This preview shows page 1. Sign up to view the full content.
Unformatted text preview: em, but this has never been proved. Like DiffieHellman, this protocol allows Alice to initiate secure communication with Bob without knowing any of his keys. For Alice to use a publickey algorithm, she has to know his public key. With Shamir’s threepass protocol, she just sends him a ciphertext message. The same thing with a publickey algorithm looks like: (1) Alice asks Bob (or a KDC) for his public key. (2) Bob (or the KDC) sends Alice his public key. (3) Alice encrypts M with Bob’s public key and sends it to Bob. Shamir’s threepass protocol will fall to a maninthemiddle attack. 22.4 COMSET
COMSET (COMmunications SETup) is a mutual identification and key exchange protocol developed for the RIPE project [1305] (see Section 25.7). Using publickey cryptography, it allows Alice and Bob to identify themselves to each other and also to exchange a secret key. The mathematical principle behind COMSET is Rabin’s scheme [1283] (see Section 19.5). The scheme itself was originally proposed in [224]. See [1305] for details. 22.5 Encrypted Key Exchange
The Encrypted Key Exchange (EKE) protocol was designed by Steve Bellovin and Michael Merritt [109]. It provides security and authentication on computer networks, using both symmetric and publickey cryptography in a novel way: A shared secret key is used to encrypt a randomly generated public key. The Basic EKE Protocol
Alice and Bob (two users, a user and the host, or whoever) share a common password, P. Using this protocol, they can authenticate each other and generate a common session key, K. (1) Alice generates a random publickey/privatekey key pair. She encrypts the public key, K´, using a symmetric algorithm and P as the key: Ep(K´). She sends Bob A, EP(K´) (2) Bob knows P. He decrypts the message to obtain K´. Then, he generates a random session key, K, and encrypts it with the public key he received from Alice and P as the key. He sends Alice EP(EK´(K)) (3) Alice decrypts the message to obtain K. She generates a random strin...
View Full
Document
 Fall '10
 ALIULGER
 Cryptography

Click to edit the document details