Accession Number : ADA262422
Title : Fault-Tolerant Key Distribution (Preliminary Version)
Descriptive Note : Special technical rept.
Corporate Author : CORNELL UNIV ITHACA NY DEPT OF COMPUTER SCIENCE
Personal Author(s) : Reiter, Michael ; Birman, Kenneth ; Van Renesse, Robert
Report Date : Jan 1993
Pagination or Media Count : 19
Abstract : Many authentication or key distribution protocols have been proposed to distribute crypto- graphic keys for secure communication in open networks. These protocols often employ trusted authentication and time services whose corruption or failure could result in security breaches or prevent correct principals from establishing secure communication. In this paper, we describe the design and implementation of authentication and time services that securely and fault-tolerantly support key distribution. By using replication only when necessary, and introducing novel replication techniques when it was necessary, we have constructed these services to be easily defensible against malicious attack. Moreover, the transient unavailability of even a substantial number of servers does not hinder key distribution between correct principals or expose protocols to intruder attacks. We also describe how these services function as the foundation for a more comprehensive security architecture that we have implemented for fault-tolerant systems.
Descriptors : *CRYPTOGRAPHY , *DATA PROCESSING SECURITY , *COMPUTER NETWORKS , *SECURE COMMUNICATIONS , *FAULT TOLERANT COMPUTING , TRANSIENTS , CATIONS , ATTACK , FAILURE , TIME , FAULTS , VANS
Subject Categories : Computer Systems Management and Standards
Distribution Statement : APPROVED FOR PUBLIC RELEASE