible to allocate any of the electronic devices 102, 104, 106 as the electronic device arranged to collect/receive sensor data and relay onwards to any of the remaining electronic devices.
  • the term “key 1 " will correspond to the first portion of the secret keys shared between the first electronic device 102 and the second electronic device 104.
  • the term “key 2" will correspond to the second portion of the secret keys shared between the first electronic device 102 and the third electronic device 106.
  • the term “key 3” will correspond to the subsets of keys shared between the second electronic device 104 and the third electronic device 106.
  • the first electronic device 102 (denoted as the "sender") wants to send a message, m.
  • the message, m is to be provided to the second electronic device 104 (denoted as “receiver 1 ”) and then provided onwards to the third electronic device 106 (denoted as
  • receiver 2 e.g. being the end node for receiving the message.
  • the message, m is together with key 1 and key 2 provided to a signature generator for forming a digital signature as has been discussed above.
  • the message, m is then transmitted by the first electronic device 102 together with the digital signature to the second electronic device 104.
  • the second electronic device 104 receives the message-signature pair and verifies the signature using the secret keys "kept" by the second electronic device 104. As is understood, the second electronic device 104 will have both key 1 and key 3 available. The second electronic device 104 is to validate "all" of the keys included with key 1 and key 3.
  • the process stops and the message is rejected.
  • the message-signature pair is forwarded from the second electronic device 104 to the third electronic device 106.
  • the third electronic device 106 will in a similar manner validate the digital signature. As understood from the above, the third electronic device 106 will have key 2 and key 3 available. The third electronic device 106 will as in regards to the second electronic device 104 validate "all" of the keys included with key 2 and key 3. In case the validation turns out positively, the integrity of the message is kept. However, if the validation fails the message has been compromised and is thus rejected.
  • the key distribution (setup phase) must in such a case be scaled accordingly and keys is to be distributed between the plurality of electronic devices. For example, in case four electronic devices are included (the first electronic device again being the device forming the keys), keys are to be shared between the first and the second electronic device, the first and the third electronic device, the first and the fourth electronic device, and so on between the second, third and fourth electronic device.
  • keys are to be shared between the first and the second electronic device, the first and the third electronic device, the first and the fourth electronic device, and so on between the second, third and fourth electronic device.
  • the same concept may be applied if further electronic devices are introduced "along the line", e.g. where in an initial stage only three electronic devices are included and then increased to four electronic devices.
  • a computer-implemented method for assurance of message integrity for a message transmitted within a network environment comprising a first, a second and a third electronic device connected by a network connection
  • the method comprising the steps of forming, at the first electronic device, the message, forming, at the first electronic device, a signature based on the message, a key shared between the first and the second electronic device and a key shared between the first and the third electronic device, transmitting the message and the signature from the first electronic device to the second electronic device, verifying, at the second electronic device, the signature, transmitting the message and the signature from the second electronic device to the third electronic device, verifying, at the third electronic device, the signature, wherein a successful verification at the third electronic device assures message integrity.
  • Advantages with the invention includes the possibility of trustful communication within a network environment, where a message is to be relayed between a plurality of electronic devices with high necessity of assuring message integrity.
  • the present disclosure contemplates methods and program products on any machine-readable media for accomplishing various operations.
  • the embodiments of the present disclosure may be implemented using existing computer processors, or by a special purpose computer processor for an appropriate system, incorporated for this or another purpose, or by a hardwired system.
  • Embodiments within the scope of the present disclosure include program products comprising machine-readable media for carrying or having machine-executable instructions or data structures stored thereon.
  • Such machine-readable media can be any available media that can be accessed by a general purpose or special purpose computer or other machine with a processor.
  • machine-readable media can comprise RAM, ROM, EPROM, EEPROM, CD-ROM or other optical disk storage, magnetic disk storage or other magnetic storage devices, or any other medium which can be used to carry or store desired program code in the form of machine-executable instructions or data structures and which can be accessed by a general purpose or special purpose computer or other machine with a processor.
  • a network or another communications connection either hardwired, wireless, or a combination of hardwired or wireless
  • any such connection is properly termed a machine-readable medium.
  • Machine-executable instructions include, for example, instructions and data which cause a general purpose computer, special purpose computer, or special purpose processing machines to perform a certain function or group of functions.

