Cryptography Reference
In-Depth Information
Diagram 7.10 X.509 Strong One-Way Authentication
m
←−−−−
d
A
(
m
)
optional
e
A
Bob checks:
t
A
,
r
A
,
C
(
B
)
d
B
Alice
−−−−−−−−−−−−−−−−−−−−−−→
d
A
(
t
A
,
r
A
,
C
(
B
)
,
m
,
e
B
(
k
))
Shared Secret Key
k
←−−−−
e
B
(
k
)
Strong Two-Way Authentication
The one-way protocol is executed, then the following steps.
3. Bob obtains a new timestamp
t
B
, generates a nonce
r
B
, and (optionally)
may send a message
m
. He obtains a secret SKC key
k
which he encrypts
with
e
A
. Then he computes,
M
B
=(
t
B
,r
B
,C
(
A
)
,m
,e
A
(
k
)) and sends
d
B
(
M
B
) to Alice.
4. Alice now executes analogous actions to those Bob took in step2 of the
one-way protocol. If all is valid, and the option has been exercised, she
decrypts
k
with her private key
d
A
. Now she can store
k
as another
shared key for future use.
Two-way authentication adds to the outcome of the one-way authentication
by authenticating Bob, since he is the only one with
d
B
. Since
C
(
A
) is valid. As
in the one-way authentication, the integrity and originality of
m
is validated.
Digaram 7.11 is a simplified version of the strong two-way authentication
(with the actions in Diagram 7.10 by Bob understood as well as the correspond-
ing actions by Alice).
Diagram 7.11 X.509 Strong Two-Way Authentication (Simplified)
d
A
(
t
A
,
r
A
,
C
(
B
)
,
m
,
e
B
(
k
))
−−−−−−−−−−−−−−−−−−−−−−→
←−−−−−−−−−−−−−−−−−−−−−−−
Alice
d
B
(
t
B
,
r
B
,
C
(
A
)
,
m
,
e
A
(
k
))
Bob
Strong Three-Way Authentication
The two-way protocol is executed, then the following step.
Search WWH ::
Custom Search