Paul C. Brutch
Department of Computer Science
Texas A&M University
College Station, Texas 77843-3112, U.S.A.
In any distributed networked environment, security systems for network access and communication are necessary to allow legitimate hosts on the network to access the network services while denying non-registered hosts. Ideally, such systems should ensure both confidentiality and integrity of messages exchanged over the network. In this paper, we will discuss the deficiencies with the registration and authentication services provided by Global System for Mobile Communication (GSM), Cellular Digital Packet Data (CDPD), and IS-41. Next, we will present the design of the Mutual Authentication, Confidentiality, and Key MANagement (MACKMAN) system to provide a more secure registration and authentication service for mobile computing and wireless communication. The capabilities provided by MACKMAN include registration of legitimate hosts with the network, mutual authentication, and data confidentiality and integrity in a mobile and wireless environment. Data confidentiality and integrity are provided by using the public key Elliptic Curve RSA (ECRSA) cryptosystem in conjunction with a hierarchy of certification authorities for key distribution and management.