Author_Institution :
Dept. of Inf. Manage., Rongchang Campus Southwest Univ., Chongqing, China
Abstract :
Kerberos is a widely-adopted network authentication protocol, which provides secure authentication service based on the reliable third-party. By exploiting a shared key, Kerberos ensures the confidentiality and integrity for a session. Kerberos, an authentication protocol based on symmetric cryptography system, has some inherent security flaws, such as undeniability, difficulty in key exchange, inability to fulfill digital signature and authentication. After an analysis of its security flaws, the paper improves Kerberos by applying fast RSA algorithm, more specifically, using Montgomery algorithm to count modular exponentiation of large numbers, and adopting the Chinese Remainder Theorem when using private key to calculate fast RSA algorithm. Thus, the improved Kerberos is more efficient and secure in use. In addition, compared with the original one, the improved protocol has amelioration and improvement in more than one performance, including key storage, clock synchronization, password guess and non-repudiation of the notes. Consequently, its authentication process is safe, authentic and reliable.
Keywords :
authorisation; cryptographic protocols; digital signatures; Chinese remainder theorem; Kerberos protocol; Montgomery algorithm; amelioration; clock synchronization; digital signature; fast RSA algorithm; key storage; nonrepudiation; password guess; secure authentication service; shared key; symmetric cryptography system; widely-adopted network authentication protocol; Algorithm design and analysis; Authentication; Protocols; Public key; Servers; Fast RSA Algorithm; Kerberos Protocol; Montgomery Algorithm; the Chinese Remainder Theorem;
