| Along with the rapid development of Internet,the position of network security is increasingly outstanding. Safety precautions of network should be contrapose all kinds of menace, then can insure the confidentiality, integrality, usability of the network information. As a kind of safety service -- the Identification of entity is more particular importance.In an exoteric distributed network environment, the customer on the work station hope visits to the network resources of distribute in the servers on. But the resources on the network only to the accessing of the particular power of the authorized client, therefore, in distributed network, must provide a kind of mechanism to authenticate Identification of client.Kerberos is three-side indentical protocol for TCP/ IP network designs according to the mode of Client/Server, It is widely used in the accessing the Internet and acts as the reliable arbitrator. Kerberos, which is based on symmetric key crytosystem, provides safe authentication to client. This thesis combines the Diffie-Hellman public key algorithm and analyzes the Man-in-the-middle-attack of Diffie-Hellman, with the purpose to improve the Kerberos protocol, solving the problem of that Kerberos uses the key of conversation to analyze and see the information from two communicating sides, which cannot be confirmed by examples.
|
PDF Full Text Request