Kerberos Plus RSA for World Wide Web Security
نویسنده
چکیده
We show how to use Kerberos to enable its clients to interact securely with non-Kerberized World Wide Web servers. That is, our protocol does not require that the Web server be a member of a Kerberos realm, and also does not rely on time-synchronization between the participants. In our protocol, the Kerberos client uses the Web server's public-key certi cate to gain cryptographic credentials that conform to public-key authentication standards, and to SHTTP. The client does not perform any publickey encryptions. Further, the client is well-protected from a man-in-the-middle attack that weakens SSL. Our protocol conforms to the current speci cations for the Kerberos protocol and for the Secure Hypertext Transfer Protocol.
منابع مشابه
Key management in a non-trusted distributed environment
Despite the fact that the World Wide Web is an untrusted environment, increasing use is being made of this network (the Internet) in electronic commerce applications. To prevent attacks a strong security architecture is required. A fundamental part of such an architecture is a method for key management. This paper discusses the various components of cryptographic key management especially in re...
متن کاملChrg-http: A Tool for Micropayments on the World Wide Web
Chrg-http is a simple and secure protocol for electronic payments over the Internet, especially in an intranet environment. It is designed to support those micropayments (or more speciic, electronic publishing), which have costs ranging from pennies to a few dollars. A widely used secure system Kerberos V5 has been incorporated into the http protocol. The security and authentication of a transa...
متن کاملIMPROVING THE SECURITY PERFORMANCE IN COMPUTER GRIDS Architecture and Results
Security in computational Grids is mainly based on Grid Security Infrastructure (GSI) for authentication and Virtual Organization Membership Service for authorization. Although these mechanisms provide the required level of security, they lack in performance due to their dependence on public key cryptography. In our proposed security architecture we use a Kerberos-based approach (symmetric cryp...
متن کاملA Real-World Analysis of Kerberos Password Security
Kerberos is a distributed authentication system that many organizations use to handle domain-wide password security. Although it has been known for quite some time that Kerberos is vulnerable to brute-force password searches, there has so far been little analysis of the scope and extent of this vulnerability. This paper discusses the nature of this weakness in detail and attempts to quantify th...
متن کاملSecure Negotiation Approach for Share-Secret-Key of Kerberos Service
The generation and distribution of the shared secret-key in Kerberos protocol are a security infrastructure. In order to enhance the security of distributed applications based on Kerberos protocol, a scheme of the shared secret-key negotiation was put forward. The shared secret-key could be generated and distributed by the Diffie-Hellman algorithm. Negotiation parameters of communicating partie...
متن کامل