| dc.contributor.author | Bowers, Kevin D. | |
| dc.contributor.author | Juels, Ari | |
| dc.contributor.author | Rivest, Ronald L. | |
| dc.contributor.author | Shen, Emily H. | |
| dc.date.accessioned | 2015-02-06T13:32:34Z | |
| dc.date.available | 2015-02-06T13:32:34Z | |
| dc.date.issued | 2013-04 | |
| dc.identifier.isbn | 978-1-4673-5946-7 | |
| dc.identifier.isbn | 978-1-4673-5944-3 | |
| dc.identifier.isbn | 978-1-4673-5945-0 | |
| dc.identifier.issn | 0743-166X | |
| dc.identifier.uri | http://hdl.handle.net/1721.1/93880 | |
| dc.description.abstract | We introduce Drifting Keys (DKs), a simple new approach to detecting device impersonation. DKs enable detection of complete compromise by an attacker of the device and its secret state, e.g., cryptographic keys. A DK evolves within a device randomly over time. Thus an attacker will create DKs that randomly diverge from those in the original, valid device over time, alerting a trusted verifier to the attack. DKs may be transmitted unidirectionally from a device, eliminating interaction between the device and verifier. Device emissions of DK values can be quite compact - even just a single bit - and DK evolution and emission require minimal computation. Thus DKs are well suited for highly constrained devices, such as sensors and hardware authentication tokens. We offer a formal adversarial model for DKs, and present a simple scheme that we prove essentially optimal (undominated) for a natural class of attack timelines. We explore application of this scheme to one-time passcode authentication tokens. Using the logs of a large enterprise, we experimentally study the effectiveness of DKs in detecting the compromise of such tokens. | en_US |
| dc.language.iso | en_US | |
| dc.publisher | Institute of Electrical and Electronics Engineers (IEEE) | en_US |
| dc.relation.isversionof | http://dx.doi.org/10.1109/INFCOM.2013.6566892 | en_US |
| dc.rights | Creative Commons Attribution-Noncommercial-Share Alike | en_US |
| dc.rights.uri | http://creativecommons.org/licenses/by-nc-sa/4.0/ | en_US |
| dc.source | Prof. Rivest via Chris Sherratt | en_US |
| dc.title | Drifting Keys: Impersonation detection for constrained devices | en_US |
| dc.type | Article | en_US |
| dc.identifier.citation | Bowers, Kevin D., Ari Juels, Ronald L. Rivest, and Emily Shen. “Drifting Keys: Impersonation Detection for Constrained Devices.” 2013 Proceedings IEEE INFOCOM (April 2013). | en_US |
| dc.contributor.department | Lincoln Laboratory | en_US |
| dc.contributor.department | Massachusetts Institute of Technology. Computer Science and Artificial Intelligence Laboratory | en_US |
| dc.contributor.department | Massachusetts Institute of Technology. Department of Electrical Engineering and Computer Science | en_US |
| dc.contributor.approver | Rivest, Ronald L. | en_US |
| dc.contributor.mitauthor | Rivest, Ronald L. | en_US |
| dc.contributor.mitauthor | Shen, Emily H. | en_US |
| dc.relation.journal | Proceedings of the 2013 IEEE INFOCOM | en_US |
| dc.eprint.version | Author's final manuscript | en_US |
| dc.type.uri | http://purl.org/eprint/type/ConferencePaper | en_US |
| eprint.status | http://purl.org/eprint/status/NonPeerReviewed | en_US |
| dspace.orderedauthors | Bowers, Kevin D.; Juels, Ari; Rivest, Ronald L.; Shen, Emily | en_US |
| dc.identifier.orcid | https://orcid.org/0000-0002-7105-3690 | |
| mit.license | OPEN_ACCESS_POLICY | en_US |
| mit.metadata.status | Complete | |
