CCS '96 Proceedings of the 3rd ACM conference on Computer and communications security
Fault-tolerant authentication services
International Journal of Computers and Applications
| Hi-index | 0.00 |
Some recent research on key distribution systems has focussed on analysing trust in authentication servers, and constructing key distribution protocols which operate using a number of authentication servers, which have the property that a minority of them may be untrustworthy. This paper proposes two key distribution protocols with multiple authentication servers using a cross checksum scheme. Both protocol are based on the use of symmetric encryption for verifying the origin and integrity of messages. In these protocols it is not necessary for clients to trust an individual authentication server. A minority of malicious and colluding servers cannot compromise security and can be detected. The first 'parallel' protocol can prevent a minority of servers disrupting the service. The second 'cascade' protocol has to work with other security mechanisms in order to prevent a server breaking the procedure by refusing to cooperate. As compared with other proposed protocols with similar properties these two protocols require less exchanged messages.