Design Principles and Security of Authentication Protocols with Trusted Third Party
نویسندگان
چکیده
Two-way identity authentication is the basis of secure communication in a distributed application environment. A trusted third party (TTP) is needed while PKI is not applicable, and the design of authentication protocols with TTP is a complicate and challenging task. This paper examines the characteristics of the security of authentication protocols with TTP, summarizes the essential factors of session key and illustrates the potential attacks while these essential factors are not well considered. It also proposes some design principles and a model of authentication protocol with TTP.
منابع مشابه
The Missing Link: Human Interactive Security Protocols in Mobile Payment
A new family of protocols, based on communication over human-based side channels, permit secure pairing or group formation in ways that no party has to prove its name. These protocols are particularly suitable for authentication on mobile phones where PKI or trusted third party solutions are not practical to cover all scenarios. Rather, individuals are able to hook up devices in their possessio...
متن کاملDesign and implementation of a secure wide-area object middleware
Wide-area service replication is becoming increasingly common, with the emergence of new operational models such as content delivery networks and computational grids. This paper describes the security architecture for Globe, an objectbased middleware specifically designed to support dynamic replication of services over wide-area networks. Replication introduces a series of new security issues, ...
متن کاملOn the Use of Key Assignment Schemes in Authentication Protocols
Key Assignment Schemes (KASs) have been extensively studied in the context of cryptographicallyenforced access control, where derived keys are used to decrypt protected resources. In this paper, we explore the use of KASs in entity authentication protocols, where we use derived keys to encrypt challenges. This novel use of KASs permits the efficient authentication of an entity in accordance wit...
متن کاملSecured Communication Protocol via Encrypted Key Ensuring Message Integrity
The Secured communication protocol via encrypted key ensuring message integrity combination of Authentication of Third Party Authentication Quantum Key Distribute Protocol (implicit) and Third Party Authentication Quantum Key Distribute Protocol Mutual Authentication (explicit) quantum cryptography is used to provide authenticated secure communication between sender and Receiver. In quantum cry...
متن کاملA Browser-Based Kerberos Authentication Scheme
When two players wish to share a security token (e.g., for the purpose of authentication and accounting), they call a trusted third party. This idea is the essence of Kerberos protocols, which are widely deployed in a large scale of computer networks. Browser-based Kerberos protocols are the derivates with the exception that the Kerberos client application is a commodity Web browser. Whereas th...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2006