This paper describes KryptoKnight, an authentication and key distribution system that provides facilities for secure communication in any type of network environment. KryptoKnight was designed with the goal of providing network security services with a high degree of compactness and flexibility. Message compactness of KryptoKnight's protocols allows it to secure communication protocols at any layer, without requiring any major protocol augmentations in order to accommodate security-related information. Moreover, since KryptoKnight avoids the use of bulk encryption it is easily exportable. Owing to its architectural flexibility, KryptoKnight functions at both endpoints of communication can perform different security tasks depending on the particular network configuration. These and other novel features make KryptoKnight an attractive solution for providing security services to existing applications irrespective of the protocol layer, network configuration or communication paradigm. 1 In...

Many recent research e orts in computer security focus on constructing provably secure authentication protocols. Although many of the resulting protocols rely on the a priori secure distribution of secret keys, no provably secure key distribution protocols have yet been demonstrated. In this paper, we use an existing secure two-party authentication protocol as a stepping stone for constructing a series of simple and secure key distribution protocols. The protocols are shown to satisfy desired security requirements, using the security properties of the underlying authentication protocol. 1

The problem of secure key distribution has been the subject of much attention in the recent years. This paper describes a novel method for authenticated key distribution in the distributed systems environment. In particular, a braiding technique for key distribution is introduced. The underlying protocols are extremely compact in both the number of messages and message sizes which facilitates their application at any layer (at lower layers, in particular) in the protocol hierarchy. Furthermore, the protocols are shown to be resistant to a wide range of interleaving attacks. All this is achieved with minimal computational requirements and without the necessity of using traditional encryption (a strong one-way function suffices.) Keywords: Network Security, Network Protocols, Authentication, Key Distribution. 1 Introduction Research in authentication protocols has been fairly active since the publication in the late 1970s of Needham and Schroeder's landmark paper [13]. In it, they prop...

This paper discusses issues and idiosyncrasies associated with changing passwords and keys in distributed computer systems.

1.4 Simple XOR