Path: utzoo!utgpu!watserv1!watmath!att!linac!uwm.edu!bionet!agate!shelby!ATHENA.MIT.EDU!don
From: don@ATHENA.MIT.EDU
Newsgroups: comp.protocols.kerberos
Subject: Re: timestamp in authentication process
Message-ID: <9103010118.AA20017@tartaros.MIT.EDU>
Date: 1 Mar 91 01:18:03 GMT
References: <9140@star.cs.vu.nl>
Sender: news@shelby.stanford.edu (USENET News System)
Organization: Internet-USENET Gateway at Stanford University
Lines: 15


mr. van doorn, please see the paper, "limitations of kerberos," by bellovin and
merrit, in the oct '90 computer communications review, for a good discussion of
kerberos' need for authenticated time-service.  to make a long story short,
there are many ways to modify kerberos, that would avoid the need to
synchronize, and time-synchronization wasn't a frivolous decision.  the paper,
if i remember correctly, discusses why kerberos moved to timestamps, and away
from n & s' challenge/response (among other things).  if bellovin and merritt
don't describe the original problem to your satisfaction, there's an excellent
paper on protocol-design, which i know does discuss kerberos' evolution from
n & s in some detail: burrows, abadi, and needham, "a logic of authentication,"
proc. r.  soc. lond. A 426(1989) pp. 233-271 .  this paper is also available
from digital systems research center, as a technical report; an abridged version
of the paper appeared in sosp '90.
					-don davis, mit project athena staff