Fault-Tolerant Key Distribution (Preliminary Version)

摘要

Many authentication or key distribution protocols have been proposed todistribute cryptographic keys for secure communication in open networks. These protocols often employ trusted authentication and time services whose corruption or failure could result in security breaches or prevent correct principals from establishing secure communication. In this paper, we describe the design and implementation of authentication and time services that securely and fault-tolerantly support key distribution. By using replication only when necessary, and introducing novel replication techniques when it was necessary, we have constructed these services to be easily defensible against malicious attack. Moreover, the transient unavailability of even a substantial number of servers does not hinder key distribution between correct principals or expose protocols to intruder attacks. We also describe how these services function as the foundation for a more comprehensive security architecture that we have implemented for fault-tolerant systems.