Abstract
This paper describes KryptoKnight, an authentication and key distribution system that provides facilities for secure communication in any type of network environment. KryptoKnight was designed with the goal of providing network security services with a high degree of compactness and flexibility. Message compactness of KryptoKnight's protocols allows it to secure communication protocols at any layer, without requiring any major protocol augmentations in order to accommodate security-related information. Moreover, since KryptoKnight avoids the use of bulk encryption it is easily exportable. Owing to its architectural flexibility, KryptoKnight functions at both endpoints of communication can perform different security tasks depending on the particular network configuration. These and other novel features make KryptoKnight an attractive solution for providing security services to existing applications irrespective of the protocol layer, network configuration or communication paradigm.
Chapter PDF
Keywords
- Authentication Protocol
- Token Module
- Application Program Interface Call
- Provide Security Service
- Message Digest Algorithm
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
ANSI Banking — Key Management (Wholesale), ISO 8732/ANSI X9.17, 1988,.
R. Bird, I. Gopal, A. Herzberg, P. Janson, S. Kutten, R. Molva, M. Yung, Systematic Design of Two-Party Authentication Protocols, Proceedings of Crypto'91, August 1991.
R. Bird, I. Gopal, A. Herzberg, P. Janson, S. Kutten, R. Molva, M. Yung, Systematic Design of a Family of Attack-Resistant Authentication Protocols, IEEE JSAC Special Issue on Secure Communications, to appear in 1993.
R. Bird, I. Gopal, A. Herzberg, P. Janson, S. Kutten, R. Molva, M. Yung, A Modular Family of Secure Protocols for Authentication and Key Distribution Draft, in submission to IEEE/ACM Transactions on Networking, August 1992.
S.M. Bellovin, M. Merritt, Limitations of the Kerberos Authentication System, ACM SIGCOMM Computer Communication Review, October 1990.
W. Diffie and M. Hellman, New Directions in Cryptography, IEEE Transactions on Information Theory, November 1976.
National Bureau of Standards, Federal Information Processing Standards, National Bureau of Standards, Publication 46, 1977.
T. Lomas, L. Gong, J. Saltzer, R. Needham, Reducing Risks from Poorly Chosen Keys, Proceedings of ACM Symposium on Operating System Principles, 1989.
R. Needham and M. Schroeder, Using Encryption for Authentication in Large Networks of Computers, Communications of the ACM, December 1978.
R. Rivest, The MD4 Message Digest Algorithm, Proceedings of CRYPTO'90, August 1990.
R. Rivest, The MD5 Message Digest Algorithm, Internet DRAFT, July 1991.
J. Steiner, The Kerberos Network Authentication Service Overview, MIT Project Athena RFC, Draft 1, April 1989.
J. Steiner, C. Neuman, J. Schiller, Kerberos: An Authentication Service for Open Network Systems, Proceedings of USENIX Winter Conference, February 1988.
J. Linn, Generic Security Service Application Program Interface, Internet Draft, Jun 1 1991.
R. Rivest, A. Shamir and L. Adleman, A Method for Obtaining Digital Signatures and Public Key Cryptosystems, Communications of the ACM, February 1978.
G. Tsudik, Message Authentication with One-Way Hash Functions, Proceedings of IEEE INFOCOM 1992. May 1992.
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 1992 Springer-Verlag
About this paper
Cite this paper
Molva, R., Tsudik, G., Van Herreweghen, E., Zatti, S. (1992). KryptoKnight authentication and key distribution system. In: Deswarte, Y., Eizenberg, G., Quisquater, JJ. (eds) Computer Security — ESORICS 92. ESORICS 1992. Lecture Notes in Computer Science, vol 648. Springer, Berlin, Heidelberg. https://doi.org/10.1007/BFb0013897
Download citation
DOI: https://doi.org/10.1007/BFb0013897
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-56246-7
Online ISBN: 978-3-540-47488-3
eBook Packages: Springer Book Archive