This preview shows page 1. Sign up to view the full content.
Unformatted text preview: ent terminal that Alice trusts, but neither the host nor the communications path needs to be secure. Previous Table of Contents Next Products | Contact Us | About Us | Privacy | Ad Info | Home Use of this site is subject to certain Terms & Conditions, Copyright © 1996-2000 EarthWeb Inc. All rights reserved. Reproduction whole or in part in any form or medium without express written permission of EarthWeb is prohibited. Read EarthWeb's privacy statement. To access the contents, click the chapter and section titles. Applied Cryptography, Second Edition: Protocols, Algorthms, and Source Code in C (cloth)
Brief Full Advanced Search Search Tips (Publisher: John Wiley & Sons, Inc.) Author(s): Bruce Schneier ISBN: 0471128457 Publication Date: 01/01/96 Search this book:
Go! Previous Table of Contents Next
----------- It is foolish to encrypt arbitrary strings—not only those sent by untrusted third parties, but under any circumstances at all. Attacks similar to the one discussed in Section 19.3 can be mounted. Secure proof-of-identity protocols take the following, more complicated, form: (1) Alice performs a computation based on some random numbers and her private key and sends the result to the host. (2) The host sends Alice a different random number. (3) Alice makes some computation based on the random numbers (both the ones she generated and the one she received from the host) and her private key, and sends the result to the host. (4) The host does some computation on the various numbers received from Alice and her public key to verify that she knows her private key. (5) If she does, her identity is verified. If Alice does not trust the host any more than the host trusts Alice, then Alice will require the host to prove its identity in the same manner. Step (1) might seem unnecessary and confusing, but it is required to prevent attacks against the protocol. Sections 21.1 and 21.2 mathematically describe several algorithms and protocols for proving identity. See also . Mutual Authentication Using the Interlock Protocol
Alice and Bob are two users who want to authentica...
View Full Document
This note was uploaded on 10/18/2010 for the course MATH CS 301 taught by Professor Aliulger during the Fall '10 term at Koç University.
- Fall '10