Security protocols
Jump to navigation
Jump to search
References
- Handbook of applied cryptography
- ! this book is not always up-to-date ! Some protocols might be broken today (eg. Needham-Schroeder public-key protocol)
Authentication Protocol
using symmetric crypto
using public-key crypto - encrytion
Needham-Schroeder-Lowe protocol (NSL)
References: [1]
- Vulnerable to MiTM attack — use the NSL variant!
The protocol:
A --> B: P_B(k_1,A) A <== B: P_A(k_1,k_2) A --> B: P_B(k_2)
The MiTM attack (via relay):
- If E can persuade A to start a session with him, he can relay to B and convince B that he is communicating with A.
A --> E : P_E(k_1,A) E --> B: P_B(k_1,A) A <== E <== B: P_A(k_1,k_2) # E simply relays B's nonce back to A A --> E : P_E(k_2) # E learns k_2 from A's message E --> B: P_B(k_2) # ... and forwards it to B with B public key
Needham-Schroeder-Lowe protocol (NSL)
References: [2], hac, chap 12, §12.38
- Don't confuse with the symmetric variant (used in Kerberos).
- Original version (NS protocol) broken — use this variant instead.
The protocol:
A --> B: P_B(k_1,A) A <== B: P_A(k_1,k_2,B) A --> B: P_B(k_2)