This preview shows page 1. Sign up to view the full content.
Unformatted text preview: em, but this has never been proved. Like Diffie-Hellman, this protocol allows Alice to initiate secure communication with Bob without knowing any of his keys. For Alice to use a public-key algorithm, she has to know his public key. With Shamir’s three-pass protocol, she just sends him a ciphertext message. The same thing with a public-key algorithm looks like: (1) Alice asks Bob (or a KDC) for his public key. (2) Bob (or the KDC) sends Alice his public key. (3) Alice encrypts M with Bob’s public key and sends it to Bob. Shamir’s three-pass protocol will fall to a man-in-the-middle attack. 22.4 COMSET
COMSET (COMmunications SETup) is a mutual identification and key exchange protocol developed for the RIPE project  (see Section 25.7). Using public-key cryptography, it allows Alice and Bob to identify themselves to each other and also to exchange a secret key. The mathematical principle behind COMSET is Rabin’s scheme  (see Section 19.5). The scheme itself was originally proposed in . See  for details. 22.5 Encrypted Key Exchange
The Encrypted Key Exchange (EKE) protocol was designed by Steve Bellovin and Michael Merritt . It provides security and authentication on computer networks, using both symmetric and public-key cryptography in a novel way: A shared secret key is used to encrypt a randomly generated public key. The Basic EKE Protocol
Alice and Bob (two users, a user and the host, or whoever) share a common password, P. Using this protocol, they can authenticate each other and generate a common session key, K. (1) Alice generates a random public-key/private-key key pair. She encrypts the public key, K´, using a symmetric algorithm and P as the key: Ep(K´). She sends Bob A, EP(K´) (2) Bob knows P. He decrypts the message to obtain K´. Then, he generates a random session key, K, and encrypts it with the public key he received from Alice and P as the key. He sends Alice EP(EK´(K)) (3) Alice decrypts the message to obtain K. She generates a random strin...
View Full Document
- Fall '10