Symmetric Key Authentication Services Revisited
نویسندگان
چکیده
Most of the symmetric key authentication schemes deployed today are based on principles introduced by Needham and Schroeder [14] more than twenty years ago. However, since then, the computing environment has evolved from a LAN-based client-server world to include new paradigms, including wide area networks, peer-to-peer networks, mobile ad-hoc networks and ubiquitous computing. Also, there are new threats, including viruses, worms and denial of service attacks. In this paper we review existing symmetric key authentication protocols in the light of these changes, and propose a authentication infrastructure design specifically tailored to address the latest developments in the distributed computing landscape. The key element in our design is placing the authentication server off-line, which greatly strengthens the security of its cryptographic material and shields it from denial of service attacks. Although the authentication server is not accessible on-line, our scheme can handle a dynamic client population, as well as critical issues such as re-issuing of keys and revocation.
منابع مشابه
Symmetric Key Authentication Services Revisited
Most of the symmetric key authentication schemes deployed today are based on principles introduced by Needham and Schroeder [17] more than twenty years ago. However, since then, the computing environment has evolved from a LAN-based client-server world to include new paradigms, including wide area networks, peer-to-peer networks, mobile ad-hoc networks and ubiquitous computing. Also, there are ...
متن کاملVAS-AKA: First Symmetric Batch Verification Protocol for Securely Deliver Value Added Services to Multiple Mobile Users
We introduce an efficient batch oriented authentication and key agreement (AKA) protocol named VAS-AKA to authenticate multiple requests sent from different mobile users simultaneously for value added services. The performance evaluation of VAS-AKA is presented in terms of communication and computation overhead, batch and re-batch verification delay. Using this protocol, the authentication serv...
متن کاملProcess algebraic modeling of authentication protocols for analysis of parallel multi-session executions
Many security protocols have the aim of authenticating one agent acting as initiator to another agent acting as responder and vice versa. Sometimes, the authentication fails because of executing several parallel sessions of a protocol, and because an agent may play both the initiator and responder role in parallel sessions. We take advantage of the notion of transition systems to specify authen...
متن کاملSymmetric-key Inter-domain end-to-end Authentication Protocols for Mobile System
Our goal is to propose and design a symmetric-key interdomain end-to-end authentication protocols for a mobile system. We will be considering three mobile service domains; each has an authentication server. We denote by AS1,AS2 and AS3 corresponding authentication servers. For simplicity, let AS1, AS2 ,AS3 represent those three domains. This mobile system can provide mobile communication servic...
متن کاملSecurity and Privacy Issues in Secure E-Mail Standards and Services
One of the most popular Internet services is e-mail services which provide sending and receiving electronic messages of communication networks. E-mail standards and services apply various cryptographic algorithms to achieve the security goals (Stallings, 2006; Stallings, 2007) of confidentiality, integrity, authentication and non-repudiation. Data confidentiality in e-mail services is commonly ...
متن کامل