Message size: choose appropriate cryptographic algorithms, use compression Number of messages: e.g., use derived keys
large groups: increased exposure of group key network may still page using IMSIs; may also ask for IMSI
example: mom-and-pop outfits offering wireless Internet connectivity the potnetial needs may be relevant even in cellular networks (e.g., as evidenced by the changes from GSM to 3G); but in the Internet they are likely to be more urgent.
usualy this exchange results in session keys being distributed; but for non-repudiability, some sort of certificate needs to be distributed
shared key: two approaches group key as in 3G: exposure individual key: cannot send a key ID -> impractical
Derive session keys as functions of long term keys plus transient information user can compute the session key unilaterally
Security Issues in Mobile Communication Systems N. Asokan Nokia Research Center IAB workshop on wireless internetworking February 29 - March 2, 2000
Reducing number of messages K UV User Visited domain Home domain Initial shared key K UH auth UH , ... K UV K UV K UV auth UV , ... User Visited domain Home domain Initial shared key K UH auth UH, auth UV , ... auth UH , ... K UV K UV K UV f (K UH , V, …) K UV f (K UH , V, …) auth UH , ...