A Protocol for Secure Communication in Large Distributed Systems

David P. Anderson and Domenico Ferrari and P. Venkat Rangan and B. Sartirana

EECS Department, University of California, Berkeley

Technical Report No. UCB/CSD-87-342

, 1987

http://www2.eecs.berkeley.edu/Pubs/TechRpts/1987/CSD-87-342.pdf

A mechanism for secure communication in large distributed systems is proposed. The mechanism, called Authenticated Datagram Protocol (ADP), provides message authentication and, optionally, privacy of data. ADP is a host-to-host datagram protocol, positioned below the transport layer; it uses public-key encryption to establish secure channels between hosts and to authenticate owners, and single-key encryption for communication over a channel and to ensure privacy of the messages. ADP is shown to satisfy the main security requirements of large distributed systems, to provide end-to-end security in spite of its relatively low level, and to exhibit several advantages over schemes in which security mechanisms are at a higher level. The results of a trace-driven measurement study of ADP performance show that its throughput and latency are acceptable even within the limitations of today's technology, provided single-key encryption-decryption can be done in hardware.

BibTeX citation:

@techreport{Anderson:CSD-87-342,
    Author= {Anderson, David P. and Ferrari, Domenico and Rangan, P. Venkat and Sartirana, B.},
    Title= {A Protocol for Secure Communication in Large Distributed Systems},
    Year= {1987},
    Month= {Feb},
    Url= {http://www2.eecs.berkeley.edu/Pubs/TechRpts/1987/5362.html},
    Number= {UCB/CSD-87-342},
    Abstract= {A mechanism for secure communication in large distributed systems is proposed. The mechanism, called Authenticated Datagram Protocol (ADP), provides message authentication and, optionally, privacy of data. ADP is a host-to-host datagram protocol, positioned below the transport layer; it uses public-key encryption to establish secure channels between hosts and to authenticate owners, and single-key encryption for communication over a channel and to ensure privacy of the messages. ADP is shown to satisfy the main security requirements of large distributed systems, to provide end-to-end security in spite of its relatively low level, and to exhibit several advantages over schemes in which security mechanisms are at a higher level. The results of a trace-driven measurement study of ADP performance show that its throughput and latency are acceptable even within the limitations of today's technology, provided single-key encryption-decryption can be done in hardware.},
}

EndNote citation:

%0 Report
%A Anderson, David P. 
%A Ferrari, Domenico 
%A Rangan, P. Venkat 
%A Sartirana, B. 
%T A Protocol for Secure Communication in Large Distributed Systems
%I EECS Department, University of California, Berkeley
%D 1987
%@ UCB/CSD-87-342
%U http://www2.eecs.berkeley.edu/Pubs/TechRpts/1987/5362.html
%F Anderson:CSD-87-342