This preview shows page 1. Sign up to view the full content.
Unformatted text preview: wants to communicate with Bob. First she goes to a database and obtains what is called a certification path from Alice to Bob, and Bob’s public key. At this point Alice can initiate either a one-way, two-way, or three-way authentication protocol. The one-way protocol is a single communication from Alice to Bob. It establishes the identities of both Alice and Bob and the integrity of any information communicated by Alice to Bob. It also prevents any replay attacks on the communication. The two-way protocol adds a reply from Bob. It establishes that Bob, and not an imposter, sent the reply. It also establishes the secrecy of both communications and prevents replay attacks. Both the one-way and two-way protocols use timestamps. A three-way protocol adds another message from Alice to Bob and obviates the need for timestamps (and therefore authenticated time). The one-way protocol is: (1) Alice generates a random number, RA. (2) Alice constructs a message, M = (TA, RA, IB, d), where TA is Alice’s timestamp, IB is Bob’s identity, and d is an arbitrary piece of data. The data may be encrypted with Bob’s public key, EB, for security. (3) Alice sends (CA, DA (M)) to Bob. (CA is Alice’s certificate; DA is Alice’s private key.) (4) Bob verifies CA and obtains EA. He makes sure these keys have not expired. (EA is Alice’s public key.) (5) Bob uses EA to decrypt DA(M). This verifies both Alice’s signature and the integrity of the signed information. (6) Bob checks the IB in M for accuracy. (7) Bob checks the TA in M and confirms that the message is current. (8) As an option, Bob can check RA in M against a database of old random numbers to ensure the message is not an old one being replayed. The two-way protocol consists of the one-way protocol and then a similar one-way protocol from Bob to Alice. After executing steps (1) through (8) of the one-way protocol, the two-way protocol continues with: (9) Bob generates another random number, RB. (10) Bob constructs a message M’ = (TB, RB, IA, RA, d), where TB is Bob’s timestamp, IA is...
View Full Document
This note was uploaded on 10/18/2010 for the course MATH CS 301 taught by Professor Aliulger during the Fall '10 term at Koç University.
- Fall '10