This preview shows page 1. Sign up to view the full content.
Unformatted text preview: ssion key. Previous Table of Contents Next Products  Contact Us  About Us  Privacy  Ad Info  Home Use of this site is subject to certain Terms & Conditions, Copyright © 19962000 EarthWeb Inc. All rights reserved. Reproduction whole or in part in any form or medium without express written permission of EarthWeb is prohibited. Read EarthWeb's privacy statement. To access the contents, click the chapter and section titles. Applied Cryptography, Second Edition: Protocols, Algorthms, and Source Code in C (cloth)
Go!
Keyword
Brief Full Advanced Search Search Tips (Publisher: John Wiley & Sons, Inc.) Author(s): Bruce Schneier ISBN: 0471128457 Publication Date: 01/01/96 Search this book:
Go! Previous Table of Contents Next
 Here’s how it works. As usual, Alice and Bob want to authenticate each other and generate a common key. They agree on some digital signature scheme where any number can serve as the private key, and where the public key is derived from the private key, rather than being generated along with it. The ElGamal and DSA algorithms work well for this. Alice’s password P (or perhaps some simple hash of it) will serve as the private key and as P´. (1) Alice picks her random exponent Ra and transmits EP´(gRA mod n) (2) Bob, who knows only P´ and cannot derive P from it, chooses Rb and sends EP´(gRA mod n) (3) Both Alice and Bob calculate the shared session key K = grA*rB mod n. Finally, Alice proves that she knows P itself, and not just P´, by sending EK(SP(K)) Bob, who knows both K and P´, can decrypt and validate the signature. Only Alice could have sent this message, since only she knows P; an intruder who obtains a copy of Bob’s password file can try guessing at P, but cannot otherwise sign the session key. The AEKE scheme does not work with the publickey variant of EKE, since in it one party chooses the session key and imposes it on the other. This permits a maninthemiddle attack by an attacker who has captured P´. A...
View
Full
Document
 Fall '10
 ALIULGER
 Cryptography

Click to edit the document details