A security risk of depending on synchronized clocks
ACM SIGOPS Operating Systems Review
Timestamps in key distribution protocols
Communications of the ACM
Using encryption for authentication in large networks of computers
Communications of the ACM
Limitations of the Kerberos authentication system
ACM SIGCOMM Computer Communication Review
Cryptographic Randomness from Air Turbulence in Disk Drives
CRYPTO '94 Proceedings of the 14th Annual International Cryptology Conference on Advances in Cryptology
Kerberos plus RSA for world wide web security
WOEC'95 Proceedings of the 1st conference on USENIX Workshop on Electronic Commerce - Volume 1
SSYM'96 Proceedings of the 6th conference on USENIX Security Symposium, Focusing on Applications of Cryptography - Volume 6
Secure time information in the internet key exchange protocol
Annales UMCS, Informatica - Security Systems
| Hi-index | 0.00 |
We show that the Kerberos Authentication System can relax its requirement for synchronized clocks, with only a minor change which is consistent with the current protocol. Synchronization has been an important limitation of Kerberos; it imposes political costs and technical ones. Further, Kerberos' reliance on synchronization obstructs the secure initialization of clocks at bootstrap. Perhaps most important, this synchronization requirement limits Kerberos' utility in contexts where connectivity is often intermittent. Such environments are becoming more important as mobile computing becomes more common. Mobile hosts are particularly refractory to security measures, but our proposal gracefully extends Kerberos even to mobile users, making it easier to secure the rest of a network that includes mobile hosts. An advantage of our proposal is that we would not change the Kerberos protocol per se; a special type of preauthentication exchange can convey just enough replay protection to authenticate the initial ticket and its times-tamp to an unsynchronized client, without adding process-state to the system's servers.