摘要
针对Kerberos认证协议由对称算法所带来的局限性,国内外已有很多人用以RSA算法为代表的公钥体制对Kerberos协议进行了改进,但美中不足的是Kerberos本身可以窃听客户和服务器之间的会话而不被举证。选用Diffie-Hellman算法来修正Kerberos协议,不仅继承了先行者们的研究成果,而且彻底解决Kerberos可能窃听通信双方会话的问题。因此更具安全性、实用性。
To overcome the Kerberos' limitations caused by using symmetric algorithm, many people home and abroad have improved Kerberos protocol with public-key algorithm represented by RSA, a blemish in an otherwise perfect thing is that Kerberos itself may bug session between client and server, yet can't be put to the proof. This paper combines Diffie-Hellman algorithm, with the purpose to not only inheriting attained research achievements, but also completely solving the problem of that Kerberos can intercept and see the information from two communicating sides with session key. In comparison with Kerberos RSA, it provides even more secure and practical.
出处
《计算机工程与设计》
CSCD
北大核心
2007年第2期343-345,共3页
Computer Engineering and Design
