Abstract
Authentication protocols are constructed using certain fundamental security mechanisms. This paper discusses how the properties of the underlying mechanisms affect the design of authentication protocols. We firstly illustrate factors affecting the selection of protocols generally. These factors include the properties of the environment for authentication protocols and the resources of the authenticating entities. We then consider a number of authentication protocols which are based on mechanisms satisfying different conditions than those required for the ISO/IEC 9798 protocols, in particular the use of non-random nonces and the provision of identity privacy for the communicating parties.
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
This work has been jointly funded by the UK EPSRC under research grant GR/J17173 and the European Commission under ACTS project AC095 (ASPeCT).
This is a preview of subscription content, log in via an institution.
Preview
Unable to display preview. Download preview PDF.
References
ISO/IEC 9798-1: 1991. Information technology — Security techniques — Entity authentication mechanisms — Part 1: General model. September 1991.
ISO/IEC 9798-3: 1993. Information technology — Security techniques — Entity authentication mechanisms — Part 3: Entity authentication using a public key algorithm. November 1993.
ISO/IEC 9798-2: 1994. Information technology — Security techniques — Entity authentication — Part 2: Mechanisms using symmetric encipherment algorithms. December 1994.
ISO/IEC 9798-4: 1995. Information technology — Security techniques — Entity authentication — Part 4: Mechanisms using a cryptographic check function. March 1995.
ISO/IEC 2nd CD 9798-5: 1995. Information technology — Security techniques — Entity authentication — Part 5: Mechanisms using zero knowledge techniques. June 1996.
M.J. Beller, L. Chang, and Y. Yacobi. Privacy and authentication on a portable communications system. IEEE Journal on Selected Areas in Communications, 11:821–829, 1993.
S.M. Bellovin and M. Merritt. Limitations of the Kerberos authentication system. Computer Communication Review, 20(5):119–132, October 1990.
S. Bengio, G. Brassard, Y.G. Desmedt, C. Goutier, and J. Quisquater. Secure implementation of identification systems. Journal of Cryptology, 4:175–183, 1991.
L. Chen, D. Gollmann, and C. Mitchell. Key distribution without individual trusted authentication servers. In Proceedings: the 8th IEEE Computer Security Foundations Workshop, pages 30–36. IEEE Computer Society Press, Los Alamitos, California, June 1995.
I. Damgard. Towards practical public key systems secure against chosen cipher-text attacks. Lecture Notes in Computer Science 576, Advances in Cryptology — CRYPTO '91, pages 445–456, 1991.
L. Gong. Increasing availability and security of an authentication service. IEEE Journal on Selected Areas in Communications, 11:657–662, 1993.
L. Gong. Variations on the themes of message freshness and replay. In Proceedings: the Computer Security Foundations Workshop VI, pages 131–136. IEEE Computer Society Press, Los Alamitos, California, June 1993.
ETSI/PT12 GSM-03.20. Security related network functions. August 1992.
B. Klein, M. Otten, and T. Beth. Conference key distribution protocols in distributed systems. In P. G. Farrell, editor, Codes and Cyphers, Proceedings of the Fourth IMA Conference on Cryptography and Coding, pages 225–241. Formara Limited. Southend-on-sea. Essex, 1995.
K-Y. Lam. Building an authentication service for distributed systems. Journal of Computer Security, 2:73–84, 1993.
K.Y. Lam and T. Beth. Timely authentication in distributed systems. In Lecture Notes in Computer Science 648, Advances in European Symposium on Research in Computer Security, pages 293–303. Springer-Verlag, 1992.
C. Mitchell. Security in future mobile networks. The 2nd International Workshop on Mobile Multi-Media Communications (MoMuC-2), Bristol University, April 11th–13th 1995.
C. Mitchell and A. Thomas. Standardising authentication protocols based on public key techniques. Journal of Computer Security, 2:23–36, 1993.
M. Reiter, K. Birman, and R. van Renesse. Fault-tolerant key distribution. Technical Report 93-1325, Department of Computer Science, Cornell University, Ithaca, New York, January 1993.
B. Simons, J.L. Welch, and N. Lynch. An overview of clock synchronization. In Lecture Notes in Computer Science 448, Advances in Fault-Tolerant Distributed Computing. Springer-Verlag, 1990.
R. Yahalom, B. Klein, and T. Beth. Trust-based navigation in distributed systems. European Institute for System Security, Karlsruhe University, Technical Report 93/4, 1993.
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 1996 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Chen, L., Gollmann, D., Mitchell, C.J. (1996). Tailoring authentication protocols to match underlying mechanisms. In: Pieprzyk, J., Seberry, J. (eds) Information Security and Privacy. ACISP 1996. Lecture Notes in Computer Science, vol 1172. Springer, Berlin, Heidelberg. https://doi.org/10.1007/BFb0023293
Download citation
DOI: https://doi.org/10.1007/BFb0023293
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-61991-8
Online ISBN: 978-3-540-49583-3
eBook Packages: Springer Book Archive