Author(s): Detlef Hühnlein

Download: Paper (PDF)

Date: 11 Mar 1998

Document Type: Presentations

Additional Documents: Slides

Associated Event: NDSS Symposium 1998


The GSS-API [20, 21] offers security services indepen- dent of underlying mechanisms. A possible GSS-mechanism is the Simple Public Key Mechanism (SPKM) specified in [1]. In this paper we will focus on the credential manage- ment for SPKM. If more than one connection is needed, the standard credential management requires either to cache the secret keys in insecure storage or to make the user en- tering a password to access the long term secret keys for every new GSS-connection. For environments in which nei- ther one is acceptable we propose a Secure Single Login (SSLogin) variant which works with temporary asymmetric keys and combines security and user comfort.