Wide Mouth Frog
   HOME

TheInfoList



Click Here for Items Related To - Wide Mouth Frog
OR:
Wide Mouth Frog on:   [Wikipedia]   [Google]   [Amazon]

The Wide-Mouth Frog protocol is a
computer network A computer network is a set of computers sharing resources located on or provided by network nodes. The computers use common communication protocols over digital interconnections to communicate with each other. These interconnections are ...
authentication
protocol Protocol may refer to: Sociology and politics * Protocol (politics), a formal agreement between nation states * Protocol (diplomacy), the etiquette of diplomacy and affairs of state * Etiquette, a code of personal behavior Science and technology ...
designed for use on insecure networks (the
Internet The Internet (or internet) is the global system of interconnected computer networks that uses the Internet protocol suite (TCP/IP) to communicate between networks and devices. It is a '' network of networks'' that consists of private, pub ...
for example). It allows individuals communicating over a network to prove their identity to each other while also preventing eavesdropping or replay attacks, and provides for detection of modification and the prevention of unauthorized reading. This can be proven using Degano. The protocol was first described under the name "The Wide-mouthed-frog Protocol" in the paper "A Logic of Authentication" (1990), which introduced
Burrows–Abadi–Needham logic Burrows–Abadi–Needham logic (also known as the BAN logic) is a set of rules for defining and analyzing information exchange protocols. Specifically, BAN logic helps its users determine whether exchanged information is trustworthy, secured agains ...
, and in which it was an "unpublished protocol ... proposed by" coauthor
Michael Burrows Michael Burrows, FRS (born 1963) is a British computer scientist and the creator of the Burrows–Wheeler transform, currently working for Google. Born in Britain, as of 2018 he lives in the United States, although he remains a British citizen. ...
. Burrows, Abadi, and Needham
"A Logic of Authentication"
''ACM Transactions on Computer Systems'' 8 (1990), pp. 18–36. The paper gives no rationale for the protocol's whimsical name. The protocol can be specified as follows in
security protocol notation In cryptography, security (engineering) protocol notation, also known as protocol narrations and Alice & Bob notation, is a way of expressing a protocol of correspondence between entities of a dynamic system, such as a computer network. In the cont ...
:Wide Mouthed Frog
''Security Protocols Open Repository'' * A, B, and S are identities of Alice, Bob, and the trusted server respectively * T_A and T_s are
timestamp A timestamp is a sequence of characters or encoded information identifying when a certain event occurred, usually giving date and time of day, sometimes accurate to a small fraction of a second. Timestamps do not have to be based on some absolut ...
s generated by A and S respectively * K_ is a symmetric key known only to A and S * K_ is a generated symmetric key, which will be the session key of the session between A and B * K_ is a symmetric key known only to B and S : A \rightarrow S: A,\_ : S \rightarrow B: \_ Note that to prevent active attacks, some form of authenticated encryption (or message authentication) must be used. The protocol has several problems: * A global clock is required. * The server S has access to all keys. * The value of the session key K_ is completely determined by ''A'', who must be competent enough to generate good keys. * It can replay messages within the period when the timestamp is valid. * ''A'' is not assured that ''B'' exists. * The protocol is stateful. This is usually undesired because it requires more functionality and capability from the server. For example, ''S'' must be able to deal with situations in which ''B'' is unavailable.


See also

* Alice and Bob *
Kerberos (protocol) Kerberos () is a computer-network authentication protocol that works on the basis of ''tickets'' to allow nodes communicating over a non-secure network to prove their identity to one another in a secure manner. Its designers aimed it primarily a ...
* Needham–Schroeder protocol *
Neuman–Stubblebine protocol The Neuman–Stubblebine protocol is a computer network authentication protocol designed for use on insecure networks (e.g., the Internet). It allows individuals communicating over such a network to prove their identity to each other. This protoc ...
*
Otway–Rees protocol The Otway–Rees protocol is a computer network authentication protocol designed for use on insecure networks (e.g. the Internet). It allows individuals communicating over such a network to prove their identity to each other while also preventing ...
*
Yahalom (protocol) Yahalom is an authentication and secure key-sharing protocol designed for use on an insecure network such as the Internet. Yahalom uses a trusted arbitrator to distribute a shared key between two people. This protocol can be considered as an improv ...


References

{{Reflist Computer access control protocols