AUTHMAC_DH: A New Protocol for Authentication and Key Distribution

  • Heba K. Aslan
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2828)


In the present paper, a new protocol for authentication and key distribution is proposed. The new protocol has the aim to achieve a comparable performance with the Kerberos protocol and overcome its drawbacks. For authentication of the exchanged messages during authentication and key distribution, the new protocol uses the Message Authentication Codes (MAC) to exchange the Diffie-Hellman components. On the other hand, the new protocol uses nonces to ensure the freshness of the exchanged messages. Subsequently, there is no need for clock synchronization which will simplify the system requirements. The new protocol is analyzed using queuing model, the performance analysis of the new protocol shows that the new protocol has a comparable performance with the Kerberos protocol for short messages and outperforms it for large messages.


Advance Encryption Standard Security Manager Short Message Message Authentication Code Clock Synchronization 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    Kohl, J. T., and Neuman, B. C.: The Kerberos Network Authentication Service (V5), RFC 1510, September 1993, (1993) Google Scholar
  2. 2.
    Kohl, J. T., Neuman, B. C., and Ts’o., T. Y.: The Evolution of the Kerberos Authentication Service, IEEE Computer Society Press Book (1994) Google Scholar
  3. 3.
    Molva, R., Tsudik, G., Herreweghen, E. V., and Zatti, S.: KryptoKnight Authentication and Key Distribution System, Proceedings of ESORICS 92, October 1992, (1992) Google Scholar
  4. 4.
    Tardo, J. J., and Alagappan, K.: SPX: Global Authentication Using Public Key Certificates, IEEE Privacy and Security Conference (1991) Google Scholar
  5. 5.
    Tardo, J. J., and Alagappan, K.: SPX Guide: A Prototype Public Key Authentication Service, Digital Equipment Corporation, May 1991, (1991) Google Scholar
  6. 6.
    Ford, W.: Computer Communications Security: Principles, Standard Protocols and Techniques, Prentice Hall (1994) Google Scholar
  7. 7.
    Aslan, H. K.: Logic-Based Analysis and Performance Evaluation of a New Protocol for Authentication and Key Distribution in Distributed Environments, Ph. D. Thesis, Electronics and Communications Dept., Faculty of Engineering, Cairo University, July 1998, (1998) Google Scholar
  8. 8.
    El-Hadidi, M. T., Hegazi, N. H., and Aslan, H. K.: Logic-Based Analysis of a New Hybrid Encryption Protocol for Authentication and Key Distribution, IFIP SEC98 conference (1998) Google Scholar
  9. 9.
    Bellovin, S. M., and Merrit, M.: Limitations of the Kerberos Authentication System, Computer Communication Review, October 1990, (1990) Google Scholar
  10. 10.
    Daemen J., and Rijmen, V.: AES Proposal: Rijndael, available at
  11. 11.
  12. 12.
    Black, J., Halevi, S., Krawczyk, H., Krovetz, T., and Rogaway, P.: UMAC: Fast and Secure Message Authentication, Advances in Cryptology, Crypto’99, Lecture Notes in Computer Science, Vol. 1666, Springer-Verlag (1999) Google Scholar
  13. 13.
    Schwartz, M.: Telecommunication Networks: Protocols, Modeling and Analysis, Addison–Wesley (1987)Google Scholar

Copyright information

© IFIP International Federation for Information Processing 2003

Authors and Affiliations

  • Heba K. Aslan
    • 1
  1. 1.The Electronics Research InstituteDokki, CairoEgypt

Personalised recommendations