Secure Communication using Identity Based Encryption


Roschke, Sebastian and Ibraimi, Luan and Cheng, Feng and Meinel, Christoph (2010) Secure Communication using Identity Based Encryption. In: Communications and Multimedia Security - CMS 2010, 31 May - 2 June 2010, Linz, Austria. (In Press)

open access
Abstract:Secured communication has been widely deployed to guarantee confidentiality and
integrity of connections over untrusted networks, e.g., the Internet. Although
secure connections are designed to prevent attacks on the connection, they hide
attacks inside the channel from being analyzed by Intrusion Detection Systems
(IDS). Furthermore, secure connections require a certain key exchange at the
initialization phase, which is prone to Man-In-The-Middle (MITM) attacks. In this paper, we present a new method to secure connection which enables Intrusion Detection and overcomes the problem of MITM attacks. We propose to apply Identity Based Encryption (IBE) to secure a communication channel. The key escrow property of IBE is used to recover the decryption key, decrypt network traffic on the fly, and scan for malicious content. As the public key can be generated based on the identity of the connected server and its exchange is not necessary, MITM attacks are not easy to be carried out any more. A prototype of a modified TLS scheme is implemented and proved with a simple client-server application. Based on this prototype, a new IDS sensor is developed to be capable of identifying IBE encrypted secure traffic on the fly. A deployment architecture of the IBE sensor in a company network is proposed. Finally, we show the applicability by a practical experiment and some preliminary performance measurements.
Item Type:Conference or Workshop Item
Electrical Engineering, Mathematics and Computer Science (EEMCS)
Research Group:
Link to this item:
Organisation URL:
Export this item as:BibTeX
HTML Citation
Reference Manager


Repository Staff Only: item control page