Woo–Lam
   HOME

TheInfoList



Click Here for Items Related To - Woo–Lam
OR:
Woo–Lam on:   [Wikipedia]   [Google]   [Amazon]

In
cryptography Cryptography, or cryptology (from grc, , translit=kryptós "hidden, secret"; and ''graphein'', "to write", or ''-logia'', "study", respectively), is the practice and study of techniques for secure communication in the presence of adver ...
, Woo–Lam refers to various computer network
authentication Authentication (from ''authentikos'', "real, genuine", from αὐθέντης ''authentes'', "author") is the act of proving an assertion, such as the identity of a computer system user. In contrast with identification, the act of indicati ...
protocols designed by
Simon S. Lam Simon S. Lam is an American computer scientist. He retired in 2018 from The University of Texas at Austin as Professor Emeritus and Regents' Chair Emeritus in Computer Science #1. He made seminal and important contributions to transport layer secu ...
and Thomas Woo. The protocols enable two communicating parties to authenticate each other's identity and to exchange session keys, and involve the use of a trusted
key distribution center {{cleanup, date=November 2011 In cryptography, a key distribution center (KDC) is part of a cryptosystem intended to reduce the risks inherent in exchanging keys. KDCs often operate in systems within which some users may have permission to use cer ...
(KDC) to negotiate between the parties. Both symmetric-key and public-key variants have been described. However, the protocols suffer from various security flaws, and in part have been described as being inefficient compared to alternative authentication protocols.


Public-key protocol


Notation

The following notation is used to describe the algorithm: :A,B - network nodes. :KU_x - public key of node x. :KR_x - private key of x. :N_x - nonce chosen by x. :ID_x - unique identifier of x. :E_k -
public-key encryption Public-key cryptography, or asymmetric cryptography, is the field of cryptographic systems that use pairs of related keys. Each key pair consists of a public key and a corresponding private key. Key pairs are generated with cryptographic alg ...
using key k. :S_k -
digital signature A digital signature is a mathematical scheme for verifying the authenticity of digital messages or documents. A valid digital signature, where the prerequisites are satisfied, gives a recipient very high confidence that the message was created b ...
using key k. :K - random session key chosen by the KDC. :, , - concatenation. It is assumed that all parties know the KDC's public key.


Message exchange

:1) A \rightarrow KDC : ID_A , , ID_B :2) KDC \rightarrow A : S_ , KU_B :3) A \rightarrow B : E_ , ID_A :4) B \rightarrow KDC: ID_B, , ID_A, , E_ _A/math> :5) KDC \rightarrow B : S_ , KU_A, E_ ">K">, ID_B, , ID_A :6) B \rightarrow A : E_ , K , , N_B/math> :7) A \rightarrow B : E_ had the identifier ID_A omitted from lines 5 and 6, which did not account for the fact that N_A is unique only among nonces generated by A and not by other parties. The protocol was revised after the authors themselves spotted a flaw in the algorithm.


See also

* Kerberos * Needham–Schroeder protocol">Kerberos (protocol)">Kerberos * Needham–Schroeder protocol * Otway–Rees protocol


References

Computer network security Authentication methods {{Crypto-stub