authentication and key distribution lei zhang oct 31 2011
TRANSCRIPT
Authentication and KeyDistribution
Lei ZhangOct 31 2011
Necessity of Key distribution
Classification of distributed Authentication protocl
Connection Connectionless
Peer process Interactive One-way
C/S Session Request/response
Design Principles of Authentication protocols
• Principal is suspicious about anyone else• Delivered secure msg should owns the
features of authenticity, integrity, freshness• Freshness to prevent replay attack• How to assure Freshness– Nonce– Clock-sync
• 3rd party auth server
Notation system
Classical Auth Protocol(1)
• Needham-Schroeder
Classical Auth Protocol(2)
• Denning-Sacco
Classical Auth Protocol(3)
• Otway-Rees ( sync – free)
The Kerberos Protocol
• Based on Needham-Schroder and Denning&Sacco
• C/S – oriented
Verification process at B
X.509
• Auth server free but Directory server needed
KSL
• Idea: to reduce the workload of the auth server
Currentwork
• Key distribution center(KDC) is a main protocol/server widely used for authentication.[1]
Currentwork(2)
• Quantum Key Distribution[2][3][4]– It enables two parties to produce a shared
random secret key known only to them, which can then be used to encrypt and decrypt messages. It is often incorrectly called quantum cryptography, as it is the most well known example of the group of quantum cryptographic tasks.
Future work
• Authentication in the mobile peers• Security issues are endless• Quantum might be the trend
Reference
• [1] “Key distribution center”, Wikipedia, http://en.wikipedia.org/wiki/KDC
[2] “Quantum key distribution”, Wikipedia, http://en.wikipedia.org/wiki/Quantum_key_distribution [3] “From Bell’s Theorem to Secure Quantum Key Distribution”, Antonio Acín, Nicolas Gisin, and Lluis Masanes, Physical Review Letters [4] “The security of practical quantum key distribution”, Valerio Scarani, Helle Bechmann-Pasquinucci , Review of Modern Physics
Q&A