Abstract

The present disclosure relates to a computer-implemented method for assurance of message integrity for a message transmitted within a network environment. The disclosure also relates to a corresponding communication system and to a computer program product.

Description

METHOD AND SYSTEM FOR ASSURANCE OF MESSAGE INTEGRITY
TECHNICAL FIELD
The present disclosure relates to a computer-implemented method for assurance of message integrity for a message transmitted within a network environment. The disclosure also relates to a corresponding communication system and to a computer program product.
BACKGROUND OF THE INVENTION
A digital signature is a cryptographic primitive that provides a means for a user or an entity to bind its identity to a piece of information. A digital signature of a message is a sequence of bytes dependent on some secret known only to the signer, and, additionally, on the content of the message being signed. Such signatures must be verifiable, if a dispute arises as to whether a party signed the message. The process of signing entails transforming the message and a key unique to a particular user into a tag called a digital signature. A digital signature may be used to prove the identity of the sender and the integrity of data. To verify the digital signature, a recipient of a digitally signed message can use a verification rule associated with the digital signature scheme. Any attempt to modify the contents of the message or forge a signature will be detected when the signature is verified.
In some instances it may be desirable to allow a signed message to be read by a first recipient and then relayed to a second recipient, where the second recipient should be able to trust that the message was originating from a specific sender. That is, it will be desirable for the second recipient to be able to trust that the first recipient has not changed the message before its relay.
Known implementations of such a strategy may be useful e.g. in hierarchal environments, such as for example in a military application.
WO2010070459 provides an example within this area, specifically adapted for relaying messages between two or more radio transceivers in a radio network. Even though WO2010070459 provides a promising approach, the implementation is complicated and not specifically useful in when
transmitting/receiving messages in a general network environment.
Accordingly, it would be desirable to provide further improvements as to trusted communication within a network environment, allowing assurance of message integrity while at the same time keeping the computational complexity to a minimum.
SUMMARY OF THE INVENTION
According to a first aspect of the disclosure, the above is at least partly met by a computer-implemented method for assurance of message integrity for a message transmitted within a network environment, the network environment comprising a first, a second and a third electronic device connected by a network connection, the method comprising the steps of forming, at the first electronic device, the message, forming, at the first electronic device, a signature based on the message, a key shared between the first and the second electronic device and a key shared between the first and the third electronic device, transmitting the message and the signature from the first electronic device to the second electronic device, verifying, at the second electronic device, the signature, transmitting the message and the signature from the second electronic device to the third electronic device, verifying, at the third electronic device, the signature, wherein a successful verification at the third electronic device assures message integrity.
The present inventors have identified that it should be possible to in a trustful manner distribute and relay messages within a network environment comprising a plurality of electronic devices, without the absolute necessity of using a trusted third party as is commonly applied by prior-art solutions.
Rather, secrets may in some embodiments of the invention be shared directly between the electronic devices.
In accordance to the invention, the keys applied for forming the signature may typically need fewer secret shared bits for achieving the same level of security as compared to prior-art solutions. This will accordingly result in shorter signatures and thus improves the computational efficiency of the disclosed method. In the above discussion, only a first, a second and a third electronic device is comprised within the network environment. However, it should be understood that further electronic devices may be included. Keys must in such a case be shared between each of the electronic devices as will be further elaborated below.
In an implementation of the invention, the first electronic device also acts as entity of forming the keys to be shared between the electronic devices. This will accordingly result in that only the first electronic device may transmit a message to the second/third electronic device. It should however be understood that each of the second and the third electronic device may be configured in a similar manner and form keys to be shared between the remaining electronic devices. This will thus allow also the second/third electronic device to send messages to the remaining electronic devices.
