期刊名称:International Journal of Computer Science and Network Security
印刷版ISSN:1738-7906
出版年度:2009
卷号:9
期号:8
页码:17-26
出版社:International Journal of Computer Science and Network Security
摘要:We will focus on cryptographic protocols intended to achieve authentication over the networks. We aim to design a user authentication protocol that is not susceptible to password guessing attacks. We will present an authentication protocol based on the widely deployed Kerberos protocol with a little modification in the Kerberos database. The proposed protocol will be independent of the user password. The KDC will generate the realm principle secret key based on a saved profile in its database. The KDC will save a profile for every instance in the realm that it mange. This profile will be hashed and then, the output digest will be encrypted to generate the secret key. The lifetime of the secret key will be controlled using the system lifetime. By this way, we will overcome the weak passwords chosen by the network principal that are susceptible to password guessing attacks, the main drawback of the Kerberos protocol. In our implementation, we will use Triple-Des as an encryption algorithm, SHA-256 as a hashing algorithm, and Blum Blum Shub as a random number generator algorithm.
Loading...
