A necessary component of network security is the ability to reliably authenticate communication partners and other network entities.

For this reason we will start this chapter by discussing authentication protocols [1–19]. The focus will be on a systematic approach to the design of the protocols rather than describing a specific protocol used in practice. The following session will discuss the security architectures. Principles of key distribution will be covered in the third section, followed up by some specific solutions in ad hoc networks and sensor networks.

6.1 Authentication

Many designs dealing with authentication in networks or distributed systems combine the issues of authentication with those of key distribution. These designs typically assume that all network parties share a key with a common trusted entity, a key distribution center (KDC), from which they can get pairwise shared keys to carry out mutual authentication protocols. These protocols are called three party authentication protocols and have been studied extensively [5, 6, 10–12, 15, 16]. Most of the corresponding implementations [10] require the exchange of long messages, which is possible for application layer protocols, but makes them unsuitable for use in lower layer networking protocols where limited packet sizes are an important consideration. Some require synchronized clocks or counters [10] that pose system management and initialization issues, as will be discussed soon.

Two-party authentication ...