Preferably, the keys shared between the electronic devices are unconditionally secure keys. Communication using unconditional security will also for protection against all known attacks, as will be further elaborated below.
According to a second aspect of the disclosure there is provided a communication system comprising a first, a second and a third electronic device connected by a network connection, wherein the communication system is configured for assurance of message integrity for a message transmitted between the electronic devices by forming, at the first electronic device, the message, forming, at the first electronic device, a signature based on the message, a key shared between the first and the second electronic device and a key shared between the first and the third electronic device, transmitting the message and the signature from the first electronic device to the second electronic device, verifying, at the second electronic device, the signature, transmitting the message and the signature from the second electronic device to the third electronic device, and verifying, at the third electronic device, the signature, wherein a successful verification at the third electronic device assures message integrity. This aspect of the invention provides similar advantages as discussed above in relation to the first aspect of the disclosure. According to a third aspect of the disclosure there is provided a computer program product comprising a computer program product comprising a computer readable medium having stored thereon computer program means for a communication system comprising a first, a second and a third electronic device connected by a network connection, wherein the communication system is configured for assurance of message integrity for a message transmitted between the electronic devices, wherein the computer program product comprises code for forming, at the first electronic device, the message, code for forming, at the first electronic device, a signature based on the message, a key shared between the first and the second electronic device and a key shared between the first and the third electronic device, code for transmitting the message and the signature from the first electronic device to the second electronic device, code for verifying, at the second electronic device, the signature, code for transmitting the message and the signature from the second electronic device to the third electronic device, and code for verifying, at the third electronic device, the signature, wherein a successful verification at the third electronic device assures message integrity. Also this aspect of the invention provides similar advantages as discussed above in relation to the first and second aspects of the disclosure.
A software executed by the server for operation in accordance to the invention may be stored on a computer readable medium, being any type of memory device, including one of a removable nonvolatile random access memory, a hard disk drive, a floppy disk, a CD-ROM, a DVD-ROM, a USB memory, an SD memory card, or a similar computer readable medium known in the art.
Further features of, and advantages with, the present disclosure will become apparent when studying the appended claims and the following description. The skilled addressee realize that different features of the present disclosure may be combined to create embodiments other than those described in the following, without departing from the scope of the present disclosure.
Some portions of the detailed descriptions which follow are presented in terms of algorithms and symbolic representations of operations. These algorithmic descriptions and representations are the means used by those skilled in the data processing arts to most effectively convey the substance of their work to others skilled in the art. An algorithm is here, and generally, conceived to be a self-consistent sequence of steps leading to a desired result. The steps are those requiring physical manipulations of physical quantities. Usually, though not necessarily, these quantities take the form of electrical or magnetic signals capable of being stored, transferred, combined, compared, and otherwise manipulated. It has proven convenient at times, principally for reasons of common usage, to refer to these signals as bits, values, elements, symbols, characters, terms, numbers, or the like.
It should be borne in mind, however, that all of these and similar terms are to be associated with the appropriate physical quantities and are merely convenient labels applied to these quantities. Unless specifically stated otherwise as apparent from the following discussion, it is appreciated that throughout the description, discussions utilizing terms such as "processing" or "computing" or "calculating" or "determining" or "displaying" or the like, refer to the action and processes of a computer system, or similar electronic computing device, that manipulates and transforms data represented as physical (electronic) quantities within the computer system's registers and memories into other data similarly represented as physical quantities within the computer system memories or registers or other such information storage, transmission or display devices.
