Trust-Rated Authentication for Domain-Structured Distributed Systems | SpringerLink
Skip to main content
Springer Nature Link
Log in

Trust-Rated Authentication for Domain-Structured Distributed Systems

  • Conference paper
Public Key Infrastructure (EuroPKI 2008)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 5057))

Included in the following conference series:

Abstract

We present an authentication scheme and new protocol for domain-based scenarios with inter-domain authentication. Our protocol is primarily intended for domain-structured Peer-to-Peer systems but is applicable for any domain scenario where clients from different domains wish to authenticate to each other. To this end, we make use of Trusted Third Parties in the form of Domain Authentication Servers in each domain. These act on behalf of their clients, resulting in a four-party protocol. If there is a secure channel between the Domain Authentication Servers, our protocol can provide secure authentication. To address the case where domains do not have a secure channel between them, we extend our scheme with the concept of trust-rating. Domain Authentication Servers signal security-relevant information to their clients (pre-existing secure channel or not, trust, ...). The clients evaluate this information to decide if it fits the security requirements of their application.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Boyd, C.: Security architecture using formal methods. IEEE Journal on Selected Topics in Communications 11, 694–701 (1993)

    Article  Google Scholar 

  2. Dolev, D., Yao, A.: On the security of public key protocols. IEEE Transactions on Information Theory 29(2), 198–208 (1983)

    Article  MATH  MathSciNet  Google Scholar 

  3. Skype Ltd.: Skype (homepage) (February 2008), http://www.skype.com

  4. Ellison, C., Schneier, B.: Ten risks of PKI: What you’re not being told about public key infrastructure. Computer Security Journal 16(1), 1–7 (2000)

    Article  Google Scholar 

  5. Douceur, J.R.: The Sybil Attack. In: Druschel, P., Kaashoek, M.F., Rowstron, A. (eds.) IPTPS 2002. LNCS, vol. 2429, pp. 251–260. Springer, Heidelberg (2002) (Revised Papers)

    Chapter  Google Scholar 

  6. Zimmermann, P.R.: The official PGP user’s guide. MIT Press, Cambridge (1995)

    Google Scholar 

  7. Jøsang, A.: An algebra for assessing trust in certification chains. In: Proceedings of the Network and Distributed Systems Security Symposium (NDSS 1999), Internet Society (1999)

    Google Scholar 

  8. The Zfone Project: Zfone (homepage) (2007), http://zfoneproject.com

  9. Lowe, G.: A hierarchy of authentication specifications. In: Proceedings of the 10th IEEE Computer Security Foundations Workshop (CSFW 1997), Rockport, MA, USA (1997)

    Google Scholar 

  10. Boyd, C., Mathuria, A.: Protocols for authentication and key establishment. Information Security and Cryptography. Springer, Heidelberg (2003)

    Google Scholar 

  11. Abadi, M., Needham, R.M.: Prudent engineering practice for cryptographic protocols. IEEE Transactions on Software Engineering 22(1), 6–15 (1996)

    Article  Google Scholar 

  12. The AVISPA Project: Automated Validation of Internet Security Protocols and Applications (homepage) (January 2008), http://www.avispa-project.org/

  13. Lowe, G.: Towards a completeness result for model checking of security protocols. Journal of Computer Security 7(2), 89–146 (1999)

    Google Scholar 

  14. Cremers, C.: Scyther - Semantics and Verification of Security Protocols. Ph.D. dissertation, Eindhoven University of Technology (2006)

    Google Scholar 

  15. Neuman, B.C., Ts’o, T.: Kerberos: an authentication service for computer networks. IEEE Communications Magazine 32(9), 33–38 (1994)

    Article  Google Scholar 

  16. Goodner, M., Nadalin, A.: Web Services Federation Language (WS-Federation). OASIS Specification (work-in-progress) (January 2008), http://www.oasis-open.org

  17. Narasimha, M., Tsudik, G., Yi, J.H.: On the utility of distributed cryptography in P2P and MANETs: the case of membership control. In: Proceedings of the 11th IEEE International Conference on Network Protocols 2003, pp. 336–345 (2003)

    Google Scholar 

  18. Saxena, N., Tsudik, G., Yi, J.H.: Admission control in Peer-to-Peer: design and performance evaluation. In: Proceedings of the 1st ACM Workshop on Security of Ad Hoc and Sensor Networks, pp. 104–113 (2003)

    Google Scholar 

  19. Pedersen, T.: A threshold cryptosystem without a trusted party. In: Davies, D.W. (ed.) EUROCRYPT 1991. LNCS, vol. 547, pp. 522–526. Springer, Heidelberg (1991)

    Google Scholar 

  20. Stajano, F., Anderson, R.: The Resurrecting Duckling: security issues for ad-hoc wireless networks. In: Proceedings of the 7th International Workshop on Security Protocols, Cambridge, UK (1999)

    Google Scholar 

  21. Maurer, U.: Modelling a Public-Key Infrastructure. In: Martella, G., Kurth, H., Montolivo, E., Bertino, E. (eds.) ESORICS 1996. LNCS, vol. 1146. Springer, Heidelberg (1996)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Wilhelm-Schickard-Institut für Informatik, University of Tübingen, Germany

    Ralph Holz, Heiko Niedermayer, Peter Hauck & Georg Carle

Authors
  1. Ralph Holz
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Heiko Niedermayer
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Peter Hauck
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Georg Carle
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Stig F. Mjølsnes Sjouke Mauw Sokratis K. Katsikas

Rights and permissions

Reprints and permissions

Copyright information

© 2008 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Holz, R., Niedermayer, H., Hauck, P., Carle, G. (2008). Trust-Rated Authentication for Domain-Structured Distributed Systems. In: Mjølsnes, S.F., Mauw, S., Katsikas, S.K. (eds) Public Key Infrastructure. EuroPKI 2008. Lecture Notes in Computer Science, vol 5057. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-69485-4_6

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-69485-4_6

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-69484-7

  • Online ISBN: 978-3-540-69485-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation