Using encryption for authentication in large networks of computers
read more
Citations
Handbook of Applied Cryptography
On the security of public key protocols
Security Architecture for the Internet Protocol
A logic of authentication
Pervasive computing: vision and challenges
References
A method for obtaining digital signatures and public-key cryptosystems
Multiuser cryptographic techniques
Encryption-based protection for interactive user/computer communication
Encryption-based protection protocols for interactive user-computer communication over physically unsecured channels.
Related Papers (5)
Frequently Asked Questions (11)
Q2. What is the main database of an authentication server?
Since the main database of an authentication server is indexed by name, the management of authentication servers is related to the management of names.
Q3. What is the requirement of some protocols that the encryption be done elsewhere?
It is a requirement of some of their protocols that the encryption be done elsewhere, because it is necessary to prepare an encrypted message without actually sending it yet or to receive an encrypted message without knowing at the network interface what the key is.
Q4. What is the way to secure mail?
On the other hand, two-way authentication of sender and receiver is as desirable for mail as it is for interactive communication.
Q5. What is the importance of the reciprocity between the public and secret keys?
Observe that, because public keys are not secret, double encryption, i.e. ({message)Sra) eKn, or some equivalent is required during the course of the ensuing interaction.
Q6. What is the key to a secure communication between A and B?
The essential step in setting up secure communication between A and B is for the initiator, say A, to generate a message with two properties: (a) It must be comprehensible only to B, i.e. allow only B to use its contents to identify himself to A. (b)
Q7. who is indebted to a number of people who have read drafts of this?
The authors are indebted to a number of people who have read drafts of this paper and made careful and helpful comments, notably: Peter Denning, Stockton Gaines, Jim Gray, Steve Kent, Gerry Popek, Ron Rivest, Jerry Saltzer, and Robin Walker.
Q8. What is the easiest way to approach ASB?
In the public-key ease, since no secret keys are moved around, it is possible for A to approach ASB directly ifA knows that server's public key.
Q9. What are the examples of protocols for decentralized authentication in computer networks?
Example protocols are presented for the establishment of authenticated connections, for the management of authenticated mail, and for signature verification and document integrity guarantee.
Q10. What is the reason why the public-key authentication server is not a good choice?
In practice, however, the authors suspect that the implementation of authentication servers would not differ as much as the authors have indicated, for reasons such as the need to prevent corruption of the public-key authentication server's data, which could prevent communication even though it will not lead to faulty authentication.
Q11. What is the advantage of a public-key authentication server?
The intrinsic security requirements of a public-key authentication server are easier to meet than those of a conventional one, but a complete evaluation of the system problems in implementing such a server in a real system, and the need to retain a secure record of old public keys to guarantee future correct arbitration of old signatures may minimize this advantage.