Further Improvements to the Kerberos Timed Authentication Protocol
Authentication mechanisms coupled with strong encryption techniques are used for security purposes; however, at times, well-equipped intruders succeed in breaking encryption and compromising data integrity, confidentiality and trust. Kerberos is a widely used computer network authentication protocol which allows individuals communicating over an insecure network to prove their identity to one another in a secure manner. This paper presents an approach that involves temporary interruption to link server access with a new authentication protocol that delays the decryption with timed authentication. The analysis and verification of authentication properties and results of the designed protocol are presented.
Unable to display preview. Download preview PDF.
- S. M. Bellovin, and M. Merritt, “Limitations of the Kerberos Authentication System.” USENIX winter 1991,pp.253-268. 1991.Google Scholar
- A. H. Eneh., O. Gemikonakli and R. Comley, “Security of Electronic Commerce Authentication Protocols in Economically Deprived Communities”, The Fifth Security Conference 2006, Las Vegas, Nevada, April 2006, ISBN: 0-9772107-2-3.Google Scholar
- A. Harbitter and D. A. Menascé, “A Methodology for Analyzing the Performance of Authentication Protocols”. ACM Transactions on Information and System Security, vol. 5(4): pp. 458-491, 2002.Google Scholar
- C. A. Hoare, “Communication Sequence Process”. Prentice- Hall, International Englewood Cliffs. New Jersey. 1985.Google Scholar
- Y. Kirsal, A. Eneh and O. Gemikonakli, “A Solution to the Problem of Trusted Third Party for IEEE 802.11b Networks”. PGNET2005, Liverpool UK, pp.333-339, 2005.Google Scholar
- Y. Kirsal and O. Gemikonakli, “An Authentication Protocol to Address the Problem of the Trusted 3rd Party Authentication Protocols”, CISSE 2006,2006.Google Scholar
- Y. Kirsal and O. Gemikonakli, “Frequent Key Renewal under Pseudo-Secure Conditions for Increased Security In Kerberos Authentication And Its Impact On System Performability”, 3rd International Conference on Global E-Security,University of East London (UeL), Docklands, UK, 2007.Google Scholar
- G. Lowe, “Some New Attacks upon Security Protocols”, Proceedings of 9 th IEEE Computer Security Workshops, pp. 162 - 170, 1996.Google Scholar
- G. Lowe, “CASPER: A Compiler for the Analysis of Security Protocols”. Proceedings of the 10 th Computer Security Foundation Workshop. pp.18-30., 1998Google Scholar
- A. Mishra and W. A. Arbaugh, “An Initial Security Analysis of the IEEE 802.1X Standard”, White paper, UMIACS-TR-2002-10, February 2002.Google Scholar
- A. W. Roscoe “CSP and Determinism in Security Modelling”. IEEE Symposium on Security and Privacy. pp. 114-127, 1995.Google Scholar
- S. Schneider. “Verifying authentication protocols with CSP” 10th Computer Security Foundations Workshop, IEEE. pp. 741-758, 1997.Google Scholar
- “Security White Paper Evolution, Requirements, and Options” Available: http:wifiplanet.comtutorials articles.php965471 [Accessed: 27 April 2005] [Last Accessed: 13 September 2007].Google Scholar