This preview shows page 1. Sign up to view the full content.
Unformatted text preview: r to that described [in Section 24.3], that minimizes the need for phones to talk to the key management center. Recent reports have been more forthcoming, speaking of a key management system called FIREFLY that  “evolved from public key technology and is used to establish pair-wise traffic encryption keys.” Both this description and testimony submitted to the U.S. Congress by Lee Neuwirth of Cylink  suggest a combination of key exchange and certificates similar to that used in the ISDN secure phone and it is plausible that FIREFLY too is based on exponentiation. STU-IIIs are manufactured by AT&ampT and GE. Somewhere between 300, 000 and 400, 000 have been fielded through 1994. A new version, the Secure Terminal Equipment (STE), will work on ISDN lines. 24.5 Kerberos
Kerberos is a trusted third-party authentication protocol designed for TCP/IP networks. A Kerberos service, sitting on the network, acts as a trusted arbitrator. Kerberos provides secure network authentication, allowing a person to access different machines on the network. Kerberos is based on symmetric cryptography (DES as implemented, but other algorithms could be used instead). Kerberos shares a different secret key with every entity on the network and knowledge of that secret key equals proof of identity. Kerberos was originally developed at MIT for Project Athena. The Kerberos model is based on Needham-Schroeder’s trusted third-party protocol (see Section 3.3) . The original version of Kerberos, Version 4, is specified in [1094, 1499]. (Versions 1 through 3 were internal development versions.) Version 5, modified from Version 4, is specified in [876, 877, 878]. The best overview of Kerberos is . Other survey articles are [1384, 1493], and two good articles on using Kerberos in the real world are [781, 782]. Previous Table of Contents Next Products | Contact Us | About Us | Privacy | Ad Info | Home Use of this site is subject to certain Terms & Conditions, Copyright © 1996-2000 EarthWeb Inc. All rights reserved. Reproduction whole or in part...
View Full Document
- Fall '10