Abstract
In the present paper, a new protocol for authentication and key distribution is proposed. The new protocol has the aim to achieve a comparable performance with the Kerberos protocol and overcome its drawbacks. For authentication of the exchanged messages during authentication and key distribution, the new protocol uses the Message Authentication Codes (MAC) to exchange the Diffie-Hellman components. On the other hand, the new protocol uses nonces to ensure the freshness of the exchanged messages. Subsequently, there is no need for clock synchronization which will simplify the system requirements. The new protocol is analyzed using queuing model, the performance analysis of the new protocol shows that the new protocol has a comparable performance with the Kerberos protocol for short messages and outperforms it for large messages.
Chapter PDF
References
Kohl, J. T., and Neuman, B. C.: The Kerberos Network Authentication Service (V5), RFC 1510, September 1993, (1993)
Kohl, J. T., Neuman, B. C., and Ts’o., T. Y.: The Evolution of the Kerberos Authentication Service, IEEE Computer Society Press Book (1994)
Molva, R., Tsudik, G., Herreweghen, E. V., and Zatti, S.: KryptoKnight Authentication and Key Distribution System, Proceedings of ESORICS 92, October 1992, (1992)
Tardo, J. J., and Alagappan, K.: SPX: Global Authentication Using Public Key Certificates, IEEE Privacy and Security Conference (1991)
Tardo, J. J., and Alagappan, K.: SPX Guide: A Prototype Public Key Authentication Service, Digital Equipment Corporation, May 1991, (1991)
Ford, W.: Computer Communications Security: Principles, Standard Protocols and Techniques, Prentice Hall (1994)
Aslan, H. K.: Logic-Based Analysis and Performance Evaluation of a New Protocol for Authentication and Key Distribution in Distributed Environments, Ph. D. Thesis, Electronics and Communications Dept., Faculty of Engineering, Cairo University, July 1998, (1998)
El-Hadidi, M. T., Hegazi, N. H., and Aslan, H. K.: Logic-Based Analysis of a New Hybrid Encryption Protocol for Authentication and Key Distribution, IFIP SEC98 conference (1998)
Bellovin, S. M., and Merrit, M.: Limitations of the Kerberos Authentication System, Computer Communication Review, October 1990, (1990)
Daemen J., and Rijmen, V.: AES Proposal: Rijndael, available at http://www.nist.gov/aes
http://www.iaik.tugraz.at/aboutus/people/groszschaedl/papers/acsac2000.pdf
Black, J., Halevi, S., Krawczyk, H., Krovetz, T., and Rogaway, P.: UMAC: Fast and Secure Message Authentication, Advances in Cryptology, Crypto’99, Lecture Notes in Computer Science, Vol. 1666, Springer-Verlag (1999)
Schwartz, M.: Telecommunication Networks: Protocols, Modeling and Analysis, Addison–Wesley (1987)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2003 IFIP International Federation for Information Processing
About this paper
Cite this paper
Aslan, H.K. (2003). AUTHMAC_DH: A New Protocol for Authentication and Key Distribution. In: Lioy, A., Mazzocchi, D. (eds) Communications and Multimedia Security. Advanced Techniques for Network and Data Protection. CMS 2003. Lecture Notes in Computer Science, vol 2828. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-45184-6_2
Download citation
DOI: https://doi.org/10.1007/978-3-540-45184-6_2
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-20185-4
Online ISBN: 978-3-540-45184-6
eBook Packages: Springer Book Archive