Pseudonym-based cryptography for anonymous communications in mobile ad hoc networks

Key management for anonymous communication in mobile ad hoc networks is a critical but unsolved problem. Many current anonymous mobile ad hoc routing protocols assume that mobile users share pairwise secrets before they start an anonymous communication session. This assumption is impractical for many ad hoc scenarios where pairwise shared keys are difficult to be set up in advance. Public-key based solution, such as identity-based cryptographic solutions have been proposed for anonymous communications. However, these approaches assume that a centralised Trust Authority (TA) is in charge of the private key generation. Thus, the anonymous communications are not anonymous to the TA. To solve the above mentioned problems, we present pairing-based encryption/decryption, key exchange, blind certificate and revocation solutions for anonymous communications. Our approach provides the following properties compared to traditional approaches: (1) an Anonymous User’s (AU’s) identity (i.e. a pseudonym) can be used as his/her public key (i.e. the same as traditional identity-based solution); however, each AU can self-derive his/her private key based on a set of publicly known system parameters and his/her chosen pseudonym (this is different from the traditional identity-based solution); (2) a pair of AUs can derive a shared key based on each other’s pseudonym without using interactive key exchanging protocols; (3) an AU can self-choose his/her pseudonym that can be blindly signed by a certificate authority and only the pseudonyms with a verifiable certificate are authorised to participate in the anonymous communications (the certificate can be verified by using a set of publicly known system parameters) and (4) the certificate authority is able to revoke AUs’ pseudonym. Due to these properties, our approach reduces key management overhead and is suitable for large-scale and ad hoc anonymous services.