The algorithms and displays presented herein are not inherently related to any particular computer or other apparatus. Various general purpose systems may be used with programs in accordance with the teachings herein, or it may prove convenient to construct more specialized apparatus to perform the required method steps. The required structure for a variety of these systems will appear from the description below. In addition, the present invention is not described with reference to any particular programming language. It will be appreciated that a variety of programming languages may be used to implement the teachings of the invention as described herein. BRIEF DESCRIPTION OF THE DRAWINGS
The various aspects of the disclosure, including its particular features and advantages, will be readily understood from the following detailed description and the accompanying drawings, in which:
Fig. 1 conceptually illustrates a network environment comprising a plurality of electronic devices, where the present concept may be applied;
Fig. 2 illustrates an exemplary secret key sharing scheme according to an embodiment of the invention; and
Fig. 3 illustrates an exemplary messaging phase in line with a currently preferred embodiment of the invention.
DETAILED DESCRIPTION
The present disclosure will now be described more fully hereinafter with reference to the accompanying drawings, in which example
embodiments of the disclosure are shown. This disclosure may, however, be embodied in many different forms and should not be construed as limited to the embodiments set forth herein; rather, these embodiments are provided for thoroughness and completeness, and fully convey the scope of the disclosure to the skilled addressee. Like reference characters refer to like elements throughout.
A "receiver" is a party to an integral communication transaction that operates to receive a message, perhaps encrypted, from a sender.
A "sender" is a party to an integral communication transaction that operates to send a message to the receiver. The message that is sent may in some embodiments of the invention be encrypted.
A "signature" means an electronic signature, which may comprise a digital electronic signature. Thus, an example of an electronic signature is the transformation of a message using a cryptosystem (e.g., an asymmetric cryptosystem) such that a machine having the initial message and the signer's public key can accurately determine whether the transformation was created using the private key that corresponds to the signer's public key, and whether the initial message has been altered since the transformation was made. A "trusted third party" or TTP is an entity that facilitates interactions between two parties (e.g., a sender and a receiver) that both trust the third party. The parties that trust the TTP use this trust to secure their own interactions.
Embodiments of the invention can be implemented in a variety of architectural platforms, operating and server systems, devices, systems, nodes, and applications. Any particular architectural layout or implementation presented herein is thus provided for purposes of illustration and
comprehension only, and is not intended to limit the various embodiments.
With further reference to the drawings and to Fig. 1 in particular, the following description is given with the idea of transmitting a message from a first electronic device 102 to a second electronic device 104. The message will then be further relayed to a third electronic device 106. It should of course be understood that further electronic devices may be included. The electronic devices 102, 104, 106 may for example include mobile phones, desktop computers, laptops, tablets, servers, etc. The electronic devices 102, 104, 106 are connected to each other using a network communication (wired or wireless), such as using a WAN, LAN or an Internet connection.
Possibly, the electronic devices 102, 104, 106 may be components of a wireless ad hoc network (WANET), being a decentralized type of wireless network. In such an implementation the message may be sensor data collected (measured and/or received) e.g. by the first electronic 102. The sensor data/message is then to be provided to an end node in a safe manner, where it is desirable to provide assurance of message integrity for the sensor data once received at the end node. Exemplary implementations may for example include industry automation, military, agriculture, etc. In each of such implementations appropriate sensors may be connected to e.g. the first electronic device 102 and relayed by the second electronic device 104 to the third electronic device 106 (to a fourth electronic device, etc.). In an
agriculture implementation e.g. a humidity level may be measured and relayed to the end node.
