📄 03-07.html
字号:
<!-- LEFT NAV SEARCH END --> </td> <!-- PUB PARTNERS END --><!-- END LEFT NAV --><td rowspan="8" align="right" valign="top"><img src="/images/iswbls.gif" width=1 height=400 alt="" border="0"></td><td><img src="/images/white.gif" width="5" height="1" alt="" border="0"></td><!-- end of ITK left NAV --><!-- begin main content --><td width="100%" valign="top" align="left"><!-- END SUB HEADER -->
<!--Begin Content Column -->
<FONT FACE="Arial,Helvetica" SIZE="-1">
To access the contents, click the chapter and section titles.
</FONT>
<P>
<B>Applied Cryptography, Second Edition: Protocols, Algorthms, and Source Code in C (cloth)</B>
<FONT SIZE="-1">
<BR>
<I>(Publisher: John Wiley & Sons, Inc.)</I>
<BR>
Author(s): Bruce Schneier
<BR>
ISBN: 0471128457
<BR>
Publication Date: 01/01/96
</FONT>
<P>
<form name="Search" method="GET" action="http://search.earthweb.com/search97/search_redir.cgi">
<INPUT TYPE="hidden" NAME="Action" VALUE="Search">
<INPUT TYPE="hidden" NAME="SearchPage" VALUE="http://search.earthweb.com/search97/samples/forms/srchdemo.htm">
<INPUT TYPE="hidden" NAME="Collection" VALUE="ITK">
<INPUT TYPE="hidden" NAME="ResultTemplate" VALUE="itk-full.hts">
<INPUT TYPE="hidden" NAME="ViewTemplate" VALUE="view.hts">
<font face="arial, helvetica" size=2><b>Search this book:</b></font><br>
<INPUT NAME="queryText" size=50 VALUE=""> <input type="submit" name="submitbutton" value="Go!">
<INPUT type=hidden NAME="section_on" VALUE="on">
<INPUT type=hidden NAME="section" VALUE="http://www.itknowledge.com/reference/standard/0471128457/">
</form>
<!-- Empty Reference Subhead -->
<!--ISBN=0471128457//-->
<!--TITLE=APPLIED CRYPTOGRAPHY, SECOND EDITION: Protocols, Algorithms, and Source Code in C//-->
<!--AUTHOR=Bruce Schneier//-->
<!--PUBLISHER=Wiley Computer Publishing//-->
<!--CHAPTER=03//-->
<!--PAGES=061-062//-->
<!--UNASSIGNED1//-->
<!--UNASSIGNED2//-->
<CENTER>
<TABLE BORDER>
<TR>
<TD><A HREF="03-06.html">Previous</A></TD>
<TD><A HREF="../ewtoc.html">Table of Contents</A></TD>
<TD><A HREF="03-08.html">Next</A></TD>
</TR>
</TABLE>
</CENTER>
<P><BR></P>
<P>This protocol, first presented in [820] and corrected in [1162] attempts to counter the suppress-replay attack. It is an enhancement to Yahalom and is an excellent protocol.
</P>
<DL>
<DD><B>(1)</B> Alice concatenates her name and a random number and sends it to Bob.
<DL>
<DD><I>A,R</I><SUB>A</SUB>
</DL>
<DD><B>(2)</B> Bob concatenates Alice’s name, her random number, and a timestamp, and encrypts with the key he shares with Trent. He sends it to Trent along with his name and a new random number.
<DL>
<DD><I>B,R</I><SUB>B</SUB>,<I>E</I><SUB>B</SUB>(<I>A,R</I><SUB>A</SUB>,<I>T</I><SUB>B</SUB>)
</DL>
<DD><B>(3)</B> Trent generates a random session key. Then he creates two messages. The first is Bob’s name, Alice’s random number, a random session key, and the timestamp, all encrypted with the key he shares with Alice. The second is Alice’s name, the session key, and the timestamp, all encrypted with the key he shares with Bob. He sends these both to Alice, along with Bob’s random number.
