Abstract
The current work proposes a new scheme for the replication of authentication services in Kuperee based on a public key cryptosystem, in response to the two main shortcomings of the traditional single server solutions, namely those of low availability and high security risks. The work represents further developments in the Kuperee authentication system. The Kuperee server is presented in its simplified design to aid the presentation of the replication scheme. The replication approach is based on the sharing of session public keys, together with a threshold or secret sharing scheme. However, unlike previous approaches, in the current work the object to be shared-out is instead a session secret key which is not directly available to the (untrusted) Client. The scheme gains advantages deriving from the use of public key cryptology, as well as from the manner in which the secret is shared-out. A comparison with the notable work of Gong (1993) is also presented.
Publication Details
Hardjono T and Seberry J, Replicating the Kuperee authentication server for increased security and reliability, ACISP'96, LNCS 1172, Springer-Verlag, Berlin, 1996 14-26.