CHAPTER 9

Authentication and Encryption

The advent of packet-routed networks and the necessity of sharing transport channels has increased the need for authentication and encryption. The more robust we make the authentication and encryption process, the more value we confer. However, the cost of robust authentication and encryption is an increase in overhead, in terms of processor bandwidth, processing delay, and memory/code footprint. Authentication can be compromised by delay and delay variability, particularly when time-sensitive challenge/response algorithms are used. Network quality and authentication and encryption integrity are therefore intimately related.

This chapter addresses these issues in depth. It also presents several sections of working examples—known dilemmas and possible solutions.

The Interrelated Nature of Authentication and Encryption

Authentication is needed to identify people and devices. It provides people or devices with the authority to access delivery or memory bandwidth—including the right to deposit information in and retrieve information from secure storage. It provides people or devices with the authority to change network parameters—for instance, software upgrades or hardware reconfiguration. It also provides people or devices with the authority to change handset parameters—software upgrades or hardware reconfigurations.

Authentication may be used for:

• Identification and the enforcement of access rights and security policies
• Content distribution ...