Scalability and flexibility in authentication services: the KryptoKnight approach

This paper studies the issues of flexibility and scalability in the context of network security. In particular, it concentrates on authentication and key distribution services suited for a variety of communication paradigms, network environments, and end-devices. We present the design criteria, specification, and step-by-step construction of authentication and key distribution services based on experience in the KryptoKnight project. The central goal of the KryptoKnight project was the construction of basic network security functions in a minimal, flexible (thus, versatile) and scalable manner. Protocol minimality (in terms of resource usage) and flexibility are not merely theoretical goals; they have clear advantages in environments where computational resources are limited and connectivity is restricted. KryptoKnight was aimed at such environments: small and anemic wireless devices, simple network and data-link entities, embedded micro-devices and other special-purpose communication equipment and configurations. Furthermore, scalability of protocols makes their deployment possible in the presence of rapid network growth and inter-domain communication.

[1]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[2]  Roger M. Needham,et al.  Using encryption for authentication in large networks of computers , 1978, CACM.

[3]  Giovanni Maria Sacco,et al.  Timestamps in key distribution protocols , 1981, CACM.

[4]  Thomas A. Berson,et al.  A key distribution protocol using event markers , 1983, TOCS.

[5]  Silvio Micali,et al.  How to construct random functions , 1986, JACM.

[6]  Ralph Howard,et al.  Data encryption standard , 1987 .

[7]  Roger M. Needham,et al.  Authentication revisited , 1987, OPSR.

[8]  Owen Rees,et al.  Efficient and timely mutual authentication , 1987, OPSR.

[9]  B. Clifford Neuman,et al.  Kerberos: An Authentication Service for Open Network Systems , 1988, USENIX Winter.

[10]  Moni Naor,et al.  Universal one-way hash functions and their cryptographic applications , 1989, STOC '89.

[11]  L. Gong,et al.  Using one-way functions for authentication , 1989, CCRV.

[12]  John Rompel,et al.  One-way functions are necessary and sufficient for secure signatures , 1990, STOC '90.

[13]  Moti Yung,et al.  Systematic Design of Two-Party Authentication Protocols , 1991, CRYPTO.

[14]  Ronald L. Rivest,et al.  The MD5 Message-Digest Algorithm , 1992, RFC.

[15]  Gene Tsudik,et al.  KryptoKnight Authentication and Key Distribution System , 1992, ESORICS.

[16]  Gene Tsudik Message authentication with one-way hash functions , 1992, CCRV.

[17]  Paul C. van Oorschot,et al.  Authentication and authenticated key exchanges , 1992, Des. Codes Cryptogr..

[18]  Jürgen Schönwälder,et al.  A nonce-based protocol for multiple authentications , 1992, OPSR.

[19]  B. Clifford Neuman,et al.  A note on the use of timestamps as nonces , 1993, OPSR.

[20]  Moti Yung,et al.  Systematic Design of a Family of Attack-Resistant Authentication Protocols , 1993, IEEE J. Sel. Areas Commun..

[21]  Steven M. Bellovin,et al.  Augmented encrypted key exchange: a password-based protocol secure against dictionary attacks and password file compromise , 1993, CCS '93.

[22]  Mihir Bellare,et al.  Entity Authentication and Key Distribution , 1993, CRYPTO.

[23]  Gene Tsudik,et al.  On simple and secure key distribution , 1993, CCS '93.

[24]  Li Gong,et al.  Lower bounds on messages and rounds for network authentication protocols , 1993, CCS '93.

[25]  G. Tsudik,et al.  Authentication of mobile users , 1994, IEEE Network.

[26]  Theodore Y. Ts'o,et al.  Kerberos: an authentication service for computer networks , 1994, IEEE Communications Magazine.

[27]  Gene Tsudik,et al.  Robust and Secure Password and Key Change Method , 1994, ESORICS.

[28]  Alan J. Demers,et al.  Research issues in ubiquitous computing , 1994, PODC '94.

[29]  Moti Yung,et al.  The KryptoKnight family of light-weight protocols for authentication and key distribution , 1995, TNET.

[30]  Gene Tsudik,et al.  Secure and minimal protocols for authenticated key distribution , 1995, Comput. Commun..

[31]  Mihir Bellare,et al.  Provably secure session key distribution: the three party case , 1995, STOC '95.