A nonce-based protocol for multiple authentications

1 October 1992

journal article
Published by Association for Computing Machinery (ACM) in ACM SIGOPS Operating Systems Review

Vol. 26 (4), 84-89
https://doi.org/10.1145/142854.142872

Abstract

The Kerberos authentication service, a part of MIT's Project Athena, is based on the Needham and Schroeder protocol. Timestamps depending on reliable synchronized clocks are used to guarantee the freshness of messages. As an improvement, we present a nonce-based protocol offering the same features as Kerberos. We generate a ticket in an initial message exchange which includes a generalized timestamp. Checking this generalized timestamp is left to the principal who created it. Consequently we do not need synchronized clocks. Our protocol has the property of using a minimal number of messages to establish an authenticated session key.

Keywords

This publication has 5 references indexed in Scilit:

A security risk of depending on synchronized clocks
ACM SIGOPS Operating Systems Review, 1992
Limitations of the Kerberos authentication system
ACM SIGCOMM Computer Communication Review, 1990
A logic of authentication
Published by Association for Computing Machinery (ACM) ,1989
Timestamps in key distribution protocols
Communications of the ACM, 1981
Using encryption for authentication in large networks of computers
Communications of the ACM, 1978

Cited by 35 articles