Abstract
The Kerberos protocol has promoted the development of new techniques to support various kinds of distributed applications. However, the secret-key management is security core in the whole system. Using symmetric encryption algorithm Rijndael of AES (Advanced Encryption Standard), all secret-keys of the client were encrypted by the secret-key of the authentication server and stored in the database. The secret-key of the authentication server was protected by distributing its shares to the router, Ticket-granting Server (TGS) and the Web server. The authentication server did not store its secret-key in system, when the system needed this secret-key, the authentication server could synthesize it by distributed shares. Security analysis shows that this secret-key management has fault-tolerant and no-information leakage; it also defends collusive attack and cracking the secret-key attack.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Küsters, R., Tuengerthal, M.: Ideal Key Derivation and Encryption in Simulation-Based Security. In: Kiayias, A. (ed.) CT-RSA 2011. LNCS, vol. 6558, pp. 161–179. Springer, Heidelberg (2011)
Jia, K., Chen, X., Xu, G.: The improved public key encryption algorithm of Kerberos protocol based on braid groups. In: 2008 International Conference on Wireless Communications, Networking and Mobile Computing (WiCOM 2008), vol. 1, pp. 1–4 (2008)
Liu, K.-l., Qing, S.-h., Yang, M.: An Improved Way on Kerberos Protocol Based on Public-Key Algorithms. Journal of Software 12(6), 872–877 (2001)
Lai-Cheng, C.: Enhancing distributed web security based on kerberos authentication service. In: Wang, F.L., Gong, Z., Luo, X., Lei, J. (eds.) Web Information Systems and Mining. LNCS, vol. 6318, pp. 171–178. Springer, Heidelberg (2010)
Rao, G.S.V.R.K.: Threats and security of Web services - a theoretical short study. In: Proceedings of IEEE International Symposium Communications and Information Technology, vol. 2(2), pp. 783–786 (2004)
Seixas, N., Fonseca, J., Vieira, M.: Looking at Web Security Vulnerabilities from the Programming Language Perspective: A Field Study. Software Reliability Engineering 1, 129–135 (2009)
Wu, T., Malkin, M., Boneh, D.: Building intrusion-tolerant applications. In: Information Survivability Conference and Exposition, pp. 25–27. IEEE Computer Society, Los Alamitos (2000)
Zhang, X.-f., Liu, J.-d.: A threshold ECC Based on Intrusion Tolerance TTP Scheme. Computer Applications 24(2), 5–8 (2004)
Zhendong, S., Gary, W.: The essence of command injection attacks in web applications. ACM SIGPLAN Notices 41(1), 372–382 (2006)
Ashley, C., Wanlei, Z., Yang, X.: Protecting web services from DDOS attacks by SOTA. In: ICITA 2008, pp. 379–384 (2008)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Cao, LC. (2011). Secure Secret-Key Management of Kerberos Service. In: Deng, H., Miao, D., Wang, F.L., Lei, J. (eds) Emerging Research in Artificial Intelligence and Computational Intelligence. AICI 2011. Communications in Computer and Information Science, vol 237. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-24282-3_11
Download citation
DOI: https://doi.org/10.1007/978-3-642-24282-3_11
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-24281-6
Online ISBN: 978-3-642-24282-3
eBook Packages: Computer ScienceComputer Science (R0)