A typical implementation of the invention includes a setup phase and a messaging phase. In the setup phase, with further reference to Fig. 2, secret keys are shared between the electronic devices 102, 104, 106. Specifically, a first set of secret keys are shared between the first 102 and the second 104 electron device. A second set of secret keys are also shared between the first 102 and the third 106 electronic device, as well as a third set of secret keys shared between the second 104 and the third 106 electronic device.
In accordance to the invention, a plurality of functions (f-i , f2, f4k) are chosen from a set of universal hash functions for forming the sets of secret keys. In the described implementation the first electronic device 102 is configured to generate the sets of secret keys. A first portion of the secret keys (f-i , f2, ... , f2k) are provided from the first electronic device 102 to the second electronic device 104, and a second portion of the secret keys (f2k+i , f2k+2, ■■ f k) are provided from the first electronic device 102 to the third electronic device 106. In addition, the second electronic device 104 provides a subset of the first portion of secret keys to the third electronic device 106, and the third electronic device 106 provides a subset of the second portion of secret of keys to the second electronic device 104.
Preferably, the subsets of keys provided/received from the respective second 104 and third 106 electronic devices are selected in a predetermined manner, for example based on a predetermined selection scheme, randomly, semi-randomly, or in any similar way.
The portion/sets/subsets of secret keys are preferably shared between the electronic devices 102, 104, 106 in a secret manner, for example using a secure channel connecting the electronic devices 102, 104, 106. The secure channel must not necessarily be the same communication channel (network) as used for communicating the message between the electronic devices 102, 104, 106.
In a possible embodiment of the invention, the secret keys are generated "off line" in a manufacturing phase for the electronic devices 102, 104, 106. Such an implementation could for example be useful in relation to the above mentioned ad hoc implementation of the invention. Accordingly, in such an implementation the electronic devices 102, 104, 106 will be preprogrammed with a plurality of secrets shared between each of the electronic devices 102, 104, 106. It should be understood that such an implementation would make it possible to allocate any of the electronic devices 102, 104, 106 as the electronic device arranged to collect/receive sensor data and relay onwards to any of the remaining electronic devices.
In Fig. 2 (and Fig. 3), the term "key 1 " will correspond to the first portion of the secret keys shared between the first electronic device 102 and the second electronic device 104. Similarly, the term "key 2" will correspond to the second portion of the secret keys shared between the first electronic device 102 and the third electronic device 106. Finally, the term "key 3" will correspond to the subsets of keys shared between the second electronic device 104 and the third electronic device 106.
With further reference to Fig. 3, there is provided an example of the messaging phase implemented in line with the inventive concept. In the illustration provided in line with Fig. 3, the first electronic device 102 (denoted as the "sender") wants to send a message, m. The message, m, is to be provided to the second electronic device 104 (denoted as "receiver 1 ") and then provided onwards to the third electronic device 106 (denoted as
"receiver 2", e.g. being the end node for receiving the message).
The message, m, is together with key 1 and key 2 provided to a signature generator for forming a digital signature as has been discussed above. The message, m, is then transmitted by the first electronic device 102 together with the digital signature to the second electronic device 104.
The second electronic device 104 receives the message-signature pair and verifies the signature using the secret keys "kept" by the second electronic device 104. As is understood, the second electronic device 104 will have both key 1 and key 3 available. The second electronic device 104 is to validate "all" of the keys included with key 1 and key 3.
In case the digital signature is determined not to be valid, the process stops and the message is rejected. However, in case the digital signature is determined to be valid, the message-signature pair is forwarded from the second electronic device 104 to the third electronic device 106.
The third electronic device 106 will in a similar manner validate the digital signature. As understood from the above, the third electronic device 106 will have key 2 and key 3 available. The third electronic device 106 will as in regards to the second electronic device 104 validate "all" of the keys included with key 2 and key 3. In case the validation turns out positively, the integrity of the message is kept. However, if the validation fails the message has been compromised and is thus rejected.
