What do we mean by entity authentication?

The design of authentication protocols has proven to be surprisingly error-prone. We suggest that this is partly due to a language problem. The objectives of entity authentication are usually given in terms of human encounters while we actually implement message passing protocols. We propose various translations of the high-level objectives into a language appropriate for communication protocols. In addition, protocols are often specified at too low a level of abstraction. We argue that encryption should not be used as a general primitive as it does not capture the specific purpose for using a cryptographic function in a particular protocol.

[1]  Martín Abadi,et al.  A logic of authentication , 1990, TOCS.

[2]  Owen Rees,et al.  Efficient and timely mutual authentication , 1987, OPSR.

[3]  Colin Boyd,et al.  Hidden assumptions in cryptographic protocols , 1990 .

[4]  Paul F. Syverson The use of logic in the analysis of cryptographic protocols , 1991, Proceedings. 1991 IEEE Computer Society Symposium on Research in Security and Privacy.

[5]  Paul C. van Oorschot,et al.  Authentication and authenticated key exchanges , 1992, Des. Codes Cryptogr..

[6]  Chris J. Mitchell,et al.  Standardising Authentication Protocols Based on Public-Key Techniques , 1993, J. Comput. Secur..

[7]  Roger M. Needham,et al.  Using encryption for authentication in large networks of computers , 1978, CACM.

[8]  Martín Abadi,et al.  Prudent Engineering Practice for Cryptographic Protocols , 1994, IEEE Trans. Software Eng..

[9]  Einar Snekkenes,et al.  On The Formal Analysis of PKCS Authentication Protocols , 1990, AUSCRYPT.

[10]  Li Gong,et al.  Reasoning about belief in cryptographic protocols , 1990, Proceedings. 1990 IEEE Computer Society Symposium on Research in Security and Privacy.

[11]  Dieter Gollmann,et al.  A fair non-repudiation protocol , 1996, Proceedings 1996 IEEE Symposium on Security and Privacy.

[12]  Gavin Lowe,et al.  Breaking and Fixing the Needham-Schroeder Public-Key Protocol Using FDR , 1996, Softw. Concepts Tools.

[13]  Simon S. Lam,et al.  A semantic model for authentication protocols , 1993, Proceedings 1993 IEEE Computer Society Symposium on Research in Security and Privacy.

[14]  Virgil D. Gligor,et al.  On the formal specification and verification of a multiparty session protocol , 1990, Proceedings. 1990 IEEE Computer Society Symposium on Research in Security and Privacy.

[15]  Paul F. Syverson,et al.  On unifying some cryptographic protocol logics , 1994, Proceedings of 1994 IEEE Computer Society Symposium on Research in Security and Privacy.

[16]  Colin Boyd,et al.  On a Limitation of BAN Logic , 1994, EUROCRYPT.