Encryption-Based Authentication in Large Networks: Needham-Schroeder Protocol Proposal, Study notes of Computer Science

Download Encryption-Based Authentication in Large Networks: Needham-Schroeder Protocol Proposal and more Study notes Computer Science in PDF only on Docsity!

Using Encryption for

Authentication in Large

Networks of

Computers

Roger M. Needham and Michael D. Schroeder

Definitions: Authentication: verifying the identity of the communicating principals Why not just use passwords for authentication? Public key: Two keys are necessary. One for encryption and one for decryption. The knowledge of one key gives no help in finding the other. The two keys will act as inverses for one another. Conventional: Shared Key, that is private.

Contribution (cont.):

From the introduction:

We present protocols for decentralized authentication in such a network that are integrated with the allied subject of naming. Three functions are discussed: (1) Establishment of authenticated interactive communication between two principals on different machines. By interactive communication we mean a series of messages in either direction, typically each in response to a previous one. (2) Authenticated one-way communication, such as is found in mail systems, where it is impossible to require protocol exchanges between the sender and the recipient while sending an item, since there can be no guarantee that sender and recipient are simultaneously available. (3) Signed communications, in which the origin of a communication and the integrity of the content can be authenticated to a third party.

Assumptions:

• Feasible for each computer in the network to encrypt

and decrypt material efficiently with arbitrary keys

• Keys are not readily discoverable by an exhaustive

search or cryptanalysis

Intruder can interpose a computer in all communication

paths, which means:

• replay messages
• alter or copy parts of the message
• emit false material