Implementing Distributed Capabilities without a Trusted Kernel

  • Maurice P. Herlihy
  • J. D. Tygar
Part of the Dependable Computing and Fault-Tolerant Systems book series (DEPENDABLECOMP, volume 4)


Capabilities are well-known to be a simple and efficient technique for implementing protection in centralized systems. In decentralized distributed systems, however, implementing capabilities can be considerably more difficult. Two problems stand out: (1) how to communicate information about capabilities across an insecure communication network, and (2) how to revoke capabilities in the presence of failures such as message delays, crashes, and network partitions. This paper describes a new scheme for managing capabilities in a distributed system that incorporates novel solutions to both problems. The communication problem is addressed by a new and efficient protocol that exploits recent developments in “zero-knowledge” authentication protocols. The revocation problem is solved by new protocols that rely on approximately synchronized real-time clocks to create the illusion that revocation occurs instantaneously, even in the presence of failures.

This research was sponsored by the Defense Advanced Research Projects Agency (DOD), ARPA Order Numbers 4976, monitored by the Air Force Avionics Laboratory under Contracts F33615-84-K-1520. J.D. Tygar received additional support from National Science Foundation Presidential Young Investigator Grant CCR-8858087.


Authentication Protocol Authentication Method Network Partition Defense Advance Research Project Agency Message Delay 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. [1]
    W. Alexi, B. Chor, O. Goldreich, and C. P. Schnorr, RSA and Rabin Functions “Certain Parts are as Hard as the Whole”, in Proceedings of the 25 th IEEE Symposium on the Foundations of Computer Science, November 1984. To appear in SIAM J. on Computing.Google Scholar
  2. [2]
    J. P. Anderson, “Computer Security Technology Planning Study”, Technical Report ESD-TR-73-51, USAF Electronic Systems Division, October 1972.Google Scholar
  3. [3]
    Laszlo Babai, “Trading Group Theory for Randomness”, in Proceedings of the 17th ACM Symp. on Theory of Computing, pp. 421–429, May 1985.Google Scholar
  4. [4]
    J. Carter and M. Wegman, “Universal Classes of Hash Functions”, in Proceedings of the 17th IEEE Foundations of Computer Science, pp. 106–112, May 1976.Google Scholar
  5. [5]
    Ben-Zion Chor, ACM Distinguished Dissertations: Two Issues in Public Key Cryptography: RSA Bit Security and a New Knapsack Type System, MIT Press, 1986.Google Scholar
  6. [6]
    E. Cohen and D. Jefferson, “Protection in the Hydra Operating System”, in Proceedings 5th Symp. on Operating Systems Principles, pp. 141–160, November 1975.Google Scholar
  7. [7]
    Uriel Feige, Amos Fiat, and Adi Shamir, “Zero Knowledge Proofs of Identity”, in Proceedings of the 19th ACM Symp. on Theory of Computing, pp. 210–217, May 1987.Google Scholar
  8. [8]
    E. F. Gehringer and R. J. Chansler, Jr., “Star OS User and System Structure Manual”, Technical Report, Carnegie Mellon University, 1981.Google Scholar
  9. [9]
    Shafi Goldwasser, Silvio Micali, and Charles Rackoff, “The Knowledge Complexity of Interactive Proof Systems”, in Proceedings of the Seventeenth Annual ACM Symposium on Theory of Computing, May 1985.Google Scholar
  10. [10]
    S. Goldwasser and M. Sipser, “Arther Merlin Games versus Zero Interactive Proof Systems”, in Proceedings of the 17th ACM Symp. on Theory of Computing, pp. 59–68, May 1985.Google Scholar
  11. [11]
    J.N. Gray, Notes on Database Operating Systems, Lecture Notes in Computer Science 60, Springer-Verlag, Berlin, 1978, pp. 393–481.Google Scholar
  12. [12]
    M.P. Herlihy, N.A. Lynch, M. Merritt, and W.E. Weihl, “On the correctness of orphan elimination algorithms”, in 17th Symposium on Fault-Tolerant Computer Systems (FTCS), July 1987. Abbreviated version of MIT/LCS/TM-329.Google Scholar
  13. [13]
    Maurice P. Herlihy and J. D. Tygar, “How to Make Replicated Data Secure”, in Advances in Cryptology, CRYPTO-87, Springer-Verlag, August 1987.Google Scholar
  14. [14]
    R. M. Karp, “Reducibility among Combinatorial Problems”, Complexity of Computer Computations, Plenum Press, New York, 1972, pp. 85–103.Google Scholar
  15. [15]
    Richard M. Karp, 1985 Turing Award Lecture, “Combinatorics, Complexity, and Randomness”, Communications of the ACM 29(2): 98–109, February 1986.MathSciNetMATHCrossRefGoogle Scholar