As was explained above, more than three electronic devices 102, 104,
106 may be included for performing the inventive method. The key distribution (setup phase) must in such a case be scaled accordingly and keys is to be distributed between the plurality of electronic devices. For example, in case four electronic devices are included (the first electronic device again being the device forming the keys), keys are to be shared between the first and the second electronic device, the first and the third electronic device, the first and the fourth electronic device, and so on between the second, third and fourth electronic device. The same concept may be applied if further electronic devices are introduced "along the line", e.g. where in an initial stage only three electronic devices are included and then increased to four electronic devices.
In summary, there is provided a computer-implemented method for assurance of message integrity for a message transmitted within a network environment, the network environment comprising a first, a second and a third electronic device connected by a network connection, the method comprising the steps of forming, at the first electronic device, the message, forming, at the first electronic device, a signature based on the message, a key shared between the first and the second electronic device and a key shared between the first and the third electronic device, transmitting the message and the signature from the first electronic device to the second electronic device, verifying, at the second electronic device, the signature, transmitting the message and the signature from the second electronic device to the third electronic device, verifying, at the third electronic device, the signature, wherein a successful verification at the third electronic device assures message integrity.
Advantages with the invention includes the possibility of trustful communication within a network environment, where a message is to be relayed between a plurality of electronic devices with high necessity of assuring message integrity.
The present disclosure contemplates methods and program products on any machine-readable media for accomplishing various operations. The embodiments of the present disclosure may be implemented using existing computer processors, or by a special purpose computer processor for an appropriate system, incorporated for this or another purpose, or by a hardwired system. Embodiments within the scope of the present disclosure include program products comprising machine-readable media for carrying or having machine-executable instructions or data structures stored thereon. Such machine-readable media can be any available media that can be accessed by a general purpose or special purpose computer or other machine with a processor. By way of example, such machine-readable media can comprise RAM, ROM, EPROM, EEPROM, CD-ROM or other optical disk storage, magnetic disk storage or other magnetic storage devices, or any other medium which can be used to carry or store desired program code in the form of machine-executable instructions or data structures and which can be accessed by a general purpose or special purpose computer or other machine with a processor. When information is transferred or provided over a network or another communications connection (either hardwired, wireless, or a combination of hardwired or wireless) to a machine, the machine properly views the connection as a machine-readable medium. Thus, any such connection is properly termed a machine-readable medium. Combinations of the above are also included within the scope of machine-readable media. Machine-executable instructions include, for example, instructions and data which cause a general purpose computer, special purpose computer, or special purpose processing machines to perform a certain function or group of functions.
Although the figures may show a specific order of method steps, the order of the steps may differ from what is depicted. Also two or more steps may be performed concurrently or with partial concurrence. Such variation will depend on the software and hardware systems chosen and on designer choice. All such variations are within the scope of the disclosure. Likewise, software implementations could be accomplished with standard programming techniques with rule based logic and other logic to accomplish the various connection steps, processing steps, comparison steps and decision steps. Additionally, even though the invention has been described with reference to specific exemplifying embodiments thereof, many different alterations, modifications and the like will become apparent for those skilled in the art. Variations to the disclosed embodiments can be understood and effected by the skilled addressee in practicing the claimed invention, from a study of the drawings, the disclosure, and the appended claims. Furthermore, in the claims, the word "comprising" does not exclude other elements or steps, and the indefinite article "a" or "an" does not exclude a plurality.

