A compendium on TAKS (Topology Authenticated Key Scheme) and its extension to elliptic curve cryptography ECTAKS (Elliptic Curve based Topology Authenticated Key Scheme) can be found here.

ECTAKS is an hybrid cryptographic key establishment protocol to setup cluster-wise (multicast or point-to-multipoint) and pair-wise (unicast or point-to-point) secure links based on Elliptic Curve Cryptography (ECC). Security functions include confidentiality (data encryption / decryption), data integrity, sender authentication (signature) as well as topology authentication. 

ECTAKS is the topological variant of the ephemeral ECC-based Diffie-Helmann (ECDH) cryptographic scheme with the objective to protect mission-critical networks, such as WSN, VANET and intra-vehicular networks, from specific attacks to their topological integrity, therefore routing, device identity, infrastructure integrity, and whatever attack finalized to alter network topology, e.g. by inserting malicious devices.

Main novelties with ECTAKS are: 

  • pre-distribution of partial key components: generated shared secret results as function of the key components assigned to the other nodes involved in the legitimate communication session. Key components assigned to each node in the networks are: a Local Key Component (LKC), a Transmitted Key Component (TKC) and a set of Topology Vector Components (TVC). The set of this security material assigned to a node defines the Local Configuration Data (LCD) for that node and is represented by the 3-pla (LKC, TKC, {TVC}).
  • vector spaces over GF(): truly clusterwise communication sessions in TAKSx (no just setting up multiple pairwise sessions) are enabled: from a mathematical point of view, vectors over GF() allow to generate the same TAK in a cluster from CH to cluster members, i.e a truly clusterwise or multicast session, not merely as the result from the aggregation of multiple unicast links.
  • truly scalable clusterwise sessions: as any new party joining an already established clusterwise session DOES NOT imply added information exchange among the participating parties but suddenly join the clusterwise session. From an engineering point of view, truly multicast sessions are mandatory for clustered networks to avoid: loss of synchronization in multicast transmissions: several unicast communications should be executed in sequence, storage of multiple keys
  • shared secrets depend on both sender and receiver identity and topology.


Main ECTAKS benefits:
- robustness respect to attacks against network topology.
- flexibility respect to communication patterns.
- scalability respect to multicast link setup.

ECTAKS is the ECC-based TAKS rel. 2.1, the evolved version from the early TAKS originally introduced in my Ph.D. dissertation [ref. 24]

A synthetic release map for TAKS follows: 

TAKS rel. 1 [ref. 23]: TAK components (LKC, TKC) are introduced, only pairwise links, Local / Transmitted Key Components (LKC/TKC) used for TAK generation, Topology Vector (TV) used for sender authentication, LKC and TKC are generated from TAK "primitives" over GF(p), p prime, Vector space over GF(p) dim. 3, TAKS equations are introduced, Key Establishment Protocol is 2-phase.

TAKS rel. 1.1 (ECTAKS rel. 1) [ref. 30]: ECC extension to Vector space over GF(p) dim. 3 and ECTAKS equations are introduced.

TAKS rel. 2 [ref. 31, 32]: Security proof (necessary condition) based on DL (Discrete Logarithm) Problem, extended Galois fields included, TAK equations revised, TAK components definition revised, clusterwise links added, key establishment protocol reduced to 1-phase (ephemeral key transmission).

TAKS rel. 2.1 [ref. 39, 40]: vector space over GF() reduced.

TAKS rel. 3 (ECTAKS rel. 2) [ref. 41, Civino et al.]: new ECTAK components are defined: Local Private Key Component = LKC, Transmitted Private Key Component = TKC, Topology Public Key Component = TV∙G, where G is the EC generator, new ECTAKS equations are introduced, standard ECIES and ECDSA are integrated for ciphering and signature with ECTAKS, proof of the equivalence between ECTAKS Problem and ECDL Problem, therefore ECTAKS results compliant to IEEE standard requirements for WSN and VANET security: ECTAKS can be employed in industrial applications.

TAKS rel. 2.1 has been implemented in SEAMLESS Project (SEcure plAtform for multi-hop wireLess sEnSor Networks, PNRM a2014.118, June 2016 - May 2018) co-funded by Italian MoD. TAKS rel. 2.1 has been into operations in H2020-ECSEL-2017-RIA AFarCloud (Aggregate Farming in the Cloud, September 2018 - 2021).

ECTAKS rel. 2 is included among the strategic deliverables from MiSE-EMERGE Project (Light Commercial Vehicles & Emerging Technologies for "every day" and "emergency aid" operations, January 2020 - 2023). Lead partner is the Radiolabs Consortium in partnership with Leonardo, Telespazio, Elital the University of L'Aquila, and in collaborations with FCA-CRF (Fiat Chrysler Automobiles N.V. - Centro Ricerche Fiat), IAM (Innovazione Automotive Metalmeccanica), ESA (European Space Agency), GSA (European GNSS Agency) and ASI (Agenzia Spaziale Italiana). The EMERGE project between the Ministry of Economic Development, the Abruzzo Region, the Radiolabs Consortium, Elital, Leonardo, Telespazio and the University of L'Aquila, is part of the connected evolution of commercial vehicles, cataloged at european level as one of the four priorities listed in the EUCAR - European Council for Automotive R&D program.


Crea il tuo sito web gratis! Questo sito è stato creato con Webnode. Crea il tuo sito gratuito oggi stesso! Inizia