|
|
| Line 1: |
Line 1: |
| The '''Neuman–Stubblebine protocol''' is a [[computer network]] [[authentication]] [[communications protocol|protocol]] designed for use on [[insecure network]]s (e.g., the [[Internet]]). It allows individuals communicating over such a network to prove their identity to each other. This protocol utilizes time stamps, but does not depend on synchronized clocks.
| | Hello! I am Flor. I smile that I could unify to the entire globe. I live in Italy, in the south region. I dream to visit the various countries, to obtain familiarized with interesting individuals.<br><br>Have a look at my blog: [http://www.startthis.com/node/317300 нажмите здесь.] |
| | |
| ==The protocol==
| |
| | |
| If [[Alice and Bob|Alice]] (A) initiates the communication to Bob (B) with S is a server trusted by both parties, the protocol can be specified as follows using [[security protocol notation]]:
| |
| * A and B are identities of Alice and Bob respectively
| |
| * M is a session identifier
| |
| * <math>K_{AS}</math> is a [[symmetric key]] known only to A and S
| |
| * <math>K_{BS}</math> is a symmetric key known only to B and S
| |
| * <math>N_A</math> and <math>N_B</math> are [[cryptographic nonce|nonces]] generated by A and B respectively
| |
| * <math>T_A</math> and <math>T_B</math> are [[timestamp]]s generated by A and B respectively
| |
| * <math>K_{AB}</math> is a generated symmetric key, which will be the [[session key]] of the session between A and B
| |
| | |
| <math>A \rightarrow B: A, N_A</math>
| |
| :Alice notified Bob of intent to initiate secure communication.
| |
| <math>B \rightarrow S: B, N_B, \{A, N_A, T_B\}_{K_{BS}}</math>
| |
| :Bob generates a times stamp and a nonce, and sends this to the trusted Server.
| |
| <math>S \rightarrow A: \{B, N_A, K_{AB}, T_B\}_{K_{AS}}, \{A, K_{AB}, T_B\}_{K_{BS}}, N_B</math>
| |
| :The trusted Server generates a session key and a message for Alice to forward to Bob.
| |
| :<math>A \rightarrow B: \{A, K_{AB}, T_B\}_{K_{BS}}, \{N_B\}_{K_{AB}}</math>
| |
| Alice forwards the message and verifies <math>N_A</math> is the same that she generated earlier. Bob will verify <math>T_B</math> and <math>N_B</math> have not changed when he receives the message.
| |
| | |
| ==Subsequent communications==
| |
| An advantage provided by this protocol is that Alice can utilize the trusted Server's message to initiate authentication with Bob within some predetermined time limit without utilizing the trusted Server. The protocol proceeds as follows using the same definitions as above.
| |
| | |
| <math>A \rightarrow B: \{A, K_{AB}, T_B\}_{K_{BS}}, N'_A</math>
| |
| :Alice sends the message the trusted Server sent her previously when communication with Bob.
| |
| <math>B \rightarrow A: N'_B, \{N'_A\}_{K_{AB}}</math> | |
| :Bob sends Alice a new nonce and her new nonce encrypted with session key that Alice resent from previous communication.
| |
| <math>A \rightarrow B: \{N'_B\}_{K_{AB}}</math>
| |
| :Alice returns Bob's nonce encrypted with the session key to allow him to verify the communication is successful.
| |
| | |
| == Attack ==
| |
| Using the theorem prover [[SPASS]] it has been shown that this protocol can be attacked.<ref>{{Citation | last=Weidenbach | first=Christoph | title=Towards an Automatic Analysis of Security Protocols in First-Order Logic | place=Saarbrücken, Germany | year=1999 | url = http://www.mpi-sb.mpg.de/~weidenb/publications/cade99prot.ps.gz }}</ref> This attack and two more from <ref>{{Citation | last1=Hwang | first2=Narn-Yih | first1=Tzonelih | last2=Lee | first3=Chuan-Ming | last3=Li | first4=Ming-Yung | last4=Ko | first5=Yung-Hsiang | last5=Chen | title=Two attacks on Neuman-Stubblebine authentication protocols | place=Tainan, Taiwan | year=1994 | doi = 10.1016/0020-0190(95)00177-E | journal=Information Processing Letters | volume=53 | issue=2 | pages=103–107 }}</ref> are outlined in [http://www.lsv.ens-cachan.fr/Software/spore/neumannStubblebine.pdf].
| |
| | |
| == See also ==
| |
| * [[Kerberos (protocol)|Kerberos]]
| |
| * [[Needham–Schroeder protocol]]
| |
| * [[Otway–Rees protocol]]
| |
| * [[Yahalom (protocol)|Yahalom]]
| |
| * [[Wide Mouth Frog protocol]]
| |
| | |
| ==References==
| |
| {{Citation
| |
| |last = Schneier
| |
| |first = Bruce
| |
| |authorlink = Bruce Schneier
| |
| |title = Applied Cryptography
| |
| |publisher = [[John Wiley & Sons]]
| |
| |year = 1996
| |
| |pages = 60–62
| |
| |isbn = 0-471-12845-7}}
| |
| <references/>
| |
| | |
| {{DEFAULTSORT:Neuman-Stubblebine protocol}}
| |
| [[Category:Cryptographic protocols]]
| |
| [[Category:Computer access control protocols]]
| |
Hello! I am Flor. I smile that I could unify to the entire globe. I live in Italy, in the south region. I dream to visit the various countries, to obtain familiarized with interesting individuals.
Have a look at my blog: нажмите здесь.