### BibTeX

@MISC{(s_,

author = {Comp Week (s and Ihor Kuz and Felix Rauch and Manuel M. T. Chakravarty and Gernot Heiser},

title = {},

year = {}

}

### OpenURL

### Abstract

An important aspect of dependability in distributed systems relates to security. There are two security related aspects of dependability: confidentiality and integrity. In a system that offers confidentiality, information will only be disclosed to (and services will only be provided to) authorised parties. A system that provides integrity will ensure that alterations (to data or services) can only be made in an authorised way. Furthermore, improper alterations will be detectable and recoverable. Confidentiality and integrity are generally provided through a combination of secure communication and authorisation. Secure communication is concerned with providing a secure communication channel between entities (such as users and processes) in a distributed system. A secure channel provides confidentiality in that data sent over such a channel will not be disclosed to unauthorised third parties. Likewise the integrity of data being sent over secure channels is protected because it cannot be tampered with by unauthorised third parties. Authorisation is concerned with allowing entities to only access those resources that they are entitled to access. This requires determining the identity of entities in the system and keeping track of which resources they are allowed to access, as well as monitoring which resources they attempt to access and preventing

### Citations

2912 | L.: A method for obtaining digital signatures and public-key cryptosystems
- Rivest, Shamir, et al.
- 1978
(Show Context)
Citation Context ...pairs of encryption and decryption keys, where KE �= KD and it is infeasible to compute KD from KE. We define the public key KE =: Kpub and private key KD =: Kpri. Examples of such algorithms are RSA =-=[RSA78]-=- and variants of Diffie & Hellman’s original algorithm, such as ElGamal [ElG85]. These algorithms are too slow to encrypt large volumes of data. Public key cryptography depends on so-called trap-door ... |

1113 |
A public key cryptosystem and a signature scheme based on discrete logarithms
- ElGamal
- 1985
(Show Context)
Citation Context ... compute KD from KE. We define the public key KE =: Kpub and private key KD =: Kpri. Examples of such algorithms are RSA [RSA78] and variants of Diffie & Hellman’s original algorithm, such as ElGamal =-=[ElG85]-=-. These algorithms are too slow to encrypt large volumes of data. Public key cryptography depends on so-called trap-door functions, which can be considered to be one-way functions with a secret exit; ... |

1011 | Applied Cryptography - Schneier - 1995 |

864 |
Using encryption for authentication in large networks of computers
- Needham, Schroeder
(Show Context)
Citation Context ...: 3 K A K B A B ... ... K AB K K B A [{A, } ] K AB K B Ticket A :[{ N } ] B B m 4 K AB m :[{ N -1} ] 5 B K AB Figure 3: Needham-Schroeder protocol for symmetric ciphers The Needham-Schroeder protocol =-=[NS78]-=- with secret keys is illustrated in Figure 3. It is based on a central key distribution centre D that shares a (symmetric) key KA with each agent A. If agent A wants to communicate with B, it obtains ... |

792 | Communication Theory of Secrecy systems - Shannon - 1949 |

624 | Kerberos: An Authentication Service for Open Network Systems
- Steiner, Neuman, et al.
- 1988
(Show Context)
Citation Context ... a session key encrypted using their public keys, and then exchange their authentication information over this secure channel. Kerberos Kerberos is a commercial authentication system developed at MIT =-=[SNS88]-=-. It is based on Needham-Schroeder protocol and integrates symmetric key encryption, distribution and authentication into commercial computer systems. It requires a secure central server, but allows f... |

445 | Authentication in Distributed Systems: Theory and Practice
- Lampson, Abadi, et al.
- 1992
(Show Context)
Citation Context ...er id, while in other cases a certificate signed by a trusted authority may be required to prove a principal’s identity. A comprehensive logic of authentication has been developed by Lampson et al in =-=[LABW92]-=-. A verified identity is represented by a credential. A certificate signed by a trusted authority stating that the bearer of the certificate has been successfully authenticated is an example of a cred... |

357 | Prudent engineering practice for cryptographic protocois
- Abadi, Needham
- 1996
(Show Context)
Citation Context ...e., none of the information required for the interpretation of the message, for example the sender id, should be implied). Further discussion of principles for cryptographic protocols can be found in =-=[AN96]-=-. 11sKey Distribution A set of keys provides a secure channel for communication. But how does the secure channel get established in the first place? We can either use a separate channel to establish k... |

88 | A languagebased approach to security - Schneider, Morrisett, et al. - 2000 |

47 | On the security of multiple encryption
- Merkle, Hellman
- 1981
(Show Context)
Citation Context ...encrypt with standard DES. Unfortunately, this makes the already slow DES algorithm even slower and there is work showing that the effective key length of triple DES is actually shorter than 112 bits =-=[MH81]-=-. Other symmetric algorithms IDEA. The International Data Encryption Algorithm uses a 128-bit key to encrypt 64-bit blocks (like TEA). It is approximately three times as fast as DES and, like DES, use... |

29 |
a tiny encryption algorithm
- TEA
(Show Context)
Citation Context ... repetition and redundancy in the plaintext. TEA As a concrete example of the actual functioning of a symmetric encryption algorithm, consider the Tiny Encryption Algorithm (TEA) by Wheeler & Needham =-=[WN94]-=-. Its encryption function is the following: void encrypt (unsigned long k[], unsigned long text[]) { unsigned long y = text[0], z = text[1]; unsigned long delta = 0x9e3779b9, sum = 0; int n; for (n = ... |

11 |
A 1Gbit/second GaAs DES chip
- Eberle, Thacker
- 1992
(Show Context)
Citation Context ...duplicates 32 bits of R yielding 48 bits, xors it with the key of that round Ki and substitutes/reduces the number of bits to 32. In hardware, DES has achieved a throughput of up to 1.2 × 10 9 bits/s =-=[ET92]-=-. This cipher is heavily used in practice and, in particular, also in banks and government institutions who keep very sensitive data. This is despite the recent success in breaking DES keys by brute-f... |

1 |
PGP DH vs. RSA FAQ. http://www.scramdisk.clara.net/pgpfaq. html
- Simpson
- 1999
(Show Context)
Citation Context ... the existence of a cheap method for factoring. Furthermore a key of ≈ 500 bits was recently broken by brute force. ElGamal ElGamal is a derivative of Diffie-Hellman, which compares to RSA as follows =-=[Sim99]-=-: • Message expansion: ciphertext is twice as big as plaintext in DH • Computational intensity: DH requires more processing power • Randomness: DH requires a good source of randomness; otherwise, the ... |