In this talk we first motivate and introduce the concept of a reusable security infrastructure. Such an infrastructure will be built using a small set of proven security technology primitives and will have a single set of administrative processes, policies, databases and user keys. This single infrastructure, once implemented, will provide multiple security functions such as authentication, digital signatures, key exchange and key escrow by protocol variations. We believe that such reusable security infrastructures are the only cost effective way of implementing security on large public networks like the Internet, or within large organizations.
Next we describe the Yaksha security system which is an example of such an infrastructure. Built using an RSA variant as a building block, the system can be used for digital signatures, key exchange and key escrow. It can also be used for authentication, and several authentication protocols are feasible within the infrastructure. We choose to describe an authentication protocol which is an extension of Kerberos. Significantly, it appears that breaking the Yaksha system is equivalent to breaking RSA.
The Yaksha system achieves more than just reuse, it provides significant improvements over the state of the art. Its method of achieving digital signatures allows for short user private keys, and provides real time revocation of compromised keys. The extension of Kerberos implemented using the infrastructure removes the vulnerability to catastrophic failure and dictionary attacks inherent in the original Kerberos specification. The method of key escrow Yaksha provides does not require an authority to ever learn a user’s long term private secrets and can be used for applications ranging from telephony to e-mail to file storage. Passwords are an important part of any security infrastructure, and we overview and point to some of our results on how to build strong password systems. Finally, we note that the fundamental primitives in the Yaksha infrastructure are powerful, and consequently a Yaksha infrastructure can be extended and reused in a myriad of ways.