<DL>
<DD><I>E</I><SUB>A</SUB>(<I>B,R</I><SUB>A</SUB><I>,K,T</I><SUB>B</SUB>),<I>E</I><SUB>A</SUB>(<I>A,K,T</I><SUB>B</SUB>),<I>R</I><SUB>B</SUB>
</DL>
<DD><B>(4)</B> Alice decrypts the message encrypted with her key, extracts <I>K</I>, and confirms that <I>R</I><SUB>A</SUB> has the same value as it did in step (1). Alice sends Bob two messages. The first is the message received from Trent, encrypted with Bob’s key. The second is <I>R</I><SUB>B</SUB>, encrypted with the session key.
<DL>
<DD><I>E</I><SUB>B</SUB>(<I>A,K,T</I><SUB>B</SUB>),<I>E</I><SUB>K</SUB>(<I>R</I><SUB>B</SUB>)
</DL>
<DD><B>(5)</B> Bob decrypts the message encrypted with his key, extracts <I>K</I>, and confirms that <I>T</I><SUB>B</SUB> and <I>R</I><SUB>B</SUB> have the same value they did in step (2).
</DL>
<P>Assuming both random numbers and the timestamp match, Alice and Bob are convinced of one another’s identity and share a secret key. Synchronized clocks are not required because the timestamp is only relative to Bob’s clock; Bob only checks the timestamp he generated himself.
</P>
<P>One nice thing about this protocol is that Alice can use the message she received from Trent for subsequent authentication with Bob, within some predetermined time limit. Assume that Alice and Bob completed the above protocol, communicated, and then terminated the connection. Alice and Bob can reauthenticate in three steps, without having to rely on Trent.</P>
<DL>
<DD><B>(1)</B> Alice sends Bob the message Trent sent her in step (3) and a new random number.
<DL>
<DD><I>E</I><SUB>B</SUB>(<I>A,K,T</I><SUB>B</SUB>),<I>R’</I><SUB>A</SUB>
</DL>
<DD><B>(2)</B> Bob sends Alice another new random number, and Alice’s new random number encrypted in their session key.
<DL>
<DD><I>R’</I><SUB>B</SUB>,<I>E</I><SUB>K</SUB>(<I>R’</I><SUB>A</SUB>)
</DL>
<DD><B>(3)</B> Alice sends Bob his new random number, encrypted in their session key.
<DL>
<DD><I>E</I><SUB>K</SUB>(<I>R’</I><SUB>B</SUB>)
</DL>
</DL>
<P>The new random numbers prevent replay attacks.
</P>
<P><FONT SIZE="+1"><B><I>DASS</I></B></FONT></P>
<P>The Distributed Authentication Security Service (DASS) protocols, developed at Digital Equipment Corporation, also provide for mutual authentication and key exchange [604,1519,1518]. Unlike the previous protocols, DASS uses both public-key and symmetric cryptography. Alice and Bob each have a private key. Trent has signed copies of their public keys.
</P>
<DL>
<DD><B>(1)</B> Alice sends a message to Trent, consisting of Bob’s name.
<DL>
<DD><I>B</I>
</DL>
<DD><B>(2)</B> Trent sends Alice Bob’s public key, <I>K</I><SUB>B</SUB>, signed with Trent’s private key, <I>T</I>. The signed message includes Bob’s name.
<DL>
<DD><I>S</I><SUB>T</SUB>(<I>B,K</I><SUB>B</SUB>)
</DL>
<DD><B>(3)</B> Alice verifies Trent’s signature to confirm that the key she received is actually Bob’s public key. She generates a random session key, and a random public-key/private-key key pair: <I>K</I><SUB>P</SUB>. She encrypts a timestamp with <I>K</I>. Then she signs a key lifetime, <I>L</I>, her name, and <I>K</I><SUB>P</SUB> with her private key, <I>K</I>A. Finally, she encrypts <I>K</I> with Bob’s public key, and signs it with <I>K</I><SUB>P</SUB>. She sends all of this to Bob.
