Paper Info
Title
Extended Abstract: Provable-Security Analysis of Authenticated Encryption in Kerberos
Abstract
Kerberos is a widely-deployed network authentication protocol that is being considered for standardization. Many works have analyzed its security, identifying flaws and often suggesting fixes, thus helping the protocol's evolution. Several recent results present successful formal-methods-based verification of a significant portion of the current version 5, and some even imply security in the computational setting. For these results to hold, encryption in Kerberos should satisfy strong cryptographic security notions. However, neither currently deployed as part of Kerberos encryption schemes nor their proposed revisions are known to provably satisfy such notions. We take a close look at Kerberos' encryption and confirm that most of the options in the current version provably provide privacy and authenticity, some with slight modification that we suggest. Our results complement the formal-methods-based analysis of Kerberos that justifies its current design.
Year
DOI
Venue
2007
10.1109/SP.2007.19
IEEE Symposium on Security and Privacy
Keywords
Field
DocType
authorisation,cryptographic protocols,data privacy,formal verification,Kerberos,authenticated encryption,cryptographic security notions,formal methods-based verification,network authentication protocol,provable-security analysis
Internet privacy,Cryptographic protocol,Computer science,Cryptography,Computer security,Computer network,Kerberos,Generic Security Service Algorithm for Secret Key Transaction,Encryption,Kerberized Internet Negotiation of Keys,Authenticated encryption,Provable security
Conference
ISSN
ISBN
Citations 
1081-6011
0-7695-2848-1
10
PageRank 
References 
Authors
0.62
19
2
Name
Order
Citations
PageRank
Alexandra Boldyreva12297114.80
Virendra Kumar2100.62