|
The term Needham–Schroeder protocol can refer to one of the two key transport protocols intended for use over an insecure network, both proposed by Roger Needham and Michael Schroeder.〔 〕 These are: * The ''Needham–Schroeder Symmetric Key Protocol'' is based on a symmetric encryption algorithm. It forms the basis for the Kerberos protocol. This protocol aims to establish a session key between two parties on a network, typically to protect further communication. * The ''Needham–Schroeder Public-Key Protocol'', based on public-key cryptography. This protocol is intended to provide mutual authentication between two parties communicating on a network, but in its proposed form is insecure. ==The symmetric protocol== Here, Alice (A) initiates the communication to Bob (B). S is a server trusted by both parties. In the communication: * A and B are identities of Alice and Bob respectively * KAS is a symmetric key known only to A and S * KBS is a symmetric key known only to B and S * NA and NB are nonces generated by A and B respectively * KAB is a symmetric, generated key, which will be the session key of the session between A and B The protocol can be specified as follows in security protocol notation: :Alice sends a message to the server identifying herself and Bob, telling the server she wants to communicate with Bob. and sends back to Alice a copy encrypted under to show that he has the key. :Alice performs a simple operation on the nonce, re-encrypts it and sends it back verifying that she is still alive and that she holds the key. 抄文引用元・出典: フリー百科事典『 ウィキペディア(Wikipedia)』 ■ウィキペディアで「Needham–Schroeder protocol」の詳細全文を読む スポンサード リンク
|