Applicability of smart cards to network user authentication
Computing Systems
Building a high-performance, programmable secure coprocessor
Computer Networks: The International Journal of Computer and Telecommunications Networking - Special issue on computer network security
Using encryption for authentication in large networks of computers
Communications of the ACM
The persistent relevance of the local operating system to global applications
EW 7 Proceedings of the 7th workshop on ACM SIGOPS European workshop: Systems support for worldwide applications
Linux Security Howto
The Java Language Specification
The Java Language Specification
Java Security: Present and Near Future
IEEE Micro
Enhancing SESAMEV4 with Smart Cards
CARDIS '98 Proceedings of the The International Conference on Smart Card Research and Applications
How to Make Replicated Data Secure
CRYPTO '87 A Conference on the Theory and Applications of Cryptographic Techniques on Advances in Cryptology
Distributed Authentication in Kerberos Using Public Key Cryptography
SNDSS '97 Proceedings of the 1997 Symposium on Network and Distributed System Security
Java Security: From HotJava to Netscape and Beyond
SP '96 Proceedings of the 1996 IEEE Symposium on Security and Privacy
A secure and reliable bootstrap architecture
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
Smartcard integration with Kerberos V5
WOST'99 Proceedings of the USENIX Workshop on Smartcard Technology on USENIX Workshop on Smartcard Technology
SCFS: a UNIX filesystem for smartcards
WOST'99 Proceedings of the USENIX Workshop on Smartcard Technology on USENIX Workshop on Smartcard Technology
WWW electronic commerce and java trojan horses
WOEC'96 Proceedings of the 2nd conference on Proceedings of the Second USENIX Workshop on Electronic Commerce - Volume 2
A secure environment for untrusted helper applications confining the Wily Hacker
SSYM'96 Proceedings of the 6th conference on USENIX Security Symposium, Focusing on Applications of Cryptography - Volume 6
Improving DES coprocessor throughput for short operations
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
Copilot - a coprocessor-based kernel runtime integrity monitor
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Improving DES coprocessor throughput for short operations
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
Trust extension as a mechanism for secure code execution on commodity computers
Trust extension as a mechanism for secure code execution on commodity computers
Hi-index | 0.00 |
The nightmare of Trusted Third Party (T3P) based protocol users is compromise of the T3P. Because the compromised T3P can read and modify any user information, the entire user group becomes vulnerable to secret revelation and user impersonation. Kerberos, one of the most widely used network authentication protocols, is no exception. When the Kerberos Key Distribution Center (KDC) is compromised, all the user keys are exposed, thus revealing all the encrypted data and allowing an adversary to impersonate any user. If an adversary has physical access to the KDC host, or can obtain administrator rights, KDC compromise is possible, and catastrophic. To solve this problem, and to demonstrate the capabilities of secure hardware, we have integrated the IBM 4758 secure coprocessor into Kerberos V5 KDC. As a result of the integration, our implemented KDC preserves security even if the KDC host has been compromised.