secure ad hoc networks - Isis Project No 2931
A new technology for bootstrapping secure networks that does not rely on pre-existing keys, a public key infrastructure or trusted third parties.
Maintaining privacy over computer networks is a difficult problem, which has been further complicated by the growing number of devices (laptops, mobile phones, PDAs, MP3 players) that can be used to transmit and receive data. Many current solutions to computer security rely on Public Key Infrastructure (PKI), where a trusted authority issues certificates to individual computers to validate their identity. Any secure communication between two or more machines is initiated by checking the validity of the certificates, which requires a communication link to the authority. With the advent of ubiquitous computing, a link to the authority is not always possible or convenient, so devices will typically communicate wirelessly and unencoded. There is a clear need for systems that enable secure communication between groups of devices where it is not possible or appropriate to validate the authenticity of the computers via a PKI.
The Oxford Invention
The Oxford invention is a class of protocols that enable secure communications between pairs or groups of people. Critically for ubiquitous applications, the Oxford protocols establish a key between the trusted parties without the requirement of any pre-existing security such as a PKI. Features of the protocols include:
- Immune to many security attacks (e.g. man-in-the-middle, combinatorial attacks)
- More flexible in a wide range of circumstances than a PKI
- Require less computing power than PKI-based solutions
The protocols can be used to ensure the privacy of confidential information transmitted between devices (e.g. telephone conversations, email) in ways that do not need to rely on or trust service providers. The protocols can also be used in highly secure environments (e.g. military, intelligence), either to create security where none exists (perhaps due to compromise or coalition operations) or to create specific security between parties in a wider network.
This technology is the subject of an international patent application, and Isis would like to talk to companies interested in developing the commercial opportunity that this represents. Please contact the Isis Project Manager to discuss this further.