Abstract
The Kerberos protocol has promoted the development of new techniques to support various kinds of distributed applications. However, the secret-key management is security core in the whole system. Using symmetric encryption algorithm Rijndael of AES (Advanced Encryption Standard), all secret-keys of the client were encrypted by the secret-key of the authentication server and stored in the database. The secret-key of the authentication server was protected by distributing its shares to the router, Ticket-granting Server (TGS) and the Web server. The authentication server did not store its secret-key in system, when the system needed this secret-key, the authentication server could synthesize it by distributed shares. Security analysis shows that this secret-key management has fault-tolerant and no-information leakage; it also defends collusive attack and cracking the secret-key attack.
Access provided by Autonomous University of Puebla. Download to read the full chapter text
Chapter PDF
Similar content being viewed by others
References
Küsters, R., Tuengerthal, M.: Ideal Key Derivation and Encryption in Simulation-Based Security. In: Kiayias, A. (ed.) CT-RSA 2011. LNCS, vol. 6558, pp. 161–179. Springer, Heidelberg (2011)
Jia, K., Chen, X., Xu, G.: The improved public key encryption algorithm of Kerberos protocol based on braid groups. In: 2008 International Conference on Wireless Communications, Networking and Mobile Computing (WiCOM 2008), vol. 1, pp. 1–4 (2008)
Liu, K.-l., Qing, S.-h., Yang, M.: An Improved Way on Kerberos Protocol Based on Public-Key Algorithms. Journal of Software 12(6), 872–877 (2001)
Lai-Cheng, C.: Enhancing distributed web security based on kerberos authentication service. In: Wang, F.L., Gong, Z., Luo, X., Lei, J. (eds.) Web Information Systems and Mining. LNCS, vol. 6318, pp. 171–178. Springer, Heidelberg (2010)
Rao, G.S.V.R.K.: Threats and security of Web services - a theoretical short study. In: Proceedings of IEEE International Symposium Communications and Information Technology, vol. 2(2), pp. 783–786 (2004)
Seixas, N., Fonseca, J., Vieira, M.: Looking at Web Security Vulnerabilities from the Programming Language Perspective: A Field Study. Software Reliability Engineering 1, 129–135 (2009)
Wu, T., Malkin, M., Boneh, D.: Building intrusion-tolerant applications. In: Information Survivability Conference and Exposition, pp. 25–27. IEEE Computer Society, Los Alamitos (2000)
Zhang, X.-f., Liu, J.-d.: A threshold ECC Based on Intrusion Tolerance TTP Scheme. Computer Applications 24(2), 5–8 (2004)
Zhendong, S., Gary, W.: The essence of command injection attacks in web applications. ACM SIGPLAN Notices 41(1), 372–382 (2006)
Ashley, C., Wanlei, Z., Yang, X.: Protecting web services from DDOS attacks by SOTA. In: ICITA 2008, pp. 379–384 (2008)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Cao, LC. (2011). Secure Secret-Key Management of Kerberos Service. In: Deng, H., Miao, D., Wang, F.L., Lei, J. (eds) Emerging Research in Artificial Intelligence and Computational Intelligence. AICI 2011. Communications in Computer and Information Science, vol 237. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-24282-3_11
Download citation
DOI: https://doi.org/10.1007/978-3-642-24282-3_11
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-24281-6
Online ISBN: 978-3-642-24282-3
eBook Packages: Computer ScienceComputer Science (R0)