Volume 19, Issue 1 (2008), pp. 3–16
The invention of public-key cryptography makes many new network applications, such as electronic commerce (CE), possible. However, the widely used Internet is open and unprotected. Therefore, verifying the legitimacy of an individual's public key is very important. Most of the key authentication schemes require one or more trustworthy authorities to authenticate the key of a user. Consequently, the system security is mainly dependent on the honesty of these third parties. Unfortunately, a security solution in wide area networks (for example, the Internet) often cannot be applied to local area networks directly without any modification. Sometimes, a complete rebuild is necessary, especially for performance criteria consideration. In this paper, we propose two simple key authentication schemes that require no certification authorities for computer systems in local area networks, in which a host is responsible for user authentication and it uses a designated password authentication mechanism.