Memory-assisted measurement-device-independent quantum key distribution (MA-MDI-QKD) aims to improve the rateversus-distance behavior of QKD systems by using the existing technologies [1]. While quantum repeater systems, as the ultimate solution to long-distance quantum communications, are still too challenging to be implemented, MA-MDIQKD presents a feasible middle step toward the realization ...

This memo documents a method for a Kerberos Key Distribution Center (KDC) to respond to client requests for Kerberos tickets when the client does not have detailed configuration information on the realms of users or services. The KDC will handle requests for principals in other realms by returning either a referral error or a cross-realm Ticket-Granting Ticket (TGT) to another realm on the refe...

Authenticated session key establishment is a central issue in network security. This paper addresses a question on whether we can design a compact, efficient and authenticated key establishment protocol that has the following two properties: (1) each message exchanged between two participants can be transferred in a short packet such as an ATM cell whose payload has only 384 bits, and (2) messa...

A prerequisite for secure communication between two nodes in an ad hoc network is that the nodes share a key to bootstrap their trust relationship. In this paper, we present a scalable and distributed protocol that enables two nodes to establish a pairwise shared key on the fly, without requiring the use of any on-line key distribution center. The design of our protocol is based on a novel comb...

The proliferation and growth of modern computer networks have made network management infrastructures an integral part of the administration process. Nevertheless, most of these do not have the notion of security assimilated by design. Thus, existing network equipment cannot be managed securely without additional hardware or software security modules. This paper discusses a simple, yet robust, ...

An identity-based non-interactive public key distribution system is presented that is based on a novel trapdoor one-way function allowing a trusted authority to compute the discrete logarithms modulo a publicly known composite number m while this is infeasible for an adversary not knowing the factorization of m. Without interaction with a key distribution center or with the recipient of a given...

Many existing authentication protocols supporting inter-domain authentication on the Internet require their clients to communicate with every involved key distribution center (KDC) directly. This is inefficient and costly when the client side is a wireless mobile unit, for wireless transmission has relatively lower bandwidth, and a mobile unit is battery powered. In this paper, we present a mob...