A Methodology for Analyzing the Performance of Authentication Protocols

ACM Transactions on Information and System Security

Volumn 5, Issue 4, 2002, Pages 458-491

  Harbitter, Alan ^a   Menascé, Daniel A ^b  

^a PEC Solutions Inc   (United States)

^b GEORGE MASON UNIVERSITY   (United States)

Author keywords

Authentication; Design; Kerberos; Measurement; mobile computing; Performance; performance modeling; proxy servers; public key cryptography; Security

Indexed keywords

EID: 12844277408     PISSN: 10949224     EISSN: 15577406     Source Type: Journal    
DOI: 10.1145/581271.581275     Document Type: Article

References (34)

1. Alanko, T., Kojo, M., Laamanen, H., Liljeberg, M., Moilanen, M., Raatikainen, K., 1994. Measured performance of data transmission over cellular telephone networks. Department of Computer Science, Report C-1994,-53. University of Helsinki, Helsinki, Finland. November.
2. Apostolopoulos, G., Peris, V., Saha, D., 1999. Transport layer security: How much does it really cost? In Proceedings of IEEE INFOCOM'99 (New York, New York, March). IEEE Computer Society Press, Los Alamitos, Calif., pp. 717-725.
3. Ashely, P., Broom, B., 1997. A survey of secure multi-domain distributed architectures. Faculty of Information Technology, Queensland University of Technology, Queensland, Australia.
4. Bassham, L. E., 1999. Efficiency testing of ANSI C implementations of round 1 candidate algorithms for the advanced encryption standard. Computer Security Division, Information Technology Laboratory, National Institute of Standards and Technology.
5. Blaze, M., 1996.High-Bandwidth Encryption with Low-Bandwidth Smartcards. D. Gollman, ed. Lecture Notes in Computer Science, vol. 1039. Springer-Verlag, Cambridge, UK, 33-40.
6. Bruell, S. C., Balbo, G., 1980.Computational Algorithms for Closed Queueing Networks. Elsevier North Holland, Inc., New York, NY.
7. Burrows, M., Abadi, M., Needham, R., 1990. A logic of authentication.ACM Trans. Comput. Syst. 8, 1, 18-36.
8. Cristian, F., 1995. Exception handling and tolerance of software faults. In Software Fault Tolerance, M. R. LYU, ed. Wiley, Chichester, UK, 81-107.
9. El-Hadidi, M. T., Hegazi, N. H., Aslan, H. K., 1999. Performance evaluation of a new hybrid encryption protocol for authentication and key distribution. In Proceedings of the 4th IEEE International Symposium on Computers and Communications (Red Sea, Egypt, July). IEEE Computer Society Press, Los Alamitos, Calif.
10. Fox, A., Gribble, S. D., 1996. Security on the move: Indirect authentication using Kerberos. In Proceedings of the 2nd Annual International Conference on Mobile Computing and Networking (Rye, New York, Nov.). ACM, New York, 155-163.
11. Gross, D., Harris, C. M., 1998.Fundamentals of Queueing Theory. Third ed. Wiley, New York.
12. Harbitter, A., Menasce, D. A., 2001a. Performance of public key-enabled Kerberos authentication in large networks. In Proceedings of 2001 IEEE Symposium on Security and Privacy (Oakland, Calif., May). IEEE Computer Society, Los Alamitos, Calif., 170-183.
13. Harbitter, A., Menasce, D. A., 2001b. The performance of public key-enabled Kerberos authentication in mobile computing applications. In Proceedings of the 8th ACM Conference on Computer and Communications Security (CCS-8) (Philadelphia, Penn., Nov.). ACM New York, 78-85.
14. Khare,R. 1999. W. effect considered harmful, 4K Associates. IEEE Internet Comput (July-Aug.), 89-92.
