Skip to main content
SpringerLink
Log in

Tailoring authentication protocols to match underlying mechanisms

  • Session 4: Authentication Protocols
  • Conference paper
  • First Online:
Information Security and Privacy (ACISP 1996)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 1172))

Included in the following conference series:

Abstract

Authentication protocols are constructed using certain fundamental security mechanisms. This paper discusses how the properties of the underlying mechanisms affect the design of authentication protocols. We firstly illustrate factors affecting the selection of protocols generally. These factors include the properties of the environment for authentication protocols and the resources of the authenticating entities. We then consider a number of authentication protocols which are based on mechanisms satisfying different conditions than those required for the ISO/IEC 9798 protocols, in particular the use of non-random nonces and the provision of identity privacy for the communicating parties.

This work has been jointly funded by the UK EPSRC under research grant GR/J17173 and the European Commission under ACTS project AC095 (ASPeCT).

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. ISO/IEC 9798-1: 1991. Information technology — Security techniques — Entity authentication mechanisms — Part 1: General model. September 1991.

    Google Scholar 

  2. ISO/IEC 9798-3: 1993. Information technology — Security techniques — Entity authentication mechanisms — Part 3: Entity authentication using a public key algorithm. November 1993.

    Google Scholar 

  3. ISO/IEC 9798-2: 1994. Information technology — Security techniques — Entity authentication — Part 2: Mechanisms using symmetric encipherment algorithms. December 1994.

    Google Scholar 

  4. ISO/IEC 9798-4: 1995. Information technology — Security techniques — Entity authentication — Part 4: Mechanisms using a cryptographic check function. March 1995.

    Google Scholar 

  5. ISO/IEC 2nd CD 9798-5: 1995. Information technology — Security techniques — Entity authentication — Part 5: Mechanisms using zero knowledge techniques. June 1996.

    Google Scholar 

  6. M.J. Beller, L. Chang, and Y. Yacobi. Privacy and authentication on a portable communications system. IEEE Journal on Selected Areas in Communications, 11:821–829, 1993.

    Google Scholar 

  7. S.M. Bellovin and M. Merritt. Limitations of the Kerberos authentication system. Computer Communication Review, 20(5):119–132, October 1990.

    Google Scholar 

  8. S. Bengio, G. Brassard, Y.G. Desmedt, C. Goutier, and J. Quisquater. Secure implementation of identification systems. Journal of Cryptology, 4:175–183, 1991.

    Google Scholar 

  9. L. Chen, D. Gollmann, and C. Mitchell. Key distribution without individual trusted authentication servers. In Proceedings: the 8th IEEE Computer Security Foundations Workshop, pages 30–36. IEEE Computer Society Press, Los Alamitos, California, June 1995.

    Google Scholar 

  10. I. Damgard. Towards practical public key systems secure against chosen cipher-text attacks. Lecture Notes in Computer Science 576, Advances in Cryptology — CRYPTO '91, pages 445–456, 1991.

    Google Scholar 

  11. L. Gong. Increasing availability and security of an authentication service. IEEE Journal on Selected Areas in Communications, 11:657–662, 1993.

    Google Scholar 

  12. L. Gong. Variations on the themes of message freshness and replay. In Proceedings: the Computer Security Foundations Workshop VI, pages 131–136. IEEE Computer Society Press, Los Alamitos, California, June 1993.

    Google Scholar 

  13. ETSI/PT12 GSM-03.20. Security related network functions. August 1992.

    Google Scholar 

  14. B. Klein, M. Otten, and T. Beth. Conference key distribution protocols in distributed systems. In P. G. Farrell, editor, Codes and Cyphers, Proceedings of the Fourth IMA Conference on Cryptography and Coding, pages 225–241. Formara Limited. Southend-on-sea. Essex, 1995.

    Google Scholar 

  15. K-Y. Lam. Building an authentication service for distributed systems. Journal of Computer Security, 2:73–84, 1993.

    Google Scholar 

  16. K.Y. Lam and T. Beth. Timely authentication in distributed systems. In Lecture Notes in Computer Science 648, Advances in European Symposium on Research in Computer Security, pages 293–303. Springer-Verlag, 1992.

    Google Scholar 

  17. C. Mitchell. Security in future mobile networks. The 2nd International Workshop on Mobile Multi-Media Communications (MoMuC-2), Bristol University, April 11th–13th 1995.

    Google Scholar 

  18. C. Mitchell and A. Thomas. Standardising authentication protocols based on public key techniques. Journal of Computer Security, 2:23–36, 1993.

    Google Scholar 

  19. M. Reiter, K. Birman, and R. van Renesse. Fault-tolerant key distribution. Technical Report 93-1325, Department of Computer Science, Cornell University, Ithaca, New York, January 1993.

    Google Scholar 

  20. B. Simons, J.L. Welch, and N. Lynch. An overview of clock synchronization. In Lecture Notes in Computer Science 448, Advances in Fault-Tolerant Distributed Computing. Springer-Verlag, 1990.

    Google Scholar 

  21. R. Yahalom, B. Klein, and T. Beth. Trust-based navigation in distributed systems. European Institute for System Security, Karlsruhe University, Technical Report 93/4, 1993.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Information Security Group Royal Holloway, University of London, TW20 0EX, Egham, Surrey, UK

    Liqun Chen, Dieter Gollmann & Christopher J. Mitchell

Authors
  1. Liqun Chen
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Dieter Gollmann
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Christopher J. Mitchell
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Josef Pieprzyk Jennifer Seberry

Rights and permissions

Reprints and permissions

Copyright information

© 1996 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Chen, L., Gollmann, D., Mitchell, C.J. (1996). Tailoring authentication protocols to match underlying mechanisms. In: Pieprzyk, J., Seberry, J. (eds) Information Security and Privacy. ACISP 1996. Lecture Notes in Computer Science, vol 1172. Springer, Berlin, Heidelberg. https://doi.org/10.1007/BFb0023293

Download citation

  • DOI: https://doi.org/10.1007/BFb0023293

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-61991-8

  • Online ISBN: 978-3-540-49583-3

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation