Network Protocols for Distributed Computing of Keys using the Kerberos Protocol
DOI:
https://doi.org/10.24160/1993-6982-2019-1-108-113Keywords:
cryptographic protocol, key pre-distribution scheme, privileged group, alienated coalition, Blom scheme, key distribution pattern, KerberosAbstract
Cryptographic protocols for exchange of key information in a computer network containing a trusted center (server) and a number of users sharing individual keys of a symmetric encryption system with the server are studied. There are sets of privileged user groups and sets of alienated user coalitions. Preliminary keys are computed on the server according to a certain preliminary key distribution scheme, from which the users of any privileged group can determine a common working key that is not accessible to the users of any alienated coalition that does not overlap with this privileged user group. A general structure of protocols is proposed, in which the preliminary keys delivered to the users and used by them to obtain the working keys are computed using the updated system key information. The studied protocols inherit the structure and functionality of the protocol with time stamps and extend them for the stage of delivering to users the preliminary keys and data from which the users can compute a common working key for communications within the group. Such protocols ensure mutual authentication of users in each privileged group at a certain moment of time and resistance to attacks from the members of alienated groups, that is, impossibility to behave as a privileged group member or to impose an outdated or compromised key.
References
1. Stinson D.R. Cryptography. Theory and Practice. Boca Raton: CRC Press, 2006.
2. Wenbo Mao. Modern Cryptography. Theory and Practice. New Jersey: Hewlett-Packard Company. Prentice Hall, Inc. Upper Saddle River, (2003).
3. MIT Kerberos Documentation. Complete Reference. API and Datatypes [Электрон. ресурс] https://web.mit.edu/kerberos/krb5-1.14/doc/appdev/refs/index.html (дата обращения 05.03.2018).
4. Алферов А.П., Зубов А Ю., Кузьмин А.С., Черемушкин А.В. Основы криптографии. М.: Гелиос АРВ, 2005.
5. Лось А.Б., Нестеренко А.Ю. Рожков М.И. Криптографические методы защиты информации. М.: Юрайт, 2017.
6. Akhbarifar S., Rahmani A.M. A Survey on Key Pre-distribution Schemes for Security in Wireless. Sensor Networks // Intern. J. Computer Networks and Communications Security. 2014. V. 2. No. 12. Pp. 423—442.
7. Xiaomin Li e. a. A Review of Industrial Wireless Networks in the Context of Industry 4.0 // Wireless Network. 2017. V. 23. Pp. 23—41.
8. Di-Pietro R., Guarino S., Verde N.V., Domingo Ferrer J. Security in Wireless Ad-hoc Networks: a Survey // Computer Communications. 2014. V. 51. Pp. 1—20.
9. Rottondi C., Verticale G., Capone A. Privacypreserving Smart Metering with Multiple Data Consumers // Computer Networks. 2013. V. 57. Pp. 1699—1713.
10. Ma C., Xue K., Hong P. Distributed Access Control with Adaptive Privacy Preserving Property for Wireless Sensor Networks // Security and Communication Networks. 2014. V. 7 (4). Pp. 759—773.
11. Oualha N., Olivereau A. Sensor and Data Privacy in Industrial Wireless Sensor Networks // Proc. Conf. Network and Information Systems Security. La Rochelle. 2011. Pp. 1—8.
12. Stinson D.R. Overview of Attack Models and Adversarial Goals for SKDS and KAS. CS 758 [Электрон. ресурс] http://cgi.di.uoa.gr/~halatsis/Crypto/Bibliografia/ Crypto_Lectures/Stinson_lectures/lec09.pdf (дата обращения 05.03.2018).
13. Shruthi P., Nirmala M.B., Manjunath A.S. Secured Modified Bloom's based Q-composite Key Distribution for Wireless Sensor Networks // Intern. J. Advanced Computer Theory and Eng. 2013. V. 2. No. 5. Pp. 2319—2526.
14. Ramkumar M. Symmetric Cryptography Protocols. Heidelberg, N.-Y., Dordrecht, London: Springer, 2014.
15. Frolov A., Zatey A. Probabilistic Synthesis of KDP Satis-fying Mutually Complementary Correctness Conditions // Proc. Intern. Conf. Advances in Computing, Communication and Information Techn. 2014. Pp. 75—79.
16. Frolov A.B., Shchurov I.I. Non-centralized Key Pre-distribution in Computer Networks // IEEE Proc. Intern. Conf. Dependability of Computer Syst. 2008. Pp. 179—188.
17. Generic Security Services Application Program Interface — Python GSSAPI wrapper [Офиц. сайт] https://pypi.python.org/pypi/gssapi (дата обращения 05.03.2018).
18. The Python Package Fora High-level Wrapper for Kerberos (GSSAPI) Operations [Офиц. сайт] https:// pypi.python.org/pypi/pykerberos/1.1.14 (дата обращения 05.03.2018).
19. Щуров И.И. Методы и программные средства предварительного распределения ключей в компьютерной сети: дисс. … канд. техн. наук. М.: Изд-во МЭИ, 2008.
20. Chi-Yua Chen, Han-Chieh Chao. A Survey of Key Distribution in Wireless Sensor Networks // Security and Communication Networks. 2014. V. 7. No. 12. Pp. 2495—2508.
---
Для цитирования: Винников А.М., Фролов А.Б. Сетевые протоколы распределенного вычисления ключей с использованием протокола Керберос // Вестник МЭИ. 2019. № 1. С. 108—113. DOI: 10.24160/1993-6982-2019-1-108-113.
#
1. Stinson D.R. Cryptography. Theory and Practice. Boca Raton: CRC Press, 2006.
2. Wenbo Mao. Modern Cryptography. Theory and Practice. New Jersey: Hewlett-Packard Company. Prentice Hall, Inc. Upper Saddle River, (2003).
3. MIT Kerberos Documentation. Complete Reference. API and Datatypes [Elektron. Resurs] https://web.mit.edu/kerberos/krb5-1.14/doc/appdev/refs/index.html (Data Obrashcheniya 05.03.2018).
4. Alferov A.P., Zubov A Yu., Kuz'min A.S., Cheremushkin A.V. Osnovy Kriptografii. M.: Gelios ARV, 2005. (in Russian).
5. Los' A.B., Nesterenko A.Yu. Rozhkov M.I. Kriptograficheskie Metody Zashchity Informatsii. M.: Yurayt, 2017. (in Russian).
6. Akhbarifar S., Rahmani A.M. A Survey on Key Pre-distribution Schemes for Security in Wireless. Sensor Networks. Intern. J. Computer Networks and Communications Security. 2014;2;12:423—442.
7. Xiaomin Li e. a. A Review of Industrial Wireless Networks in the Context of Industry 4.0. Wireless Network. 2017;23:23—41.
8. Di-Pietro R., Guarino S., Verde N.V., Domingo Ferrer J. Security in Wireless Ad-hoc Networks: a Survey. Computer Communications. 2014;51:1—20.
9. Rottondi C., Verticale G., Capone A. Privacypreserving Smart Metering with Multiple Data Consumers. Computer Networks. 2013;57:1699—1713.
10. Ma C., Xue K., Hong P. Distributed Access Control with Adaptive Privacy Preserving Property for Wireless Sensor Networks. Security and Communication Networks. 2014;7 (4):759—773.
11. Oualha N., Olivereau A. Sensor and Data Privacy in Industrial Wireless Sensor Networks. Proc. Conf. Network and Information Systems Security. La Rochelle. 2011:1—8.
12. Stinson D.R. Overview of Attack Models and Adversarial Goals for SKDS and KAS. CS 758 [Elektron. Resurs] http://cgi.di.uoa.gr/~halatsis/Crypto/Bibliografia/ Crypto_Lectures/Stinson_lectures/lec09.pdf (Data Obrashcheniya 05.03.2018).
13. Shruthi P., Nirmala M.B., Manjunath A.S. Secured Modified Bloom's based Q-composite Key Distribution for Wireless Sensor Networks. Intern. J. Advanced Computer Theory and Eng. 2013;2;5:2319—2526.
14. Ramkumar M. Symmetric Cryptography Protocols. Heidelberg, N.-Y., Dordrecht, London: Springer, 2014.
15. Frolov A., Zatey A. Probabilistic Synthesis of KDP Satis-fying Mutually Complementary Correctness Conditions. Proc. Intern. Conf. Advances in Computing, Communication and Information Techn. 2014:75—79.
16. Frolov A.B., Shchurov I.I. Non-centralized Key Pre-distribution in Computer Networks. IEEE Proc. Intern. Conf. Dependability of Computer Syst. 2008:179—188.
17. Generic Security Services Application Program Interface — Python GSSAPI wrapper [Ofits. Sayt] https://pypi.python.org/pypi/gssapi (Data Obrashcheniya 05.03.2018).
18. The Python Package Fora High-level Wrapper for Kerberos (GSSAPI) Operations [Ofits. Sayt] https://pypi. python.org/pypi/pykerberos/1.1.14 (Data Obrashcheniya 05.03.2018).
19. Shchurov I.I. Metody i Programmnye Sredstva Predvaritel'nogo Raspredeleniya Klyuchey v Komp'yuternoy Seti: Diss. … Kand. Tekhn. Nauk. M.: Izd-vo MEI, 2008. (in Russian).
20. Chi-Yua Chen, Han-Chieh Chao. A Survey of Key Distribution in Wireless Sensor Networks. Security and Communication Networks. 2014;7;12:2495—2508.
---
For citation: Vinnikov A.M., Frolov A.B. Network Protocols for Distributed Computing of Keys using the Kerberos Protocol. MPEI Vestnik. 2019;1:108—113. (in Russian). DOI: 10.24160/1993-6982-2019-1-108-113.
2. Wenbo Mao. Modern Cryptography. Theory and Practice. New Jersey: Hewlett-Packard Company. Prentice Hall, Inc. Upper Saddle River, (2003).
3. MIT Kerberos Documentation. Complete Reference. API and Datatypes [Электрон. ресурс] https://web.mit.edu/kerberos/krb5-1.14/doc/appdev/refs/index.html (дата обращения 05.03.2018).
4. Алферов А.П., Зубов А Ю., Кузьмин А.С., Черемушкин А.В. Основы криптографии. М.: Гелиос АРВ, 2005.
5. Лось А.Б., Нестеренко А.Ю. Рожков М.И. Криптографические методы защиты информации. М.: Юрайт, 2017.
6. Akhbarifar S., Rahmani A.M. A Survey on Key Pre-distribution Schemes for Security in Wireless. Sensor Networks // Intern. J. Computer Networks and Communications Security. 2014. V. 2. No. 12. Pp. 423—442.
7. Xiaomin Li e. a. A Review of Industrial Wireless Networks in the Context of Industry 4.0 // Wireless Network. 2017. V. 23. Pp. 23—41.
8. Di-Pietro R., Guarino S., Verde N.V., Domingo Ferrer J. Security in Wireless Ad-hoc Networks: a Survey // Computer Communications. 2014. V. 51. Pp. 1—20.
9. Rottondi C., Verticale G., Capone A. Privacypreserving Smart Metering with Multiple Data Consumers // Computer Networks. 2013. V. 57. Pp. 1699—1713.
10. Ma C., Xue K., Hong P. Distributed Access Control with Adaptive Privacy Preserving Property for Wireless Sensor Networks // Security and Communication Networks. 2014. V. 7 (4). Pp. 759—773.
11. Oualha N., Olivereau A. Sensor and Data Privacy in Industrial Wireless Sensor Networks // Proc. Conf. Network and Information Systems Security. La Rochelle. 2011. Pp. 1—8.
12. Stinson D.R. Overview of Attack Models and Adversarial Goals for SKDS and KAS. CS 758 [Электрон. ресурс] http://cgi.di.uoa.gr/~halatsis/Crypto/Bibliografia/ Crypto_Lectures/Stinson_lectures/lec09.pdf (дата обращения 05.03.2018).
13. Shruthi P., Nirmala M.B., Manjunath A.S. Secured Modified Bloom's based Q-composite Key Distribution for Wireless Sensor Networks // Intern. J. Advanced Computer Theory and Eng. 2013. V. 2. No. 5. Pp. 2319—2526.
14. Ramkumar M. Symmetric Cryptography Protocols. Heidelberg, N.-Y., Dordrecht, London: Springer, 2014.
15. Frolov A., Zatey A. Probabilistic Synthesis of KDP Satis-fying Mutually Complementary Correctness Conditions // Proc. Intern. Conf. Advances in Computing, Communication and Information Techn. 2014. Pp. 75—79.
16. Frolov A.B., Shchurov I.I. Non-centralized Key Pre-distribution in Computer Networks // IEEE Proc. Intern. Conf. Dependability of Computer Syst. 2008. Pp. 179—188.
17. Generic Security Services Application Program Interface — Python GSSAPI wrapper [Офиц. сайт] https://pypi.python.org/pypi/gssapi (дата обращения 05.03.2018).
18. The Python Package Fora High-level Wrapper for Kerberos (GSSAPI) Operations [Офиц. сайт] https:// pypi.python.org/pypi/pykerberos/1.1.14 (дата обращения 05.03.2018).
19. Щуров И.И. Методы и программные средства предварительного распределения ключей в компьютерной сети: дисс. … канд. техн. наук. М.: Изд-во МЭИ, 2008.
20. Chi-Yua Chen, Han-Chieh Chao. A Survey of Key Distribution in Wireless Sensor Networks // Security and Communication Networks. 2014. V. 7. No. 12. Pp. 2495—2508.
