Misplaced Trust: Kerberos 4 Session Keys
نویسندگان
چکیده
Eugene H. Spafford COAST Laboratory Department of Computer Sciences Purdue University West Lafayette, IN 47907-1398 [email protected]
منابع مشابه
Mechanising BAN Kerberos by the Inductive Method
The version of Kerberos presented by Burrows et al. [5] is fully mechanised using the Inductive Method. Two models are presented, allowing respectively the leak of any session keys, and of expired session keys. Thanks to timestamping, the protocol provides the involved parties with strong guarantees in a realistically hostile environment. These guarantees are supported by the generic theorem pr...
متن کاملKerberos Assisted Authentication in Mobile Ad-hoc Networks
An ad-hoc network comprises mobile nodes that cooperate with each other using wireless connections to route both data and control packets within the network. As the low transmission power of each node limits its communication range, the nodes must assist and trust each other in forwarding packets from one node to another. However, this implied trust relationship can be threatened by malicious n...
متن کاملKerberos Version IV: Inductive Analysis of the Secrecy Goals
An operational model of crypto-protocols is tailored to the detailed analysis of the secrecy goals accomplished by Kerberos Version IV. The model is faithful to the specification of the protocol presented by the MIT technical plan [14] — e.g. timestamping, double session key delivery mechanism are included. It allows an eavesdropper to exploit the shared keys of compromised agents, and admits t...
متن کاملKerberos Version 4: Inductive Analysis of the Secrecy Goals
An operational model of crypto-protocols is tailored to the detailed analysis of the secrecy goals accomplished by Kerberos Version IV. The model is faithful to the speciication of the protocol presented by the MIT technical plan 14] | e.g. timestamping, double session key delivery mechanism are included. It allows an eavesdropper to exploit the shared keys of compromised agents, and admits the...
متن کاملFlexible Session Management in a Distributed Environment
Many secure communication libraries used by distributed systems, such as SSL, TLS, and Kerberos, fail to make a clear distinction between the authentication, session, and communication layers. In this paper we introduce CEDAR, the secure communication library used by the Condor High Throughput Computing software, and present the advantages to a distributed computing system resulting from CEDAR’...
متن کامل