A New Security Architecture for Personal Networks

The concept of personal networks is very user- centric and representative for the next generation networks. However, the present security mechanism is not considering at all what happens whenever a mobile node (device) is compromised, lost or stolen. This kinds of leakage of stored secrets has been a great danger in the field of communication security since it sometimes leads to the complete breakdown of the intended security level. In order to solve the problem, we propose a 3- way Leakage-Resilient and Forward-Secure Authenticated Key Exchange (3LRFS-AKE) protocol and its security architecture for personal networks. The 3LRFS-AKE protocol guarantees not only forward secrecy of the shared key between device and its server but also a new additional layer of security against leakage of stored secrets. The security architecture includes two different types of communications: PN wide communication and communication between P-PANs of two different users. In this paper, we propose a new LR-AKE protocol, called 3-way Leakage-Resilient and Forward-Secure Authenticated Key Exchange (3LRFS-AKE), suitable for personal networks. We also present how the 3LRFS-AKE protocol works in a security architecture in order to solve the issues of both key management and leakage of stored secrets from devices with- out jeopardizing several security properties the original LR- AKE protocol holds. Note that the previous LR-AKE protocols cannot be applied directly since additional key management system is needed for personal networks. This paper is organized as follows. Section II provides overview of PN/PAN/P-PAN and a brief description of the imprinting procedure. Section III and IV is devoted to proposal of a new LR-AKE protocol suitable for personal networks and its security architecture, respectively. We briefly discuss about security and efficiency of the proposed security architecture in Section V and VI. Some concluding remarks and future works are given in Section VII.