---
Для цитирования: Винников А.М., Фролов А.Б. Сетевые протоколы распределенного вычисления ключей с использованием протокола Керберос // Вестник МЭИ. 2019. № 1. С. 108—113. DOI: 10.24160/1993-6982-2019-1-108-113.
#
1. Stinson D.R. Cryptography. Theory and Practice. Boca Raton: CRC Press, 2006.
2. Wenbo Mao. Modern Cryptography. Theory and Practice. New Jersey: Hewlett-Packard Company. Prentice Hall, Inc. Upper Saddle River, (2003).
3. MIT Kerberos Documentation. Complete Reference. API and Datatypes [Elektron. Resurs] https://web.mit.edu/kerberos/krb5-1.14/doc/appdev/refs/index.html (Data Obrashcheniya 05.03.2018).
4. Alferov A.P., Zubov A Yu., Kuz'min A.S., Cheremushkin A.V. Osnovy Kriptografii. M.: Gelios ARV, 2005. (in Russian).
5. Los' A.B., Nesterenko A.Yu. Rozhkov M.I. Kriptograficheskie Metody Zashchity Informatsii. M.: Yurayt, 2017. (in Russian).
6. Akhbarifar S., Rahmani A.M. A Survey on Key Pre-distribution Schemes for Security in Wireless. Sensor Networks. Intern. J. Computer Networks and Communications Security. 2014;2;12:423—442.
7. Xiaomin Li e. a. A Review of Industrial Wireless Networks in the Context of Industry 4.0. Wireless Network. 2017;23:23—41.
8. Di-Pietro R., Guarino S., Verde N.V., Domingo Ferrer J. Security in Wireless Ad-hoc Networks: a Survey. Computer Communications. 2014;51:1—20.
9. Rottondi C., Verticale G., Capone A. Privacypreserving Smart Metering with Multiple Data Consumers. Computer Networks. 2013;57:1699—1713.
10. Ma C., Xue K., Hong P. Distributed Access Control with Adaptive Privacy Preserving Property for Wireless Sensor Networks. Security and Communication Networks. 2014;7 (4):759—773.
11. Oualha N., Olivereau A. Sensor and Data Privacy in Industrial Wireless Sensor Networks. Proc. Conf. Network and Information Systems Security. La Rochelle. 2011:1—8.
12. Stinson D.R. Overview of Attack Models and Adversarial Goals for SKDS and KAS. CS 758 [Elektron. Resurs] http://cgi.di.uoa.gr/~halatsis/Crypto/Bibliografia/ Crypto_Lectures/Stinson_lectures/lec09.pdf (Data Obrashcheniya 05.03.2018).
13. Shruthi P., Nirmala M.B., Manjunath A.S. Secured Modified Bloom's based Q-composite Key Distribution for Wireless Sensor Networks. Intern. J. Advanced Computer Theory and Eng. 2013;2;5:2319—2526.
14. Ramkumar M. Symmetric Cryptography Protocols. Heidelberg, N.-Y., Dordrecht, London: Springer, 2014.
15. Frolov A., Zatey A. Probabilistic Synthesis of KDP Satis-fying Mutually Complementary Correctness Conditions. Proc. Intern. Conf. Advances in Computing, Communication and Information Techn. 2014:75—79.
16. Frolov A.B., Shchurov I.I. Non-centralized Key Pre-distribution in Computer Networks. IEEE Proc. Intern. Conf. Dependability of Computer Syst. 2008:179—188.
17. Generic Security Services Application Program Interface — Python GSSAPI wrapper [Ofits. Sayt] https://pypi.python.org/pypi/gssapi (Data Obrashcheniya 05.03.2018).
18. The Python Package Fora High-level Wrapper for Kerberos (GSSAPI) Operations [Ofits. Sayt] https://pypi. python.org/pypi/pykerberos/1.1.14 (Data Obrashcheniya 05.03.2018).
19. Shchurov I.I. Metody i Programmnye Sredstva Predvaritel'nogo Raspredeleniya Klyuchey v Komp'yuternoy Seti: Diss. … Kand. Tekhn. Nauk. M.: Izd-vo MEI, 2008. (in Russian).
20. Chi-Yua Chen, Han-Chieh Chao. A Survey of Key Distribution in Wireless Sensor Networks. Security and Communication Networks. 2014;7;12:2495—2508.
---
For citation: Vinnikov A.M., Frolov A.B. Network Protocols for Distributed Computing of Keys using the Kerberos Protocol. MPEI Vestnik. 2019;1:108—113. (in Russian). DOI: 10.24160/1993-6982-2019-1-108-113.
Downloads
Published
2018-03-15
Issue
Section
Mathematical and Software Support of Computing Machines, Complexes and Computer (05.13.11)
