Context-Enhanced Authentication for Infrastructureless Network Environments Ryan Wishart 1,⋆ , Jadwiga Indulska 1, 2 , Marius Portmann 1, 2 , and Peter Sutton 1 1 School of Information Technology and Electrical Engineering The University of Queensland Brisbane, Australia {wishart, jaga, marius, p.sutton}@itee.uq.edu.au 2 National ICT Australia ⋆⋆ Abstract. Infrastructureless networks are becoming more popular with the increased prevalence of wireless networking technology. A significant challenge faced by these infrastructureless networks is that of providing security. In this paper we examine the issue of authentication, a fun- damental component of most security approaches, and show how it can be performed despite an absence of trusted infrastructure and limited or no existing trust relationship between network nodes. Our approach enables nodes to authenticate using a combination of contextual infor- mation, harvested from the environment, and traditional authentication factors (such as public key cryptography). Underlying our solution is a generic threshold signature scheme that enables distributed generation of digital certificates. 1 Introduction Infrastructureless network environments, including both Mobile Ad hoc Net- works (MANET) and many pervasive computing environments, have enjoyed increased attention of late. While the lack of fixed infrastructure in these net- works makes them quick to deploy, it also presents a problem from a security perspective. Within this paper we focus on one particular aspect of security, authentication, and provide a solution that overcomes many of the problems of the infrastruc- tureless environment that have hampered previous approaches. These previous authentication approaches have typically assumed that the network is a region under the control of a centralised authority. This centralised authority shares se- cret knowledge with all of the nodes that are permitted entry to the network, and can use that knowledge to authenticate the nodes. This secret knowledge may ⋆ The work reported in this paper has been funded in part by the Co-operative Re- search Centre for Enterprise Distributed Systems Technology (DSTC) through the Australian Federal Government’s CRC Programme (Department of Industry, Science & Resources). ⋆⋆ National ICT Australia is funded by the Australian Government’s Backing Aus- tralia’s Ability initiative, in part through the Australian Research Council. J. Ma et al. (Eds.): UIC 2006, LNCS 4159, pp. 924–935, 2006. c  Springer-Verlag Berlin Heidelberg 2006