<DL>
<DD><I>E</I><SUB>K</SUB>(<I>T</I><SUB>A</SUB>),<I>S</I><SUB><SUB>K</SUB>A</SUB>(<I>L,A,K</I><SUB>P</SUB>),<I>S</I><SUB>K<SUB>P</SUB></SUB>(<I>E</I><SUB>K<SUB>B</SUB></SUB>(<I>K</I>))
</DL>
<DD><B>(4)</B> Bob sends a message to Trent (this may be a different Trent), consisting of Alice’s name.
<DL>
<DD><I>A</I>
</DL>
<DD><B>(5)</B> Trent sends Bob Alice’s public key, signed in Trent’s private key. The signed message includes Alice’s name.
<DL>
<DD><I>S</I><SUB>T</SUB>(<I>A,K</I><SUB>A</SUB>)
</DL>
<DD><B>(6)</B> Bob verifies Trent’s signature to confirm that the key he received is actually Alice’s public key. He then verifies Alice’s signature and recovers <I>K</I><SUB>P</SUB>. He verifies the signature and uses his private key to recover <I>K</I>. Then he decrypts <I>T</I><SUB>A</SUB> to make sure this is a current message.
<DD><B>(7)</B> If mutual authentication is required, Bob encrypts a new timestamp with <I>K</I>, and sends it to Alice.
<DL>
<DD><I>E</I><SUB>K</SUB>(<I>T</I><SUB>B</SUB>)
</DL>
<DD><B>(8)</B> Alice decrypts <I>T</I><SUB>B</SUB> with <I>K</I> to make sure that the message is current.
</DL>
<P>SPX, a product by DEC, is based on DASS. Additional information can be found in [34].
</P><P><BR></P>
<CENTER>
<TABLE BORDER>
<TR>
<TD><A HREF="03-06.html">Previous</A></TD>
<TD><A HREF="../ewtoc.html">Table of Contents</A></TD>
<TD><A HREF="03-08.html">Next</A></TD>
</TR>
</TABLE>
</CENTER>
[an error occurred while processing this directive]
<!-- all of the reference materials (books) have the footer and subfoot reveresed --><!-- reference_subfoot = footer --><!-- reference_footer = subfoot --><!-- BEGIN SUB FOOTER --> <br><br> </TD> </TR> </TABLE> <table width="640" border=0 cellpadding=0 cellspacing=0> <tr> <td align="left" width=135><img src="/images/white.gif" width=100 height="1" alt="" border="0"></td> <!-- END SUB FOOTER -->
<!-- all of the books have the footer and subfoot reveresed --><!-- reference_subfoot = footer --><!-- reference_footer = subfoot --><!-- FOOTER --> <td width="515" align="left" bgcolor="#FFFFFF"><font face="arial, helvetica" size="1"><b><a href="/products.html"><font color="#006666">Products</font></a> | <a href="/contactus.html"><font color="#006666">Contact Us</font></a> | <a href="/aboutus.html"><font color="#006666">About Us</font></a> | <a href="http://www.earthweb.com/corporate/privacy.html" target="_blank"><font color="#006666">Privacy</font></a> | <a href="http://www.itmarketer.com/" target="_blank"><font color="#006666">Ad Info</font></a> | <a href="/"><font color="#006666">Home</font></a></b> <br><br> Use of this site is subject to certain <a href="/agreement.html">Terms & Conditions</a>, <a href="/copyright.html">Copyright © 1996-1999 EarthWeb Inc.</a><br> All rights reserved. Reproduction whole or in part in any form or medium without express written permision of EarthWeb is prohibited.</font><p></td> </tr></table></BODY></HTML><!-- END FOOTER -->
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -