{"title":"基于动态口令和“一次性公钥”的Kerberos协议改进","authors":"Yun-yun Du, Hong-yun Ning, Ping Yang, Yan-xia Cui","doi":"10.1109/ICNC.2014.6975980","DOIUrl":null,"url":null,"abstract":"We begin with overviews of the existing defects of the current Kerberos protocol and the shortage of the current improvement, and then we focus on the new method of the dynamic password and public key. On the basis of the original Kerberos protocol, firstly, we propose the usage of the Diffie-Hellman algorithm, and put the password in the token, then take the key which has added the dynamic factor as the sharing key between Client and AS, this improvement can fundamentally solve the password guessing attack. Secondly, we use the method of the ElGamal algorithm. For one thing, it will generate a new public key in each authentication, and put the new public key as the secret key of the information transmission between client and resource server, this method basically guarantees security of the information transmission; For another we use the random number, which is associated with the public key, to take the place of the time-stamp to prevent replay attack, it puts the random number and our key together to increase the ability of preventing replay attack. Finally, we analyze the example of the improvement which has been carried out. And the results show that the improved Kerberos protocol can ensure the security of the information and password.","PeriodicalId":208779,"journal":{"name":"2014 10th International Conference on Natural Computation (ICNC)","volume":"7 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2014-12-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"9","resultStr":"{\"title\":\"Improvement of Kerberos protocol based on dynamic password and “One-time public key”\",\"authors\":\"Yun-yun Du, Hong-yun Ning, Ping Yang, Yan-xia Cui\",\"doi\":\"10.1109/ICNC.2014.6975980\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"We begin with overviews of the existing defects of the current Kerberos protocol and the shortage of the current improvement, and then we focus on the new method of the dynamic password and public key. On the basis of the original Kerberos protocol, firstly, we propose the usage of the Diffie-Hellman algorithm, and put the password in the token, then take the key which has added the dynamic factor as the sharing key between Client and AS, this improvement can fundamentally solve the password guessing attack. Secondly, we use the method of the ElGamal algorithm. For one thing, it will generate a new public key in each authentication, and put the new public key as the secret key of the information transmission between client and resource server, this method basically guarantees security of the information transmission; For another we use the random number, which is associated with the public key, to take the place of the time-stamp to prevent replay attack, it puts the random number and our key together to increase the ability of preventing replay attack. Finally, we analyze the example of the improvement which has been carried out. And the results show that the improved Kerberos protocol can ensure the security of the information and password.\",\"PeriodicalId\":208779,\"journal\":{\"name\":\"2014 10th International Conference on Natural Computation (ICNC)\",\"volume\":\"7 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2014-12-08\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"9\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2014 10th International Conference on Natural Computation (ICNC)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICNC.2014.6975980\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2014 10th International Conference on Natural Computation (ICNC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICNC.2014.6975980","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Improvement of Kerberos protocol based on dynamic password and “One-time public key”
We begin with overviews of the existing defects of the current Kerberos protocol and the shortage of the current improvement, and then we focus on the new method of the dynamic password and public key. On the basis of the original Kerberos protocol, firstly, we propose the usage of the Diffie-Hellman algorithm, and put the password in the token, then take the key which has added the dynamic factor as the sharing key between Client and AS, this improvement can fundamentally solve the password guessing attack. Secondly, we use the method of the ElGamal algorithm. For one thing, it will generate a new public key in each authentication, and put the new public key as the secret key of the information transmission between client and resource server, this method basically guarantees security of the information transmission; For another we use the random number, which is associated with the public key, to take the place of the time-stamp to prevent replay attack, it puts the random number and our key together to increase the ability of preventing replay attack. Finally, we analyze the example of the improvement which has been carried out. And the results show that the improved Kerberos protocol can ensure the security of the information and password.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
