Symmetric Key Authentication Services Revisited

B. Crispo, B.C. Popescu, A.S. Tanenbaum

Research output: Contribution to JournalArticleAcademicpeer-review


Most of the symmetric key authentication schemes deployed today are based on principles introduced by Needham and Schroeder [15] more than twenty years ago. However, since then, the computing environment has evolved from a LAN-based client-server world to include new paradigms, including wide area networks, peer-to-peer networks, mobile ad-hoc networks and ubiquitous computing. Also, there are new threats, including viruses, worms and denial of service attacks. In this paper we review existing symmetric key authentication protocols in the light of these changes, and propose a authentication infrastructure design specifically tailored to address the latest developments in the distributed computing landscape. The key element in our design is placing the authentication server off-line, which greatly strengthens the security of its cryptographic material and shields it from denial of service attacks. Although the authentication server is not accessible on-line, our scheme can handle a dynamic client population, as well as critical issues such as re-issuing of keys and revocation. © Springer-Verlag Berlin Heidelberg 2004.
Original languageEnglish
Pages (from-to)248-261
Number of pages14
JournalLecture Notes in Computer Science
Publication statusPublished - 2004


Dive into the research topics of 'Symmetric Key Authentication Services Revisited'. Together they form a unique fingerprint.

Cite this