Claims

1 . A computer-implemented method for assurance of message integrity for a message transmitted within a network environment, the network environment comprising a first, a second and a third electronic device connected by a network connection, the method comprising the steps of:
- forming, at the first electronic device, the message;
- forming, at the first electronic device, a signature based on the message, a key shared between the first and the second electronic device and a key shared between the first and the third electronic device;
- transmitting the message and the signature from the first electronic device to the second electronic device;
- verifying, at the second electronic device, the signature;
- transmitting the message and the signature from the second electronic device to the third electronic device; and
- verifying, at the third electronic device, the signature,
wherein a successful verification at the third electronic device assures message integrity.
2. The method according to claim 1 , wherein:
- the step of verifying, at the second electronic device, the signature is performed using the key shared between the first and the second electronic device, and
- the step of verifying, at the third electronic device, the signature, is performed using the key shared between the first and the third electronic device.
3. The method according to claim 1 , wherein the second electronic device is arranged to have access to the key shared between the first and the second electronic device, and the third electronic device is arranged to have access to the key shared between the first and the third electronic device.
4. The method according to any one of claims 2 and 3, further comprising the steps of:
- forming, at first electronic device, a plurality of functions (f-i , f2, ... , f4k) from a set of universal hash functions;
- providing a portion (fi , f2, ... , f2k) of the plurality of functions to the second electronic device; and
- providing a portion (f2k+i , f2k+2, ■■■ f k) of the plurality of functions to the third electronic device,
wherein the plurality of functions represents the key shared between the first and the second electronic device, and the third electronic device is arranged to have access to the key shared between the first and the third electronic device, respectively.
5. The method according to claim 4, wherein step of forming the signature is further based on the plurality of functions representing the keys shared between the first, second and third electronic device.
6. The method according to claim 5, wherein the step of verifying the signature at the second electronic device comprises verifying all of the portion of the plurality of functions representing the key shared between the first and the second electronic device.
7. The method according to any one of claims 4 - 6, wherein the plurality of functions representing the keys are provided to the second and the third electronic device, respectively, over a secure channel.
8. The method according to any one of claims 4 - 7, further comprising the steps of:
- selecting a subset of the portion (f-i , f2, ... , f2k) of the plurality of functions provided to the second electronic device;
- providing the set of functions to the third electronic device.
9. The method according to claim 8, wherein the set of functions is randomly selected.
10. The method according to claim 1 , wherein the key shared between the first and the second electronic device, and the key shared between the first and the third electronic device are provided by a further party comprised within the network environment.
11 The method according to claim 10, wherein the further party is a trusted third party.
12. The method according to any one of the preceding claims, wherein the first, second and third electronic device represent a predefined group of electronic device.
13. The method according to any one of the preceding claims, wherein the keys shared between first, second and third electronic device are unconditionally secured keys.
14. A communication system comprising a first, a second and a third electronic device connected by a network connection, wherein the
communication system is configured for assurance of message integrity for a message transmitted between the electronic devices by:
- forming, at the first electronic device, the message;
- forming, at the first electronic device, a signature based on the message, a key shared between the first and the second electronic device and a key shared between the first and the third electronic device;
- transmitting the message and the signature from the first electronic device to the second electronic device;
- verifying, at the second electronic device, the signature;
- transmitting the message and the signature from the second electronic device to the third electronic device; and - verifying, at the third electronic device, the signature,
wherein a successful verification at the third electronic device assures message integrity.
15. The communication system according to claim 14, wherein:
- verifying, at the second electronic device, the signature is performed using the key shared between the first and the second electronic device, and
- verifying, at the third electronic device, the signature, is performed using the key shared between the first and the third electronic device.
16. The communication system according to claim 15, wherein at least one of the first, the second and the third electronic device is a client device. 17 A computer program product comprising a computer readable medium having stored thereon computer program means for a
communication system comprising a first, a second and a third electronic device connected by a network connection, wherein the communication system is configured for assurance of message integrity for a message transmitted between the electronic devices, wherein the computer program product comprises:
- code for forming, at the first electronic device, the message;
- code for forming, at the first electronic device, a signature based on the message, a key shared between the first and the second electronic device and a key shared between the first and the third electronic device;
- code for transmitting the message and the signature from the first electronic device to the second electronic device;
- code for verifying, at the second electronic device, the signature;
- code for transmitting the message and the signature from the second electronic device to the third electronic device; and
- code for verifying, at the third electronic device, the signature, wherein a successful verification at the third electronic device assures message integrity.
PCT/SE2017/050040 2016-02-01 2017-01-17 Method and system for assurance of message integrity WO2017135866A1 (en)

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
GB1601759.2 2016-02-01
GBGB1601759.2A GB201601759D0 (en) 2016-02-03 2016-02-03 Method and system for assurance of message integrity
SE1650355-9 2016-03-16
SE1650355A SE542333C2 (en) 2016-03-16 2016-03-16 Method and system for assurance of message integrity

Publications (1)