15. Lambert, P., 1998. Elliptic curve cryptography delivers high performance and security for e-commerce.Comput. Sec. J. XIV, 4, 23-29.
16. Liljebeg, M., Helin, H., Kojo, M., Raatikainen, K., 1996. Mowgli WWW software: Improved usability of WWW in mobile WAN environments. In Proceedings of IEEE GLOBECOM '96 (Westminster, London, England, Nov.), IEEE Computer Society Press, Los Alamitos, Calif., 33-37.
17. Martinka, J. J., Friedrich, R. J., Friedenbach, P. M., Sienknecht, T. F., 1993. A performance study of DCE 1.0.1 cell directory service: Implications for application and tool programmers.Networked Systems Architecture, Hewlett-Packard. International Workshop OSF DCE, Karlsruhe, Germany, Oct.
18. Medvinsky, A., Hur, M., Neuman, C., 1997. Public key utilizing tickets for application servers (PKTAPP). www.ietf.org,http://www.ietf.org/internet-drafts/draft-ietf-cat-kerberos-pk-tapp-03.txt.
19. Menasce, D. A., Almeida, V. A. F., 2000.Scaling for E-Business: Technologies, Models, Performance, and Capacity Planning. Prentice-Hall, Upper Saddle River, N.J.
20. Menasce, D. A., Almeida, V. A. F., 2002.Capacity Planning for Web Services: Metrics, Models, and Methods. Prentice-Hall, Upper Saddle River, N.J.
21. METRICOM 2001.Ricochet Security Whitepaper, Apr. Metricom, Inc.
22. Needham, R. M., Schroeder, M. D., 1978. Using encryption for authentication in large networks of computers.Commun. ACM 21, 993-999.
23. Neuman, B., Ts'O, T., 1994. Kerberos: An authentication service for computer networks.IEEE Commun. Magazine 32, 9, 33-38.
24. Orozco-Barbosa, L., Serrano, L., Quiroz, E., 1998. Performance evaluation of the IS-41 security mechanisms in a PCS supporting intelligent network services. In Proceedings of IEEE IN'98 Workshop (Bordeaux, France, May). IEEE Computer Society Press, Los Alamitos, Calif., 142-154.
25. Schweitzer, P. J., 1991. A survey of mean value analysis, its generalizations, and applications, for networks of queues. William I. Simon Graduate School of Business Administration, University of Rochester, Rochester, N.Y.
26. Sibbu, M. A., Chuang, J.C.-I., 1997. Distributed authentication in Kerberos using public key cryptography. In Proceedings of Symposium on Network and Distributed System Security (San Diego, Calif., Feb.), IEEE Computer Society Press, Los Alamitos, Calif.
27. Stallings, W., 1994. Kerberos keeps the enterprise secure. In Data Communications, 103-111.
28. Stevens, W. R., 1999.TCP/IP Illustrated, vol. 1. Addison-Wesley, Reading, Mass.
29. Swift, M., Trostle, J., Aboba, B., Zorn, G., 2001. Initial and padd through authentication using Kerberos V5 and the GSS-API (IAKERB), IETF.
30. Tung, B., Ryutov, T., Neuman, C., Tsudik, G., Sommerfield, W., Medvinsky, A., Hub, M., 1998. Public key cryptography for cross-realm authentication in Kerberos.
31. Tung, B., Neuman, C., Hub, M., Medvinsky, A., Medvinsky, S., Wray, J., Trostle, J., 2001. Public key cryptography for initial authentication in Kerberos.
32. Xylomenos, G., Polyzos, G. C., 1999. Internet protocol performance over networks with wireless links.IEEENetw. 13, 4, 55-63.
33. Zenel, B., 1999. A general purpose proxy filtering mechanism applied to the mobile environment. Wireless Netw. 5, 391-409.
34. Zorkadis, V., 1994. Security versus performance requirements in data communications systems. D. Gollman, ed. In Proceedings of Computer Security-ESORICS 94 (Brighton, U.K., Nov.) 19-30.