Pv. Rangan, TRUST REQUIREMENTS AND PERFORMANCE OF A FAST SUBTRANSPORT-LEVEL PROTOCOL FOR SECURE COMMUNICATION, IEEE transactions on software engineering, 19(2), 1993, pp. 181-186
Computing systems are evolving into very large global networks that in
terconnect competing individuals, organizations, and even countries. W
e present a secure network protocol called Authenticated Datagram Prot
ocol (ADP) that optimizes performance by establishing host-to-host sec
ure channels and building agent-to-agent channels on top of host-to-ho
st channels. However, the performance advantages of ADP come with an a
ccompanying set of trust requirements that are noticeably stringent fo
r a network spanning mutually distrustful organizations. We identify t
he cause for this stringency to be propagation of trust relationships
in ADP and present methods to break their propagation, thereby accompl
ishing a significant reduction in ADP's trust requirements. ADP, being
a protocol for establishing host-to-host channels, can be handled at
the subtransport level of the protocol hierarchy. A prototype of ADP h
as been implemented on Sun workstations connected by an Ethernet. Expe
rimental measurements confirm that both the average latency of message
s and the maximum throughput are substantially better than other secur
e protocols.