Safely work from home with open source 2020/03/30

NGI0 grant for Software Heritage 2020/03/26

Hackers donate 90% of profit to charity 2019/06/13

NGI Zero awarded two EC research and innovation actions 2018/12/01

EC publishes study on Next Generation Internet 2025 2018/10/05




This project aims to implement the proposed TLS-KDH protocol into a production ready implementation. TLS-KDH is a design from Rick van Rein (ARPA2) that combines the benefits of Kerberos and Diffie-Hellman key exchange into a single unified solution that can be used to add additional security and flexibility to internet resources. Kerberos lends itself well to infrastructure-supported mutual authentication, and can even be used to crossover between realms. A downside of this infrastructure is that a crack of one key can lead to a cascade of reverse-engineered keys. Diffie-Hellman key exchange, nowadays primarily in its Elliptic-Curve variation, can be used to incorporate the desirable property of Forward Secrecy, but its vulnerability to man-in-the-middle attacks must then be overcome by cryptographically binding it to an authentication mechanism. The project will create a production quality implementation based on the open source GnuTLS codebase.

The ARPA2 project logo

ARPA2 is a coherent, longer term open source project thoughtfully engineering towards an overall architecture scalable to run the future internet that is secure by design. It brings together proven technologies, new insights and talented people to solve the hard challenges.

The TLS-KDH specification describes how Kerberos data structures can be used for TLS client authentication, by introducing a new certificate type for use with TLS. The server can choose to provide a Certificate with a traditional signing mechanism such as RSA for authentication, in which case this specification speaks of a KDH-enhanced exchange; even when presenting no server certificate at all, a client-side Kerberos ticket can be used for mutual authentication in what will then be called a KDH-only exchange. The KDH-enhanced variety uses existing CipherSuite, and KDH-only defines new CipherSuites. Both KDH-enhanced and KDH-only message flows are referred to as TLS- KDH.

Earlier work on TLS-KDH was funded with a joint subsidy from NLnet and the programme "[veilig] door innovatie" from the Netherlands government.

For a complete overview of other projects within ARPA2 visit the ARPA2 website.

TLS-KDH is supported by NLnet and the Internet Hardening Fund.


Send in your ideas.
Deadline June 1st, 2020.