A Protocol for Secure Communication in Large Distributed Systems

David P. Anderson, Domenico Ferrari, P. Venkat Rangan and B. Sartirana

EECS Department
University of California, Berkeley
Technical Report No. UCB/CSD-87-342
February 1987

http://www2.eecs.berkeley.edu/Pubs/TechRpts/1987/CSD-87-342.pdf

A mechanism for secure communication in large distributed systems is proposed. The mechanism, called Authenticated Datagram Protocol (ADP), provides message authentication and, optionally, privacy of data. ADP is a host-to-host datagram protocol, positioned below the transport layer; it uses public-key encryption to establish secure channels between hosts and to authenticate owners, and single-key encryption for communication over a channel and to ensure privacy of the messages. ADP is shown to satisfy the main security requirements of large distributed systems, to provide end-to-end security in spite of its relatively low level, and to exhibit several advantages over schemes in which security mechanisms are at a higher level. The results of a trace-driven measurement study of ADP performance show that its throughput and latency are acceptable even within the limitations of today's technology, provided single-key encryption-decryption can be done in hardware.

BibTeX citation:

@techreport{Anderson:CSD-87-342,
    Author = {Anderson, David P. and Ferrari, Domenico and Rangan, P. Venkat and Sartirana, B.},
    Title = {A Protocol for Secure Communication in Large Distributed Systems},
    Institution = {EECS Department, University of California, Berkeley},
    Year = {1987},
    Month = {Feb},
    URL = {http://www2.eecs.berkeley.edu/Pubs/TechRpts/1987/5362.html},
    Number = {UCB/CSD-87-342},
    Abstract = {A mechanism for secure communication in large distributed systems is proposed. The mechanism, called Authenticated Datagram Protocol (ADP), provides message authentication and, optionally, privacy of data. ADP is a host-to-host datagram protocol, positioned below the transport layer; it uses public-key encryption to establish secure channels between hosts and to authenticate owners, and single-key encryption for communication over a channel and to ensure privacy of the messages. ADP is shown to satisfy the main security requirements of large distributed systems, to provide end-to-end security in spite of its relatively low level, and to exhibit several advantages over schemes in which security mechanisms are at a higher level. The results of a trace-driven measurement study of ADP performance show that its throughput and latency are acceptable even within the limitations of today's technology, provided single-key encryption-decryption can be done in hardware.}
}

EndNote citation:

%0 Report
%A Anderson, David P.
%A Ferrari, Domenico
%A Rangan, P. Venkat
%A Sartirana, B.
%T A Protocol for Secure Communication in Large Distributed Systems
%I EECS Department, University of California, Berkeley
%D 1987
%@ UCB/CSD-87-342
%U http://www2.eecs.berkeley.edu/Pubs/TechRpts/1987/5362.html
%F Anderson:CSD-87-342

EECS at UC Berkeley

Search form

A Protocol for Secure Communication in Large Distributed Systems

David P. Anderson, Domenico Ferrari, P. Venkat Rangan and B. Sartirana

EECS Department
University of California, Berkeley
Technical Report No. UCB/CSD-87-342
February 1987

http://www2.eecs.berkeley.edu/Pubs/TechRpts/1987/CSD-87-342.pdf

A Protocol for Secure Communication in Large Distributed Systems

David P. Anderson, Domenico Ferrari, P. Venkat Rangan and B. Sartirana

EECS Department University of California, Berkeley Technical Report No. UCB/CSD-87-342 February 1987

http://www2.eecs.berkeley.edu/Pubs/TechRpts/1987/CSD-87-342.pdf

EECS Department
University of California, Berkeley
Technical Report No. UCB/CSD-87-342
February 1987