INTEGRITY AND PRIVACY IN AUTHENTICATED KEY EXCHANGE PROTOCOL FOR PARALLEL NETWORK FILE SYSTEM

The problem of key establishment for secure many-to-many intercommunications is inspired because of proliferation/spread of large distributed file systems supporting parallel access to several storage devices. The current Internet standard is main focusing area for such file systems, which use Kerberos to establish parallel session keys between clients and storage devices. After reviewing of the existing Kerberos-based protocol shows that it has a number of limitations: (i) a metadata server providing key exchange between the clients and the storage devises (ii) the protocol does not provide forward secrecy for communication (iii) the metadata server generates, all the session keys that are used between the storage devices and clients and this inherently leads to key escrow. Key exchange protocols that are propose to address above mentioned/described issues. We show that this protocol is capable of reducing up to approximately more than 50% of the workload of the metadata server and concurrently supporting escrow-freeness and Forward secrecy. This requires only a small fraction of raised computation overhead at the user.