Send in your ideas. Deadline October 1, 2024
Theme fund: NGI0 PET
Start: 2019-04
End: 2022-10
More projects like this
Software engineering

TLS-KDH mbed

Implement TLS-KDH into mbed

TLS-KDH ( is a mechanism that adds Kerberos authentication to the Transport Layer Security (TLS) network protocol. TLS-KDH is developed under the flag of ARPA2 ( and is formalized in the form of a draft Internet specification. Furthermore, a successful prototype implementation has been built and integrated into GnuTLS. Making this prototype code production ready is well underway and in its final stage.

In order for TLS-KDH to become an Internet Standard the IETF requires at least two working implementations. To provide the IETF with two TLS-KDH implementations and to address the embedded world with a TLS-KDH capable TLS library we chose MbedTLS as our second library. The TLS-KDH mbed project's goal is to implement the TLS-KDH functionality in the MbedTLS library.

But why do we want to implement Kerberos authentication in the first place? Well first of all, the Kerberos protocol is quantum computer proof. That means that we can use this mechanism in the (future) presence of quantum computers. Since TLS is one of the most widely used security protocols on the present Internet having such mechanism would be a welcome addition. Secondly, Kerberos employs a centralized architecture as opposed to X.509 which is distributed. Adding TLS-KDH gives the user a choice which architecture (and implied pros and cons) to use. For a more extensive overview of advantages of TLS-KDH we refer to the project's homepage (

Why does this actually matter to end users?

Imagine you would work in an organisation with thousands of employees, like a government. It would be important to properly manage who gets to access which computer systems. A large part of this would need to happen automatically: if you want to print out a document on an printer in the hallway, or visit the intranet to view the menu, you do not want users to have to log in every time. Luckily, people have worked out powerful mechanisms that allow you to log in when you get in the office in the morning, and which will negotiate everything else automatically without bothering the user.

Now think about the internet. That is much much larger and way complex than a single organisation. And yet it does not have any mechanism to manage who gets to access which computer systems. So we do have to log in every time. And users are very bothered by this. The ARPA2 project has successfully produced a working solution (called TLS-KDH, hence the name of the project). This is a very creative and for some unexpected combination of a number of robust proven technologies that can together deliver a highly secure and extremely fast mechanism to authenticate users. It also offers anonymous encryption of a connection before revealing identities of clients and servers.

The ARPA2 community is now aiming for IETF standardisation of this technology. In order to make this possible, it needs an independent second implementation of the new protocol. The project will deliver this implementation, in a popular open source library aimed at embedded systems. Combined with work on peer-to-peer mechanisms, this will potentially allow devices to securely discover and connect to each other.

Logo NLnet: abstract logo of four people seen from above Logo NGI Zero: letterlogo shaped like a tag

This project was funded through the NGI0 PET Fund, a fund established by NLnet with financial support from the European Commission's Next Generation Internet programme, under the aegis of DG Communications Networks, Content and Technology under grant agreement No 825310.