REVIEW OF 22 APRIL 1997
More Public Key Cryptography...
-
Obtaining Public Keys: Use an authentication server that has a list of
public keys. Upon request, the server sends message (PK,U) encrypted
with the server's private key.
-
Performing Handshakes: When two users communicate, they first confirm
each other's identity using preliminary messages with nonce identifiers.
...and KERBEROS - a Private Key System.
- Users must first be authenticated by Kerberos and then obtain tickets
to use services.
- Kerberos generates temporary conversation keys used by a client and server to communicate.
-
Three-phase authentication process:
-
Getting the initial ticket (i.e., credentials).
- Getting the server ticket.
- Requesting the service.
All of these authentication schemes are designed to foil attacks based
on replay of messages and/or transmission of bogus messages.