Secure RPC (AUTH_DES)
In the late 1980s, Sun Microsystems developed a system for improving Unix network security. Called Secure RPC, Sun’s system was first released with the SunOS 4.0 operating system. Although early versions of Secure RPC were difficult to use, later releases of the Solaris operating system have integrated Secure RPC into Sun’s NIS+ network information system (described in Chapter 14), which makes administration very simple.
Secure RPC is based on a combination of public key cryptography and secret key cryptography (see Chapter 7). Sun’s implementation uses the Diffie-Hellman mechanism for key exchange between users and DES secret key cryptography for encrypting information that is sent over the network. DES is also used to encrypt the user’s secret key that is stored in a central network server. This encryption eliminates the need for users to memorize or carry around the hundred-digit numbers that make up their secret keys.
Secure RPC solves many of the problems of AUTH_UNIX-style authentication. Because both users and computers must be authenticated, it eliminates many of the spoofing problems to which other systems lend themselves. Indeed, when used with higher-level protocols, such as NFS, Secure RPC can bring unprecedented security to the networked environment. Nevertheless, Secure RPC has not enjoyed the widespread adoption that Sun’s original RPC did. There are probably several reasons for this:
Free implementations of Secure RPC were not quickly forthcoming. ...
Get Practical UNIX and Internet Security, 3rd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.