Distributed authentication in Kerberos using public key cryptography
- 22 November 2002
- conference paper
- Published by Institute of Electrical and Electronics Engineers (IEEE)
Abstract
In this work we describe a method for fully distributed authentication using public key cryptography within the Kerberos ticket framework. By distributing most of the authentication workload away from the trusted intermediary and to the communicating parties, significant enhancements to security and scalability can be achieved as compared to Kerberos V5. Privacy of Kerberos clients is also enhanced. A working implementation of this extended protocol has been developed, and a migration plan is proposed for a transition from traditional to public key based Kerberos.Keywords
This publication has 6 references indexed in Scilit:
- Proxy-based authorization and accounting for distributed systemsPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2002
- An interface specification language for automatically analyzing cryptographic protocolsPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2002
- NetBill: An Internet commerce system optimized for network delivered servicesPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2002
- Kerberos: an authentication service for computer networksIEEE Communications Magazine, 1994
- The Kerberos Network Authentication Service (V5)Published by RFC Editor ,1993
- Timestamps in key distribution protocolsCommunications of the ACM, 1981