The performance analysis of public key cryptography-based authentication

Abstract

Several Kerberos-based authentication techniques using public-key cryptography have been proposed. Publickey cryptography can be used to eliminate a single point failure problem in the Key Distribution Center (KDC) and achieve better scalability. Public Key Cryptography for Cross-Realm Authentication in Kerberos (PKCROSS) and Public Key Utilizing Tickets for Application Servers (PKTAPP, a.k.a. KX.509/KCA) are considered two notable techniques. The latter was suggested to improve the former, but their actual computational and communication times have been poorly understood. This paper first presents a thorough performance evaluation of the two protocols based on analytical analysis and queueing network models. As shown, PKTAPP does not scale better than PKCROSS. Then, this paper gives a new public key cryptographybased group authentication technique. We show that the new technique can achieve better scalability than PKCORSS and PKTAPP and our performance methodology is effective. Received on 12 January 2018; accepted on 16 January 2018; published on 15 May 2018