Showing papers by "Gene Tsudik published in 1993"
TL;DR: Key concepts and protocols developed as part of the interdomain policy routing (IDPR) architecture are summarized and emphasis is placed on the route installation and packet forwarding mechanisms because they are critical to protocol performance and differ significantly from current practice in datagram wide area networks.
Abstract: Internetworks that are global in scale, contain multiple administrative domains, and support a range of services present special requirements for routing. Multiple administrative domains introduce the need for policy-sensitive routing. Service heterogeneity intensifies the requirement for type of service (TOS) routing, as well as other protocol support for handling a range of services, from datagrams to multimedia streams. Key concepts and protocols developed as part of the interdomain policy routing (IDPR) architecture are summarized. Emphasis is placed on the route installation and packet forwarding mechanisms because they are critical to protocol performance and differ significantly from current practice in datagram wide area networks. >
29 citations
24 May 1993
TL;DR: The authors describe a novel authentication method whereby the fixed relationship between the user and the device is avoided and the card is impersonal, it can be freely shared by several users, and the high cost of administration is eliminated.
Abstract: The authors describe a novel authentication method whereby the fixed relationship between the user and the device is avoided. They present a method whereby the authentication device, which is a token card, is used solely to provide a secure channel between a human user and an authentication server. Since the communication channel is secured by the card, the user can still utilize weak secrets such as passwords and personal identification numbers for authentication purposes, but, without any risk of exposure. Furthermore, the card's and the user's secrets are mutually independent, i.e., the card is impersonal, it can be freely shared by several users. This eliminates the high cost of administration which is typical of existing designs requiring fixed user-device relationship. The method does not require any coupling between the token card and the workstation, which would be difficult to implement on a global scale and retrofit onto existing equipment. >
28 citations
IBM1
TL;DR: Two ways to accomplish EKE augmented so that hosts do not store cleartext passwords are shown, one using digital signatures and one that relies on a family of commutative one-way functions.
Abstract: The encrypted key exchange (EKE) protocol is augmented so that hosts do not store cleartext passwords. Consequently, adversaries who obtain the one-way encrypted password file may (i) successfully mimic (spoof) the host to the user, and (ii) mount dictionary attacks against the encrypted passwords, but cannot mimic the user to the host. Moreover, the important security properties of EKE are preserved—an active network attacker obtains insufficient information to mount dictionary attacks. Two ways to accomplish this are shown, one using digital signatures and one that relies on a family of commutative one-way functions.
26 citations
IBM1
TL;DR: Several issues concerning the proposed solution are discussed here, and modifications that remove some of the constraints and result in simpler and more efficient protocols are suggested.
Abstract: Authentication and key distribution protocols that utilize weak secrets (such as passwords and personal identification numbers) are traditionally susceptible to guessing attacks whereby an adversary iterates through a relatively small key space and verifies the correct guess. Such attacks can be defeated by the use of public key encryption and careful protocol construction. T. Lomas et al. (Proc. of ACM Symp. on Operating Syst. Principles, 1989) investigated this topic and developed a methodology for avoiding guessing attacks while incurring only moderate overhead. Several issues concerning the proposed solution are discussed here, and modifications that remove some of the constraints (such as synchronized time and state retention by the server) and result in simpler and more efficient protocols are suggested. >
24 citations
01 Jan 1993
TL;DR: This paper summarizes the key concepts and protocols of policy-sensitive routing as part of the Interdomain Policy Routing (IDPR) archi- tecture and places particular emphasis on the route installation and packet forwarding mechanisms because they are critical to protocol performance and differ significantly from current practice in datagram wide area networks.
Abstract: Internetworks that are global in scale, contain mul- tiple administrative domains, and support a range of services present special requirements for routing. Multiple administrative domains introduce the need for policy-sensitive routing. Service heterogeneity intensifies the requirement for type of service (TOS) routing, as well as other protocol support for handling a range of services, from datagrams to multimedia streams. This paper summarizes the key concepts and protocols devel- oped as part of the Interdomain Policy Routing (IDPR) archi- tecture. We place particular emphasis on the route installation and packet forwarding mechanisms because they are critical to protocol performance and differ significantly from current practice in datagram wide area networks.
1 citations
Patent•
27 Jul 1993
TL;DR: In this article, a procedure and system for assurant a distribution securisee and authentifiee of cles cryptographiques dans un syteme de communication, and ayant des proprietes tres semblables a celles d'un protocole d'authentification a deux correspondants.
Abstract: Procede et systeme assurant une distribution securisee et authentifiee de cles cryptographiques dans un syteme de communication, et ayant des proprietes tres semblables a celles d'un protocole d'authentification a deux correspondants. Un serveur fait parvenir une nouvelle cle de groupe a un groupe choisi d'utilisateurs du systeme. Une structure tressee de messages emis par le serveur en direction de chaque utilisateur permet d'assurer l'authentification et, simultanement, une distribution securisee et confidentielle des cles. Par ailleurs, la structure tressee permet la construction de messages de protocole de longueur minimisee.