OSF DCE Application Development Guide--Core Components

DCE Security Service

9. The Security runtime encrypts the random number using the fourth conversation

key, which the Authentication Service gave it for the purpose of talking to the

application server. The RPC runtime sends the encrypted random number and

the server ticket to the application server.

10. The Security runtime decrypts the ticket using its secret key, in the process

learning the conversation key and the client’s authorization. It uses the

conversation key to decrypt the number sent by the client. Since the number is

the same random number that the server sent previously, the runtime concludes

that the client knows the conversation key, and therefore that the client’s identity

is authentic.

23−20 Tandem Computers Incorporated 124245