17 Dec
2003
17 Dec
'03
11:17 p.m.
For this to work, the public key has to be kept secret(!). ... As Greg points out, much the same could be accomplished simply by having the servers share secret 3DES keys with their users, each user having his own private 3DES key. The users could encrypt messages using their 3DES key and the server would decrypt using the appropriate key, which would also serve to authenticate the user.
The difference between this scheme and a shared-secret scheme (if I understand this scheme correctly) is that Arcot's infrastructure gives you non-repudiation -- the central server can't forge authenticated messages from you -- and so it's suitable for transactions of value in a way that a shared-secret scheme isn't. Cheers, William