1 / 16

Authentication and Key Distribution

Authentication and Key Distribution. Lei Zhang Oct 31 2011. Necessity of Key d istributio n. Classification of distributed Authentication protocl. Design Principles of Authentication protocols. Principal is suspicious about anyone else

leif
Download Presentation

Authentication and Key Distribution

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Authentication and KeyDistribution Lei Zhang Oct 31 2011

  2. Necessity of Key distribution

  3. Classification of distributed Authentication protocl

  4. Design Principles of Authentication protocols • Principal is suspicious about anyone else • Delivered secure msg should owns the features of authenticity, integrity, freshness • Freshness to prevent replay attack • How to assure Freshness • Nonce • Clock-sync • 3rd party auth server

  5. Notation system

  6. Classical Auth Protocol(1) • Needham-Schroeder

  7. Classical AuthProtocol(2) • Denning-Sacco

  8. Classical AuthProtocol(3) • Otway-Rees ( sync – free)

  9. The Kerberos Protocol • Based on Needham-Schroder and Denning&Sacco • C/S – oriented Verification process at B

  10. X.509 • Auth server free but Directory server needed

  11. KSL • Idea: to reduce the workload of the auth server

  12. Currentwork • Key distribution center(KDC) is a main protocol/server widely used for authentication.[1]

  13. Currentwork(2) • Quantum Key Distribution[2][3][4] • It enables two parties to produce a shared random secret key known only to them, which can then be used to encrypt and decrypt messages. It is often incorrectly called quantum cryptography, as it is the most well known example of the group of quantum cryptographic tasks.

  14. Future work • Authentication in the mobile peers • Security issues are endless • Quantum might be the trend

  15. Reference • [1] “Key distribution center”, Wikipedia, http://en.wikipedia.org/wiki/KDC [2] “Quantum key distribution”, Wikipedia, http://en.wikipedia.org/wiki/Quantum_key_distribution [3] “From Bell’s Theorem to Secure Quantum Key Distribution”, Antonio Acín, Nicolas Gisin, and Lluis Masanes, Physical Review Letters [4] “The security of practical quantum key distribution”, Valerio Scarani, HelleBechmann-Pasquinucci, Review of Modern Physics

  16. Q&A

More Related