  16. [16]
    L. Lamport, “Time, clocks and the ordering of events in a distributed system”, Communications of the ACM 21(7): 558–565, July 1978.MATHCrossRefGoogle Scholar
  17. [17]
    B. W. Lampson, “Protection”, ACM Operating Systems Review 8(1): 18–24, January 1974.CrossRefGoogle Scholar
  18. [18]
    Henry M. Levy, Capability-Based Computer Systems, Digital Press, 1984.Google Scholar
  19. [19]
    R. Lipton, Personal communication.Google Scholar
  20. [20]
    Michael Luby and Charles Rackoff, “Pseudo-random Permutation Generators and Cryptographic Composition”, in Proceedings of the 18th ACM Symp. on Theory of Computing, pp. 356–363. May 1986.Google Scholar
  21. [21]
    K. Marzullo and S. Owicki, “Maintaining time in a distributed system”, in Proceedings of the second ACM Symposium on Principles of Distributed Computing, pp. 295–305, August 1983.Google Scholar
  22. [22]
    M.S. McKendry and M.P. Herlihy, “Time-driven orphan elimination, ” in Fifth Symposium on Reliability in Distributed Software and Database Systems, January 1986. Also CMU-CS-85-138.Google Scholar
  23. [23]
    C. Meyer and S. Matyas, Cryptography, Wiley, 1982.MATHGoogle Scholar
  24. [24]
    R. Morris and K. Thompson, “Unix Password Security”, Communications of the ACM 22(12): 594–596, December 1979.CrossRefGoogle Scholar
  25. [25]
    NBS Standard, “Data Encryption Standard”, Technical Report FIPS Publication 46, National Bureau of Standards, January 1977.Google Scholar
  26. [26]
    Roger M. Needham, Michael D. Schroeder, “Using Encryption for Authentication in Large Networks of Computers”, Communications of the ACM 21(12): 993–999, December 1978. Also Xerox Research Report, CSL-78-4, Xerox Research Center, Palo AltO, CA.MATHCrossRefGoogle Scholar
  27. [27]
    B. Nelson, “Remote Procedure Call”, Technical Report CSL-79-3, Xerox Palo Alto Research Center, 1981.Google Scholar
  28. [28]
    Michael Rabin, “Digitalized Signatures and Public-Key Functions as Intractable as Factorization”, Laboratory for Computer Science Technical Report MIT/LCS/TR-212, Massachusetts Institute of Technology, January 1979.Google Scholar
  29. [29]
    Michael O. Rabin, “Probabilistic Algorithms in Finite Fields”, SIAM Journal on Computing 9: 273–280, 1980.MathSciNetMATHCrossRefGoogle Scholar
  30. [30]
    Michael Rabin, “Fingerprinting by Random Polynomials”, Center for Research in Computing Technology, Aiken Laboratory TR-81-15, Harvard, May 1981.Google Scholar
  31. [31]
    J. Reif and J. D. Tygar, “Efficient Parallel Pseudo-Random Number Generation”, in Advances in Cryptology: CRYPTO-85, pp. 433–446, Springer-Verlag, August 1985. To appear in SIAM J. on Computing.Google Scholar
  32. [32]
    R. Rivest, A. Shamir, and L. Adleman, “A Method for Obtaining Digital Signatures and Public-Key Cryptosystems”, Communications of the ACM 21(2): 120–126, February 1978.MathSciNetMATHCrossRefGoogle Scholar
  33. [33]
    M. Satyanarayanan, “Integrating Security in a Large Distributed Environment”, Technical Report CMU-CS-87-179, Carnegie-Mellon University, November 1987.Google Scholar
  34. [34]
    M. Satyanarayanan, John H. Howard, David A. Nichols, Robert N. Sidebotham, Alfred Z. Spector, Michael J. West, “The ITC Distributed File System: Principles and Design”, in Proceedings of the Tenth Symposium on Operating System Principles, pp. 35–50, ACM, December 1985. Also available as Carnegie-Mellon Report CMU-ITC-039, April 1985.Google Scholar
  35. [35]
    B. J. Walker, R. A. Kemmerer, and G. J. Popek, “Specification and Verification of the UCLA Unix Security Kernel”, Communications of the ACM 23(2): 118–131, February 1980.MATHCrossRefGoogle Scholar
  36. [36]
    M. V. Wilkes and R. M. Needham, The Cambridge CAP Computer and its Operating System, North-Holland, 1987.Google Scholar
  37. [37]
    W. A. Wulf, R. Levin, and S. P. Harbison, HYDRA/C.mmp: An Experimental Computer System, McGraw-Hill, 1981.Google Scholar
  38. [38]
    Bennet S. Yee, J. D. Tygar, and Alfred Z. Spector, “A Self-Securing Protection System for Distributed Programs”, Technical Report CMU-CS-87-184, Carnegie-Mellon University, December 1987.Google Scholar

Copyright information

© Springer-Verlag/Wien 1991

Authors and Affiliations

  • Maurice P. Herlihy
    • 1
  • J. D. Tygar
    • 1
  1. 1.Computer Science Dept.Carnegie Mellon UniversityPittsburghUSA

Personalised recommendations