Third European Symposium on Research in Computer Security (ESORICS 94)
Authentication via Multi-Service Tickets in the Kuperee Server
Thomas Hardjono, Jennifer Seberry
Abstract : The subject of this paper is the authentication services as found in the Kuperee server. The authentication protocol is based on the Zheng-Seberry public key cryptosystem, and makes use of the distinct features of the cryptosystem. Although couched in the terminology of Kerberos, the protocol had subtle features, such as the binding together of two entities by a third entity, leading to the need of equal co-operation by the two entities in order to complete the authentication procedure. Another important feature is the use of multi-service ticket to access multiple services offered by different servers. This removes the need of the Client to consult the Trusted Authority each time it needs a service from a Server. In addition, this allows an increased level of parallelism in which several Servers may be concurrently executing applications on behalf of a single Client. The scheme is also extendible to cover a more global scenario in which several realms exist, each under the care of a trusted authority. Finally, the algorithms that implement the scheme are presented in terms of the underlying cryptosystem. Although the scheme currently employs a public key cryptosystem, future developments of the server may combine private key cryptosystems to enhance performance.
Proceedings table of contents