Network security via private-key certificates

Subscribe (Full Service)


	Search: The ACM Digital Library The Guide

	Feedback

Network security via private-key certificates

Full text

Pdf (256 KB)

Source

ACM SIGOPS Operating Systems Review archive
Volume 24 , Issue 4 (October 1990) table of contents

Pages: 64 - 67

Year of Publication: 1990

ISSN:0163-5980

Authors

Don Davis	MIT Project Athena
Ralph Swick	MIT Project Athena

Publisher

ACM New York, NY, USA

Bibliometrics

Downloads (6 Weeks): 5, Downloads (12 Months): 52, Citation Count: 11

Additional Information:

abstract references cited by index terms collaborative colleagues

Tools and Actions:	Review this Article Save this Article to a Binder Display Formats: BibTeX EndNote ACM Ref

DOI Bookmark:	Use this link to bookmark this Article: http://doi.acm.org/10.1145/94574.94579 What is a DOI?

ABSTRACT

We present some practical security protocols that use private-key encryption in the public-key style. Our system combines a new notion of private-key certificates, a simple key-translation protocol, and key-distribution. These certificates can be administered and used much as public-key certificates are, so that users can communicate securely while sharing neither an encryption key nor a network connection.

REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	[1] This use of private-key certificates was proposed to us by Martin Abadi and Mike Burrows of Digital's Systems Research Center, and by Butler Lampson of Digital's Cambridge Research Laboratory, in a personal communication.
	2	[2] Selim G. Akl, "Digital Signatures: A Tutorial Survey," Computer Vol. 16(2) pp. 15-24 (Feb. 1983).
	3	[3] Michael Burrows, Martin Abadi, and Roger Needham, "A Logic of Authentication," Proc. R. Soc. Lond. A 426(1989) pp. 233-271.
	4	[4] Don Davis and Ralph Swick, "Kerberos Authentication and Workstation Services at Project Athena," MIT Laboratory for Computer Science Technical Memorandum 424 (Feb. 1990).
	5	[5] Dorothy E. R. Denning, Cryptography and Data Security. Reading, MA: Addison-Wesley, 1983. pp. 14-15.
	6	Collin I'Anson , Chris Mitchell, Security defects in CCITT recommendation X.509: the directory authentication framework, ACM SIGCOMM Computer Communication Review, v.20 n.2, p.30-34, April, 1990 [doi>10.1145/378570.378623]
	7	[7] International Telegraph and Telephone Consultative Committee (CCITT). Recommendation X.509: The Directory - Authentication Framework. In Data Communications Network Directory, Recommendations X.500-X.521, pp. 48-81. Vol. 8, Fascicle 8.8 of CCITT Blue Book. Geneva: International Telecommunication Union, 1989.
	8	[8] John Kohl, Clifford Neuman, and Jennifer Steiner, "Kerberos Version 5 Request for Comments," (in preparation at Project Athena, MIT bldg. E40, Cambridge (MA 02139).
	9	[9] Ralph C. Merkle, "Protocols for Public-Key Cryptosystems," pp. 122-133 in Proc. 1980 Symp. on Security and Privacy, IEEE Computer Society (April 1980).
	10	Roger M. Needham , Michael D. Schroeder, Using encryption for authentication in large networks of computers, Communications of the ACM, v.21 n.12, p.993-999, Dec. 1978 [doi>10.1145/359657.359659]
	11	Gerald J. Popek , Charles S. Kline, Encryption and Secure Computer Networks, ACM Computing Surveys (CSUR), v.11 n.4, p.331-356, Dec. 1979 [doi>10.1145/356789.356794]
	12	[12] Jennifer Steiner, Clifford Neuman, and Jeffrey Schiller, "Kerberos: An Authentication Service for Open Network Systems," USENIX Winter Conference Proceedings, February 1988.

CITED BY 11

	Roger M. Needham, Denial of service: an example, Communications of the ACM, v.37 n.11, p.42-46, Nov. 1994
	Giuseppe Ateniese , Stefan Mangard, A new approach to DNS security (DNSSEC), Proceedings of the 8th ACM conference on Computer and Communications Security, November 05-08, 2001, Philadelphia, PA, USA
	Butler Lampson , Martín Abadi , Michael Burrows , Edward Wobber, Authentication in distributed systems: theory and practice, ACM SIGOPS Operating Systems Review, v.25 n.5, p.165-182, Oct. 1991
	Butler Lampson , Martín Abadi , Michael Burrows , Edward Wobber, Authentication in distributed systems: theory and practice, ACM Transactions on Computer Systems (TOCS), v.10 n.4, p.265-310, Nov. 1992
	Roger M. Needham, Denial of service, Proceedings of the 1st ACM conference on Computer and communications security, p.151-153, November 03-05, 1993, Fairfax, Virginia, United States
	Chang-Seop Park, Authentication protocol providing user anonymity and untraceability in wireless mobile communication systems, Computer Networks: The International Journal of Computer and Telecommunications Networking, v.44 n.2, p.267-273, 5 February 2004
	Don Davis, Kerberos plus RSA for world wide web security, Proceedings of the 1st conference on USENIX Workshop on Electronic Commerce, p.16-16, July 11-12, 1995, New York, New York
	Daniel E. Geer, Jr. , Donald T. Davis, Token-mediated certification and electronic commerce, Proceedings of the 2nd conference on Proceedings of the Second USENIX Workshop on Electronic Commerce, p.2-2, November 18-21, 1996, Oakland, California
	Don Davis, Compliance defects in public-key cryptography, Proceedings of the 6th conference on USENIX Security Symposium, Focusing on Applications of Cryptography, p.17-17, July 22-25, 1996, San Jose, California
	Marc Joye , Sung-Ming Yen, ID-based secret-key cryptography, ACM SIGOPS Operating Systems Review, v.32 n.4, p.33-39, Oct. 1998
	Armin Liebl, Authentication in distributed systems: a bibliography, ACM SIGOPS Operating Systems Review, v.27 n.4, p.31-41, Oct. 1993