Advertisement

Stayin’ Alive: Aliveness as an Alternative to Authentication

  • Jonathan Anderson
  • Robert N. M. Watson
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7622)

Abstract

Authentication protocols attempt to discern whether or not a user is who she says she is based on what she has, is or knows. In many situtations, however, such as protecting Wikis from robots and Distributed Hash Tables from sybils, identity is less important than liveness: it’s not who you are that matters, it’s whether or not you are alive. We propose extensions to the Kerberos authentication which allow systems to test whether or not they are interacting with a real person, optionally disregarding their identity. We demonstrate how such extensions could be used to support realistic user interactions with requiring shared definitions of global identity.

Keywords

Hash Table Authentication Protocol Security Protocol Authentication Service Anonymous User 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Von Ahn, L., Blum, M., Hopper, N.J., Langford, J.: CAPTCHA: Using Hard AI Problems for Security. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 294–311. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  2. 2.
    Hartman, S., Zhu, L.: A Generalized Framework for Kerberos Pre-Authentication. RFC 6113 (April 2011)Google Scholar
  3. 3.
    Holt, J.E., Seamons, K.E.: Nym: Practical Pseudonymity for Anonymous Networks. Technical Report 2006-4, Internet Security Research Lab (ISRL), Brigham Young University (June 2006)Google Scholar
  4. 4.
    Needham, R.M., Schroeder, M.D.: Using encryption for authentication in large networks of computers. Communications of the ACM 21(12) (December 1978)Google Scholar
  5. 5.
    Neuman, B.C., Ts’o, T.: Kerberos: an authentication service for computer networks. IEEE Communications Magazine 32(9), 33–38 (1994)CrossRefGoogle Scholar
  6. 6.
    Neuman, C., Yu, T., Hartman, S., Raeburn, K.: The Kerberos Network Authentication Service (V5). RFC 4120 (July 2005)Google Scholar
  7. 7.
    Tsang, P.P., Kapadia, A., Cornelius, C., Smith, S.W.: Nymble: Blocking Misbehaving Users in Anonymizing Networks. IEEE Transactions on Dependable and Secure Computing 8(2), 256–269 (2011)CrossRefGoogle Scholar
  8. 8.
    Turing, A.M.: Computing Machinery and Intelligence. Mind 59, 433–460 (1950)MathSciNetCrossRefGoogle Scholar
  9. 9.
    von Ahn, L.: Human Computation. Technical Report CMU-CS-05-193, Carnegie Mellon University, Pittsburgh, PA (2005)Google Scholar
  10. 10.
    Zhu, L., Hartman, S., Leach, P.: Anonymity Support for Kerberos. RFC 6112 (April 2011)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2012

Authors and Affiliations

  • Jonathan Anderson
    • 1
  • Robert N. M. Watson
    • 1
  1. 1.Computer LaboratoryUniversity of CambridgeUK

Personalised recommendations