Browse > Article
http://dx.doi.org/10.13089/JKIISC.2002.12.4.67

Design of a Strong Authentication Mechanism using Public-Key based on Kerberos  

김은환 (숭실대학교 컴퓨터학과)
전문석 (숭실대학교 컴퓨터학과)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.12, no.4, 2002 , pp. 67-76 More about this Journal
Abstract
Kerberos is designed to provide strong authentication between client and application servers which are working in distributed network environment by using symmetric-key cryptography, and supposed to trust other systems of the realm. In this paper, we design an efficient and strong authentication mechanism by introducing the public/private-key to Kerberos. In the mechanism to make a system more secure, the value of the session key is changed everytime using MAC(message authentication code) algorithm with the long-term key for user-authentication and a random number exchanged through the public key. Also, we employ a mutual authentication method, which is used on challenge-response mechanism based on digital signatures, to improve trust between realms, and present a way of reducing the number of keys by simplifying authentication steps.
Keywords
Kerberos; Public/Private-key; Strong/Mutual Authentication; Challenge-response;
Citations & Related Records
Times Cited By KSCI : 4  (Citation Analysis)
연도 인용수 순위
1 Performance of Public Key-Enabled Kerberos Authentication in Large Networks /
[ A.Harbitter;D.Menasce ] / Proc.2001 IEEE Symposium on Security and Privacy
2 A Secure European System for Applications in a Multi-vendor Environment(The SESAME Project) /
[ T.T.Parker ] / Proceedings of the 14th American National Security Conference
3 /
[ J.Kohl;C.Neuman ] / The Kerberos Network Authentication Service (V5)
4 /
[ Alfred J.Menezes;Paul C.van Oorschot;Scott A.Vanstone ] / Handbook of applied Cryptography
5 Kerberos: An Authentication Service for Open Network System /
[ J.Steiner;C.Neuman;J.Schiller ] / Proc of the Winter 1988 Usenix Conference
6 네트웍 환경에서 안전한 Kerberos 인증 메커니즘에 관한 연구 /
[ 신광철;정진욱 ] / 정보보호학회 논문지   과학기술학회마을
7 /
[ B.Tung;C.Neuman;M.Hur;A.Medvinsky;S.Medvinsky;J.Wray;J.Trostle ] / Public Key Cryptography for Initial Authentication in Kerberos
8 /
[ B.Tung;B.C.Neuman;M.Hur;A.Medvinsky;S.Medvinsky ] / Public Key Cryptography for Cross-Realm Authentication in Kerberos
9 Distributed Authentication in Kerberos Using Public Key Cryptography /
[ Marvin A.Sirbu;John Chung-I Chuang ] / Proc. 1997 Symposium on Network and Distributed System Security
10 /
[ W.Stallings ] / Network Security Essentials applications and standard
11 The Evolution of the Kerberos Authentication System /
[ John T.Kohl;B.Cliford Neuman;Theodore Y.T'so ] / In Distributed Open Systems
12 PKINIT 기반 새로운 커브로스 인증 메커니즘의 설계 /
[ 김철현;정일용 ] / 정보과학회 논문지   과학기술학회마을