David P. Anderson, Domenico Ferrari, P. Venkat Rangan and B. Sartirana
EECS Department
University of California, Berkeley
Technical Report No. UCB/CSD-87-342
February 1987
http://www2.eecs.berkeley.edu/Pubs/TechRpts/1987/CSD-87-342.pdf
A mechanism for secure communication in large distributed systems is proposed. The mechanism, called Authenticated Datagram Protocol (ADP), provides message authentication and, optionally, privacy of data. ADP is a host-to-host datagram protocol, positioned below the transport layer; it uses public-key encryption to establish secure channels between hosts and to authenticate owners, and single-key encryption for communication over a channel and to ensure privacy of the messages. ADP is shown to satisfy the main security requirements of large distributed systems, to provide end-to-end security in spite of its relatively low level, and to exhibit several advantages over schemes in which security mechanisms are at a higher level. The results of a trace-driven measurement study of ADP performance show that its throughput and latency are acceptable even within the limitations of today's technology, provided single-key encryption-decryption can be done in hardware.
BibTeX citation:
@techreport{Anderson:CSD-87-342, Author = {Anderson, David P. and Ferrari, Domenico and Rangan, P. Venkat and Sartirana, B.}, Title = {A Protocol for Secure Communication in Large Distributed Systems}, Institution = {EECS Department, University of California, Berkeley}, Year = {1987}, Month = {Feb}, URL = {http://www2.eecs.berkeley.edu/Pubs/TechRpts/1987/5362.html}, Number = {UCB/CSD-87-342}, Abstract = {A mechanism for secure communication in large distributed systems is proposed. The mechanism, called Authenticated Datagram Protocol (ADP), provides message authentication and, optionally, privacy of data. ADP is a host-to-host datagram protocol, positioned below the transport layer; it uses public-key encryption to establish secure channels between hosts and to authenticate owners, and single-key encryption for communication over a channel and to ensure privacy of the messages. ADP is shown to satisfy the main security requirements of large distributed systems, to provide end-to-end security in spite of its relatively low level, and to exhibit several advantages over schemes in which security mechanisms are at a higher level. The results of a trace-driven measurement study of ADP performance show that its throughput and latency are acceptable even within the limitations of today's technology, provided single-key encryption-decryption can be done in hardware.} }
EndNote citation:
%0 Report %A Anderson, David P. %A Ferrari, Domenico %A Rangan, P. Venkat %A Sartirana, B. %T A Protocol for Secure Communication in Large Distributed Systems %I EECS Department, University of California, Berkeley %D 1987 %@ UCB/CSD-87-342 %U http://www2.eecs.berkeley.edu/Pubs/TechRpts/1987/5362.html %F Anderson:CSD-87-342