In recent years, there has been an increasing interest in dynamical group networks referred to as ad-hoc networks, which basically can form wherever two or more nodes using the same means to communicate are present. Every node in the network can act as a router forwarding packets for other nodes or there is only broadcast communication. Hence, ad hoc networks do not need a centralized control organ and can very quickly be formed, merged together and partitioned into separate networks on the fly, without relying on a fixed infrastructure. An advantageous feature of such networks is that comparatively small and simple devices can be used as nodes, including Personal Digital Assistants (PDA), laptops and cellular phones. Wireless communication is generally used to interconnect at least some devices, but the network may also include static and wired nodes.
Ad hoc networks can comprise Local Area Networks (LAN), such as workstations in the same building interconnected to share the resources of a server, as well as group networks managed by individual persons, commonly referred to as Personal Area Networks (PAN). A PAN is generally associated with a small coverage and consists of networked personal devices in close vicinity of the owner. Typical PAN nodes are PDAs, printers, personal computers, digital cameras, mobile phones and MP3 players, but the network may also include household appliances such as refrigerators and vacuum cleaners. Ad hoc communication in a PAN can use various technologies. The Bluetooth technology, for example, may often be an appropriate choice for wireless communication between mobile devices in a PAN.
Interconnecting personal devices into group networks leads to some obvious advantages. Nevertheless, it lies in the nature of such networks that they are very vulnerable to attacks by unauthorized intruders. A main reason for this is that the communication often uses radio frequencies and is therefore easy to eavesdrop on. Moreover, portable devices are naturally easier to steal. Finally, if countermeasures are not taken, the ad-hoc nature implies a high risk of a rogue device entering the network. The consequences may for instance be devastating if a malicious intruder is passed as a member of the group and allowed to send instructions to the other group members and get access to secret information stored therein. Well-functioning security solutions are hence crucial for group networks like PANs to become widely spread in the future. In particular, there is a need for secure mechanisms for excluding non-trusted group members, e.g. by revoking the privileges of stolen devices.
In a PAN, a normal everyday user is the manager of the group and user convenience is highly prioritized. A most desirable feature of PAN security mechanisms, such as mechanisms for user authentication and for revocation of group members, is therefore that they are user-friendly, preferably based on simple user passwords.
According to a well-known prior-art method for password-based authentication towards a device, the “hash value” of the password is stored in the device. When a password is input to the device, the corresponding hash value is determined. The device then compares this hash value with the locally stored value, which are to be identical if the input password is correct. Typically, the user immediately gets some kind of indication of whether the authentication succeeded.
The described method can be applied onto a group network, generally using one common password for all group members in order to achieve simple network management. However, this solution is associated with severe drawbacks, since anyone hacking a group member is able to retrieve the locally stored hash value and use it to guess and verify the correct password. Since passwords tend to be rather short, e.g. four digits/characters, it is often feasible to try all possible passwords in an automated attack. This illustrates a major problem of conventional password-based mechanisms, i.e. that the password generally can be “reverse-engineered” by means of the information stored in a stolen device.
Accordingly, the authentication mechanisms of conventional tele-communication systems are far from satisfactory and there is a considerable need for an improved procedure for password-based authentication of group members.