Cryptography Reference
In-Depth Information
Chapter 17
Entity Authentication
In this chapter, we elaborate on entity authentication in general, and (cryptographic)
authentication protocols that implement a proof by knowledge in particular. More
specifically, we introduce the topic in Section 17.1, overview and discuss authen-
tication technologies in Section 17.2, elaborate on zero-knowledge authentication
protocols in Section 17.3, and conclude with some final remarks in Section 17.4.
17.1
INTRODUCTION
Generally speaking, an entity identifies itself if it claims to have a specific identity,
and it authenticates itself if it proves in one way or another that the claimed identity
really belongs to it. Consequently,
identification
refers to the process by which
an entity—let's call it the
claimant
or
prover
—claims to have a specific identity,
whereas
entity authentication
refers to the process by which the claimant proves
to another entity—let's call it the
verifier
—that the claimed identity really belongs
to it. At the end, the verifier is assured of the claimed identity of the prover.
Note that in some literature, the terms identification and entity authentication are
used synonymously and interchangeably. In this topic, however, we make a clear
distinction between the two terms (and the corresponding processes). Anybody can
identify himself or herself as anybody (and claim to have a particular identity).
Contrary to that, it may not be feasible to authenticate as anybody else (if the
authentication mechanisms are strong enough).
Entity authentication can be
unilateral
(if only one entity authenticates itself
to another) or
mutual
(if the entities authenticate to each other). In either case, the
verifier must know an authentic reference parameter (e.g., a shared secret key, a
public key certificate, or some biometric information) relative to which the entity
authentication is performed.
