Secure Wireless Distribution of Cryptographic Keys
Small Business Information
6 New England Executive Park, Burlington, MA, 01803
AbstractThe goal of this SBIR is to develop a capability to securely transmit cryptographic keys over wireless networking environments. The utilization of affordable commercial wireless technologies is a potential solution for automating the key distributionprocess to forward-deployed military units. As security properties in commercial wireless technologies may be weak, new solutions are needed that provide strong authentication and strong encryption. Transmission of sensitive in-theater data requires thatall transmitters/receivers possess cryptographic devices. Increasing use of wireless technologies greatly increases the number of devices, and places unrealistic management and distribution requirements on the site generating the keys. Additionally, assecurity breaches are detected, it is paramount that new cryptographic keys be rapidly transmitted to the remaining trusted wireless participants. New approaches that delegate the decision-making process for key distribution are required for a scalablesolution. Our approach is to add wireless interfaces to programmable Data Transfer Devices and to develop a scalable key management algorithm, based on the Subset Difference algorithm [NNL01], that provides administratively scoped domains to localize keyrevocation decisions. The technology developed under this SBIR is anticipated to have broad application permitting DoD and commercial vendors to utilize wireless communications technologies to securely distribute keys. The proliferation of affordablewireless devices is permitting individuals to connect to the Internet anywhere, anytime. New methods of securing sensitive information transmitted on these links must be developed due to a lack of or absence of strong security in commercially availablewireless networking components. The research developed as part of this SBIR will provide a capability to securely distribute cryptographic keys to wireless users in a timely fashion, thus minimizing the release of sensitive information.
* information listed above is at the time of submission.