See this document in CiteSeerX!

Misplaced Trust: Kerberos 4 Session Keys (1997)  (Make Corrections)  (4 citations)
Bryn Dole, et al.



  Home/Search   Context   Related

 
View or download:
purdue.edu/pub/COA...nspafkerberos.ps
purdue.edu/homes/c..._4_Session_Keys.ps
purdue.edu/pub/pap...spafkerberos.pdf
Cached:  PS.gz  PS  PDF   Image  Update  Help

From:  purdue.edu/coast/coastlibrary (more)
(Enter author homepages)

Rate this article: (best)
  Comment on this article  
(Enter summary)

Abstract: One of the commonly-accepted principles of software design for security is that making the source code openly available leads to better security. The presumption is that the open publication of source code will lead others to review the code for errors. However, this openness is no guarantee of correctness. One of the most widely-published and used pieces of security software in recent memory is the MIT implementation of the Kerberos authentication protocol. In the design of the protocol,... (Update)

Context of citations to this paper:   More

...each is generated independently of the others, and that quality random number generation is used (cf. 7, Chap. 23] 21, Chap. 12] [6, 12, 5]) It is not assumed that they are generated from a uniform distribution, or in fact from any particular fixed distribution. Indeed,...

Cited by:   More
Using a High-Performance, Programmable Secure Coprocessor - Smith, Palmer, Weingart (1998)   (Correct)
A Real-World Analysis of Kerberos Password Security - Wu (1999)   (Correct)
Secure Outsourcing of Some Computations - Atallah, Pantazopoulos, Spafford (1996)   (Correct)

Active bibliography (related documents):   More   All
0.5:   Security Through Aspect-Oriented Programming - De Win, Vanhaute, De Decker (2001)   (Correct)
0.1:   Beyond Address Spaces - Flexibility, Performance.. - Golm, Kleinöder, Bellosa (2001)   (Correct)
0.1:   Agent Tcl: A flexible and secure mobile-agent system - Gray (1997)   (Correct)

Similar documents based on text:   More   All
0.5:   Long Random Wait Times for Getting a Care-of Address are a Mobile.. - Vatn   (Correct)
0.4:   Simulating Boolean circuits by finite splicing - Erk (1999)   (Correct)
0.2:   Software Generation of Practically Strong Random Numbers - Gutmann (1998)   (Correct)

Related documents from co-citation:   More   All
2:   Secure addition sequence and its application on the server-aided secret computat.. (context) - Laih, Yen - 1992
2:   Security and Performance of server-aided RSA computation protocols - Lim, Lee - 1995
2:   RFC--1750 Randomness Recommendations for Security (context) - Eastlake, Crocker et al. - 1994

BibTeX entry:   (Update)

B. Dole, S. Lodin, and E. H. Spafford. Misplaced trust: Kerberos 4 session keys, in Proceedings of 4th Symposium on Network and Distributed System Security, IEEE Press, (1997), 60--71. http://citeseer.ist.psu.edu/dole97misplaced.html   More

@misc{ dole97misplaced,
  author = "B. Dole and S. Lodin and E. Spafford",
  title = "Misplaced trust: Kerberos 4 session keys",
  text = "B. Dole, S. Lodin, and E. H. Spafford. Misplaced trust: Kerberos 4 session
    keys, in Proceedings of 4th Symposium on Network and Distributed System
    Security, IEEE Press, (1997), 60--71.",
  year = "1997",
  url = "citeseer.ist.psu.edu/dole97misplaced.html" }
Citations (may not include all citations):
450   Using encryption for authentication in large networks of com.. (context) - Needham, Schroeder - 1978
317   Kerberos: An authentication service for open network systems - Steiner, Neuman et al. - 1988
276   Applied Cryptography: Protocols (context) - Schneier - 1996
244   CryptographyandData Security (context) - Denning - 1982
194   The protection of information in computer systems (context) - Saltzer, Schroeder - 1975
178   Kerberos: An authentication service for computer networks (context) - Neuman, Ts'o - 1994
136   The Kerberos Network Authentication Service - Kohl, Neuman - 1993
79   Limitations of the Kerberos authentication system - Bellovin, Merritt - 1991
68   Randomness recommendations for security - Eastlake, Crocker et al. - 1994
59   Sun Microsystems (context) - Kramer, Platform - 1996
41   Minimal key lengths for symmetric ciphers to provide adequat.. (context) - Blaze, Diffie et al. - 1996
38   Practical UNIX & Internet Security (context) - Garfinkel, Spafford - 1996
35   Requirements for Network Payment: The Netcheque Perspective - NeumanandG - 1995
33   Social processes and the proofs of theorems and programs (context) - DeMillo, Lipton et al. - 1979
20   Randomness and the netscape browser (context) - Goldberg, Wagner - 1995
19   II: Seminumerical Algorithms (context) - Knuth, of et al. - 1973
8   JavaOS: A Standalone Java Environment (context) - Madany - 1996
2   Netscape security (context) - Demailly - 1995
1   random key (context) - Anderson - 1988
1   chapter Why Did the Tower of Babel Fail (context) - Jr, Man-Month - 1995
1   Re: Integrity of MIT source (context) - Ts'o - 1991
1   Sesame security issues (context) - Lebastard - 1996
1   MIT-MAGIC-COOKIE-1 random number generator weakness (context) - mit-magic-cookie-, weakness et al. - 1995
1   MIT-MAGIC-COOKIE-1 random number generator problems (context) - Hall - 1996

Documents on the same site (http://www.cs.purdue.edu/coast/coast-library.html):   More
Classification And Detection Of Computer Intrusions - Kumar (1995)   (Correct)
Secure Outsourcing of Scientific Computations - Atallah, Rice (1998)   (Correct)
Software Forensics: Can We Track Code to its Authors? - Spafford, Weeber (1992)   (Correct)

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC