| | |
Summary: Proof-Carrying Authentication
Andrew W. Appel and Edward W. Felten
Secure Internet Programming Laboratory
Department of Computer Science
Princeton University
Princeton, NJ 08544 USA
August 9, 1999
Abstract
We have designed and implemented a general
and powerful distributed authentication frame-
work based on higher-order logic. Authenti-
cation frameworks -- including Taos, SPKI,
SDSI, and X.509 -- have been explained using
logic. We show that by starting with the logic,
we can implement these frameworks, all in the
same concise and efficient system. Because our
logic has no decision procedure -- although
proof checking is simple -- users of the frame-
work must submit proofs with their requests.
1 Introduction
|
