We address bootstrapping secure multicast in enterprise and public-safety settings. Our workis motivated by the fact that secure multicast has important applications in such settings, and thatthe application setting significantly influences the design of security systems and protocols.This document presents and analyzes two designs for the composition of the authenticationprotocol, Kerberos, and the key transport protocol, Multimedia Internet KEYing (MIKEY). Thetwo designs are denoted to be KM1 and KM2 . The main aspect in which the objective impactsthe design is the assumption of an additional trusted third party (called a Key Server) that is thefinal arbiter on whether a principal is authorized to receive a key.Secure composition can be a challenge, and therefore the designs were kept to be simple sothey have intuitive appeal. Notwithstanding this, it was recognized that even simple, seeminglysecure protocols can have flaws. Two main security properties of interest called safety and avail-ability were articulated. A rigorous analysis of KM1 and KM2 was conducted using ProtocolComposition Logic (PCL), a symbolic approach to analyzing security protocols, to show that thedesigns have those properties.The value of the analysis is demonstrated by a possible weakness in KM1 that was discoveredwhich lead to the design of KM2 . A prototype of KM1 and KM2 was implemented starting withthe publicly available reference implementation of Kerberos, and an open-source implementationof MIKEY. This document also discusses the experience from the implementation, and presentempirical results which demonstrate the inherent trade-off between security and performance inthe design of KM1 and KM2 .
【 预 览 】
附件列表
Files
Size
Format
View
Bootstrapping Secure Multicast using Kerberized Multimedia Internet Keying
PDF
download
878987797
028-85220240
