Nothing Special   »   [go: up one dir, main page]
Skip to main content
Springer Nature Link
Log in

Authentication and delegation with smart-cards

  • Conference paper
  • First Online:
Theoretical Aspects of Computer Software (TACS 1991)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 526))

Included in the following conference series:

Abstract

The authentication of users in distributed systems poses special problems because users lack the ability to encrypt and decrypt. The same problems arise when users wish to delegate some of their authority to nodes, after mutual authentication.

In most systems today, the user is forced to trust the node he wants to use. In a more satisfactory design, the user carries a smart-card with sufficient computing power to assist him; the card provides encryption and decryption capabilities for authentication and delegation.

Authentication is relatively straightforward with a powerful enough smartcard. smart-card. However, for practical reasons, protocols that place few demands on smartcards smart-cards should be considered. These protocols are subtle, as they rely on fairly complex trust relations between the principals in the system (users, hosts, services). In this paper, we discuss a range of public-key smart-card protocols, and analyze their assumptions and the guarantees they offer.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. M. Abadi and M. Tuttle. A Semantics for a Logic of Authentication, to appear in Proceedings of the Tenth Annual ACM Symposium on Principles of Distributed Computing, Montreal, August 1991.

    Google Scholar 

  2. M. Burrows, M. Abadi, and R.M. Needham. A Logic of Authentication, Proceedings of the Royal Society of London A Vol. 426, 1989, pp. 233–271. A preliminary version appeared as Digital Equipment Corporation Systems Research Center report No. 39, February 1989.

    Google Scholar 

  3. CCITT. CCITT Blue Book, Recommendation X.509 and ISO 9594-8: The Directory-Authentication Framework. Geneva, March 1988.

    Google Scholar 

  4. D. Chaum and I. Schaumüller-Bichl, editors. Smart Card 2000: The Future of IC Cards, Proceedings of the IFIP WG 11.6 International Conference on Smart Card 2000: The Future of IC Cards, Laxenburg, Austria, October, 1987. North-Holland, Amsterdam, 1989.

    Google Scholar 

  5. National Bureau of Standards. Data Encryption Standard. Fed. Inform. Processing Standards Pub. 46. Washington DC, January 1977.

    Google Scholar 

  6. W. Diffie and M. Hellman. New Directions in Cryptography. IEEE Transactions on Information Theory IT-22, No. 6, November 1976, pp. 644–654.

    Article  Google Scholar 

  7. M. Gasser, A. Goldstein, C. Kaufman, B. Lampson. The Digital Distributed System Security Architecture. Proceedings of the 1989 National Computer Security Conference, Baltimore, October 1989, pp. 305–319.

    Google Scholar 

  8. U. Feige, A. Fiat, A. Shamir. Zero Knowledge Proofs of Identity. Proceedings of the Nineteenth Annual ACM Symposium on Theory of Computing, New York, May 1987, pp. 210–217.

    Google Scholar 

  9. M. Gasser, E. McDermott. An Architecture for Practical Delegation in a Distributed System. Proceedings of the 1990 IEEE Symposium on Security and Privacy, Oakland, May 1990, pp. 20–30.

    Google Scholar 

  10. C.A.R. Hoare. An Axiomatic Basis for Computer Programming, CACM Vol. 12, No. 10, October 1969, pp. 576–580.

    Google Scholar 

  11. S.P. Miller, C. Neuman, J.I. Schiller, and J.H. Saltzer. Kerberos Authentication and Authorization System. Project Athena Technical Plan Section E.2.1, MIT, July 1987.

    Google Scholar 

  12. R.M. Needham and M.D. Schroeder. Using Encryption for Authentication in Large Networks of Computers. CACM Vol. 21, No. 12, December 1978, pp. 993–999.

    Google Scholar 

  13. R.L. Rivest, A. Shamir, and L. Adleman. A Method for Obtaining Digital Signatures and Public-key Cryptosystems, CACM Vol. 21, No. 2, February 1978, pp. 120–126.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Digital Equipment Corporation, Systems Research Center, 130 Lytton Avenue, 94301, Palo Alto, California, USA

    M. Abadi, M. Burrows & B. Lampson

  2. Digital Equipment Corporation, Telecommunications and Networks, 550 King Street, 01460, Littleton, Massachusetts, USA

    C. Kaufman

Authors
  1. M. Abadi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. M. Burrows
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. C. Kaufman
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. B. Lampson
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Takayasu Ito Albert R. Meyer

Rights and permissions

Reprints and permissions

Copyright information

© 1991 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Abadi, M., Burrows, M., Kaufman, C., Lampson, B. (1991). Authentication and delegation with smart-cards. In: Ito, T., Meyer, A.R. (eds) Theoretical Aspects of Computer Software. TACS 1991. Lecture Notes in Computer Science, vol 526. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-54415-1_53

Download citation

  • DOI: https://doi.org/10.1007/3-540-54415-1_53

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-54415-9

  • Online ISBN: 978-3-540-47617-7

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation