Cryptography Reference
In-Depth Information
Table 8.2:
Summary of properties of freshness mechanisms
Clock-based
Sequence numbers
Nonce-based
Synchronisation needed?
Yes
Yes
No
Communication delays
Window needed
Window needed
Window needed
Integrity required?
Yes
Yes
No
Minimum passes needed
1
1
2
Special requirements
Clock
Sequence database
Random generator
example, for entity authentication) then they require a degree of management.
For sequence numbers this management involves monitoring the time periods
between received sequence numbers. For nonces, it involves monitoring the delay
between sending and receiving the nonce.
Recall from Section 1.3.1 that entity authentication is the assurance that a given
entity is involved and currently active in a communication session. This means
that entity authentication really involves assurance of both:
Identity
. the identity of the entity who is making a claim to be authenticated;
Freshness
. that the claimed entity is 'alive' and involved in the current session.
If we fail to assure ourselves of identity then we cannot be certain whom we are
trying to authenticate. If we fail to assure ourselves of freshness then we could
be exposed to
replay attacks
, where an attacker captures information used during
an entity authentication session and replays it a later date in order to falsely pass
themselves off as the entity whose information they 'stole'.
The word
entity
is itself problematic. We will avoid philosophical questions
and not propose any formal definition, other than to comment that an 'entity' in
the subsequent discussion could be a human user, a device or even some data.
To appreciate the problems of defining a rigorous notion of an 'entity', consider
the following question: when someone types their password into a computer
then is the entity that is being authenticated the person, or their password? This
essentially relates to the same 'human-computer gap' that we commented on
when discussing digital signatures in Section 7.4.3.
If entity authentication is only used to provide assurance of the identity of
one entity to another (and not vice versa) then we refer to it as
unilateral
entity
authentication. If both communicating entities provide each other with assurance
