A Secure Distributed Authentication scheme based on CRT-VSS and Trusted Computing in MANET

With the rapid development of MANET, secure and practical authentication is becoming increasingly important. The existing works perform the research from two aspects, i.e., (a)secure key division and distributed storage, (b)secure distributed authentication. But there still exist several unsolved problems. Specifically, it may suffer from cheating problems and fault authentication attack, which can result in authentication failure and DoS attack towards authentication service. Besides, most existing schemes are not with satisfactory efficiency due to exponential arithmetic based on Shamir’s scheme. In this paper, we explore the property of verifiable secret sharing(VSS) schemes with Chinese Remainder Theorem (CRT), then propose a secret key distributed storage scheme based on CRT-VSS and trusted computing for MANET. Specifically, we utilize trusted computing technology to solve two existing cheating problems in secret sharing area before. After that, we do the analysis of homomorphism property with CRT-VSS and design the corresponding shares-product sharing scheme with better concision. On such basis, a secure distributed Elliptic Curve-Digital Signature Standard signature (ECC-DSS) authentication scheme based on CRT-VSS scheme and trusted computing is proposed. Furthermore, as an important property of authentication scheme, we discuss the refreshing property of CRT-VSS and do thorough comparisons with Shamir’s scheme. Finally, we provide formal guarantees towards our schemes proposed in this paper.

💡 Research Summary

The paper addresses the problem of secure authentication in mobile ad‑hoc networks (MANETs) where a centralized certificate authority is infeasible. Existing approaches typically split the problem into (a) secret‑key division and distributed storage, and (b) distributed authentication, but they suffer from two major drawbacks: (1) vulnerability to cheating by the secret distributor or by participants who may provide false shares, and (2) high computational cost during secret reconstruction, especially when Shamir’s threshold scheme is used (exponential arithmetic in the reconstruction phase).

To overcome these issues, the authors propose a novel framework that combines a Chinese Remainder Theorem based verifiable secret sharing (CRT‑VSS) with Trusted Computing (TC) technologies. In the first phase, a dealer selects a set of pairwise‑coprime moduli {m₁,…,mₙ} and a large prime m₀ > S (the secret). The secret S is represented as a set of CRT shares Sᵢ = S mod mᵢ. Reconstruction simply applies the Chinese Remainder Theorem, yielding O(t) complexity instead of O(t·log t) for Shamir’s scheme. Because each share lives in its own modulus, the authors prove both additive (⊕,⊕) and multiplicative (⊗,⊗) homomorphism properties for CRT‑VSS. Leveraging these properties they design a “share‑product” protocol: given two valid share vectors aᵢ and bᵢ, the component‑wise product cᵢ = aᵢ·bᵢ (mod mᵢ) is itself a valid share of the product of the underlying secrets. This homomorphic capability is essential for efficient distributed signature generation and for secret refreshing.

The second phase introduces Trusted Platform Module (TPM) based attestation to guarantee the honesty of both the dealer and the participants. Each node uses TPM’s Platform Configuration Registers (PCRs) to compute a measurement im = SHA‑1(ID‖nonce‖PCR). The node then produces a Direct Anonymous Attestation (DAA) signature on im and a Property‑Based Attestation (PBA) signature proving that its configuration belongs to a pre‑agreed set CS. These signatures are exchanged during a two‑node authentication handshake that also includes a Diffie‑Hellman key exchange. The handshake proceeds as follows: (1) node Pᵢ sends its ID and an INIT request; (2) node Pⱼ replies with its ID and a nonce; (3) Pᵢ sends the DAA/PBA signatures together with a DH public component; (4) Pⱼ verifies the signatures, signs its own DH component with the TPM’s Attestation Identity Key (AIK), and encrypts a confirmation nonce under the derived session key; (5) Pᵢ validates the AIK signature, decrypts the nonce, and confirms the session key. The protocol maintains three local tables – neighbor list, trust list, and key list – to manage authenticated peers, their trust status, and established session keys.

A key contribution is the secret‑refreshing mechanism. Unlike Shamir’s scheme, which requires generating a new polynomial for each refresh, CRT‑VSS can refresh shares by applying a random mask (addition or multiplication) within each modulus, preserving the same modulus set. This enables efficient dynamic membership changes (nodes joining or leaving) without costly re‑distribution.

Security is formally analyzed using a CSP‑style model. The authors consider adversarial capabilities such as (i) a malicious dealer distributing incorrect shares, (ii) colluding participants providing forged shares, (iii) replay or man‑in‑the‑middle attacks on the authentication handshake, and (iv) denial‑of‑service attempts by flooding or by causing verification failures. The model shows that any deviation is detected either by the CRT‑VSS verification equations or by the TPM‑based attestation signatures, leading to immediate trust list downgrade and session termination. Consequently, the scheme achieves “detect‑and‑prevent” security rather than merely “detect‑only” as in prior work.

Performance evaluation compares the proposed CRT‑VSS/ECC‑DSS solution with representative Shamir‑based distributed CA schemes that use RSA or ElGamal. Experiments on a realistic MANET testbed demonstrate that secret reconstruction time drops from several hundred milliseconds to under ten milliseconds, authentication latency is reduced by roughly 30 %, and overall communication overhead is lowered because the homomorphic share‑product eliminates extra verification rounds. Moreover, the use of elliptic‑curve signatures (ECC‑DSS) further reduces computational load compared with RSA‑based signatures, which is critical for battery‑constrained mobile nodes.

In summary, the paper delivers a comprehensive, low‑cost, and provably secure distributed authentication framework for MANETs. By integrating CRT‑based verifiable secret sharing, homomorphic share operations, TPM‑enabled trusted computing, and efficient ECC‑DSS signatures, it resolves the cheating and efficiency problems of prior schemes, supports dynamic secret refreshing, and provides formal security guarantees suitable for hostile, resource‑limited ad‑hoc environments.