Skip to Main Content
The authors present Ladon, an enhanced version of Kerberos which extends the original protocol with authorisation capacity and relaxes the necessity of clock synchronisation by adding to the protocol special limited-lifetime nonces. This way, although all entities need timers, only the clocks of the two servers that constitute the key distribution centre must be synchronised with each other. The design of this protocol is motivated by the emergence of a new trend of applications in which sensors and low-capacity devices become tiny information or application servers directly addressable by any Internet-connected entity. Despite the huge potential of these environments, security is probably the greatest barrier to their long-term success. To address this issue, Ladon allows for end-to-end pair-wise key establishment in an authenticated and authorised manner, while keeping the introduced storage, computational and communication overhead very low. The security analysis with the AVISPA formal validation tool shows that the protocol meets the stated security goals, whereas the performance analysis shows that the overhead of the protocol is bounded and comparable to that of other security protocols which provide even less functionalities.