Authentication and KeyDistribution

Lei ZhangOct 31 2011

Necessity of Key distribution

Classification of distributed Authentication protocl

Connection Connectionless

Peer process Interactive One-way

C/S Session Request/response

Design Principles of Authentication protocols

• Principal is suspicious about anyone else• Delivered secure msg should owns the

features of authenticity, integrity, freshness• Freshness to prevent replay attack• How to assure Freshness– Nonce– Clock-sync

• 3rd party auth server

Notation system

Classical Auth Protocol(1)

• Needham-Schroeder

Classical Auth Protocol(2)

• Denning-Sacco

Classical Auth Protocol(3)

• Otway-Rees ( sync – free)

The Kerberos Protocol

• Based on Needham-Schroder and Denning&Sacco

• C/S – oriented

Verification process at B

X.509

• Auth server free but Directory server needed

KSL

• Idea: to reduce the workload of the auth server

Currentwork

• Key distribution center(KDC) is a main protocol/server widely used for authentication.[1]

Currentwork(2)

• Quantum Key Distribution[2][3][4]– It enables two parties to produce a shared

random secret key known only to them, which can then be used to encrypt and decrypt messages. It is often incorrectly called quantum cryptography, as it is the most well known example of the group of quantum cryptographic tasks.

Future work

• Authentication in the mobile peers• Security issues are endless• Quantum might be the trend

Reference

• [1] “Key distribution center”, Wikipedia, http://en.wikipedia.org/wiki/KDC

[2] “Quantum key distribution”, Wikipedia, http://en.wikipedia.org/wiki/Quantum_key_distribution [3] “From Bell’s Theorem to Secure Quantum Key Distribution”, Antonio Acín, Nicolas Gisin, and Lluis Masanes, Physical Review Letters [4] “The security of practical quantum key distribution”, Valerio Scarani, Helle Bechmann-Pasquinucci , Review of Modern Physics

Q&A