Increasing Availability and Security of an Authentication Service

Authentication is a process by which one satisses another about one's claim of identity. Typically an authentication server provides the authentication service via an authentication protocol. The authentication service is a security bottleneck in that its compromise can lead to the compromise of the whole system. The service is also a performance bottleneck because many activities cannot proceed unless the identities of concerned parties can be satisfactorily established. Therefore, a desirable authentication service should be both highly secure and highly available. We propose a general solution by replicating the authentication server such that a minority of malicious and colluding servers cannot compromise security or disrupt service. We discuss some unusual features of such a distributed authentication service, including the trade-oo between availability and security. A distributed service is also useful when clients cannot identify or agree upon trusted servers prior to authentication. For example, in some cooperative or federated systems, clients simply cannot all trust the same set of servers.