Publication Number Publication Date
WO2017135866A1 true WO2017135866A1 (en) 2017-08-10

Family

ID=59501646

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/SE2017/050040 WO2017135866A1 (en) 2016-02-01 2017-01-17 Method and system for assurance of message integrity

Country Status (1)

Country Link
WO (1) WO2017135866A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113132091A (en) * 2019-12-31 2021-07-16 华为技术有限公司 Method for sharing equipment and electronic equipment

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20080144835A1 (en) * 2006-12-13 2008-06-19 Roy Suman S R Modeling a sensor network design to secure a network against attack

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20080144835A1 (en) * 2006-12-13 2008-06-19 Roy Suman S R Modeling a sensor network design to secure a network against attack

Non-Patent Citations (4)

* Cited by examiner, † Cited by third party
Title
HANAOKA, G. ET AL.: "Efficient unconditionally secure digital signatures", IEICE TRANSACTIONS ON FUNDAMENTALS OF ELECTRONICS, COMMUNICATIONS AND COMPUTER SCIENCES, vol. 87, no. 1, 2004, pages 120, XP001185966 *
M. RAMKUMAR ET AL.: "An efficient key predistribution scheme for ad hoc network security", IEEE JOURNAL ON SELECTED AREAS IN COMMUNICATIONS, vol. 23, no. 3, March 2005 (2005-03-01), pages 611 - 621, XP011127639 *
M. RAMKUMAR: "An Efficient Broadcast Authentication Scheme for Ad Hoc Routing Protocols", IEEE INTERNATIONAL CONFERENCE ON COMMUNICATIONS, 2006, Istanbul, pages 2231 - 2236, XP031025396 *
SHAMIR, A.: "How to share a secret", COMMUNICATIONS OF THE ACM, vol. 22, no. 11, 1979, pages 612 - 613, XP058098024 *

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113132091A (en) * 2019-12-31 2021-07-16 华为技术有限公司 Method for sharing equipment and electronic equipment
CN113132091B (en) * 2019-12-31 2022-06-10 华为技术有限公司 Method for sharing equipment and electronic equipment

Similar Documents

Publication Publication Date Title
US20230231711A1 (en) Blockchain-implemented method and system
US9800411B1 (en) Using a secret generator in an elliptic curve cryptography (ECC) digital signature scheme
US9268968B2 (en) Credential validation
EP3681093B1 (en) Secure implicit certificate chaining
EP3831012B1 (en) Bidirectional blockchain
CN109714168A (en) Trusted remote method of proof, device and system
Saqib et al. A lightweight three factor authentication framework for IoT based critical applications
CN103733564A (en) Digital signatures with implicit certificate chains
Chow et al. Server-aided signatures verification secure against collusion attack
CN110912920A (en) Data processing method, apparatus and medium
CN112436938B (en) Digital signature generation method and device and server
US20170070348A1 (en) System and method of mixed multivariate digital signature
EP3779932A1 (en) Blockchain network and establishment method therefor
CN112380584A (en) Block chain data updating method and device, electronic equipment and storage medium
US11190345B2 (en) Email verification
CN116346328A (en) Digital signature method, system, equipment and computer readable storage medium
CN116566626A (en) Ring signature method and apparatus
WO2017135866A1 (en) Method and system for assurance of message integrity
CN117157938A (en) Agile password deployment service
CN114117388A (en) Device registration method, device registration apparatus, electronic device, and storage medium
SE542333C2 (en) Method and system for assurance of message integrity
Ashraf et al. Lightweight and authentic symmetric session key cryptosystem for client–server mobile communication
Ali et al. An authenticated group shared key mechanism based on a combiner for hash functions over the industrial internet of things
JP5001968B2 (en) Certificate authority setting device and certificate authority setting method for setting a certificate authority that guarantees the validity of the public key of each user in a social network
KR102375785B1 (en) Techniques for group signature

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 17747867

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 17747867

Country of ref document: EP

Kind code of ref document: A1