Cryptography Reference
In-Depth Information
Many entity authentication protocols can also be used to establish a secret key
to be shared between the claimant and the verifier, and this key can then serve as a
session key. The resulting protocols are called
authentication and key distribution
protocols
or
authenticated key distribution protocols
. These protocols are very
important in practice. A comprehensive overview and analysis of authentication and
key distribution protocols is beyond the scope of this topic. You may refer to [1].
The major security objective of an entity authentication protocol is to make it
impossible (or at least computationally infeasible) for an adversary to impersonate
a claimant, even if he or she has witnessed or has been involved in a large number
of protocol executions with both the claimant and the verifier. An impersonation
attack must always take place online, but it may be possible to prepare some parts
of it offline. Consequently, it is common to distinguish between offline and online
attacks.
•
In an
offline attack
, the adversary must not directly communicate with the
verifier to prepare the attack. Instead, he or she can analyze information
acquired from previous protocol executions and retrieve information that he
or she can (mis)use to impersonate the claimant at some later point in time.
•
In an
online attack
, the adversary must directly communicate with the verifier
to prepare the attack. Consequently, every preparation step for the attack must
be carried out with the verifier.
Obviously, offline attacks are much more powerful and hence are much more
difficult to protect against (than online attacks). In fact, it is possible to protect
against online attacks by limiting and setting an upper bound for the number of
attempts an entity can try to authenticate itself, introducing a time delay between the
individual attempts, or, if the attacker must be physically present to mount the attack,
by threatening to apply some physical measures (e.g., exit locks). In the following
section, we look at some technologies that can be used for entity authentication.
More information is available, for example, in [2].
17.2
AUTHENTICATION TECHNOLOGIES
It is common to divide the technologies that can be used for (entity) authentication
into four categories, depending on whether it is based on:
•
Something the claimant possesses (proof by possession);
•
Something the claimant knows (proof by knowledge);
•
Some biometric characteristics of the claimant (proof by property);
