Yahalom (protocol)

Yahalom is an authentication and secure key-sharing protocol designed for use on an insecure network such as the Internet. Yahalom uses a trusted arbitrator to distribute a shared key between two people. This protocol can be considered as an improved version of Wide Mouth Frog protocol (with additional protection against man-in-the-middle attack), but less secure than the Needham–Schroeder protocol.

Protocol description

If Alice (A) initiates the communication to Bob (B) with S is a server trusted by both parties, the protocol can be specified as follows using security protocol notation:

A and B are identities of Alice and Bob respectively
$K_{A S}$ is a symmetric key known only to A and S
$K_{B S}$ is a symmetric key known only to B and S
$N_{A}$ and $N_{B}$ are nonces generated by A and B respectively
$K_{A B}$ is a symmetric, generated key, which will be the session key of the session between A and B

$A \to B : A, N_{A}$

Alice sends a message to Bob requesting communication.

$B \to S : B, {A, N_{A}, N_{B}}_{K_{B S}}$

Bob sends a message to the Server encrypted under

K_{B S}

.

$S \to A : {B, K_{A B}, N_{A}, N_{B}}_{K_{A S}}, {A, K_{A B}}_{K_{B S}}$

The Server sends to Alice a message containing the generated session key

K_{A B}

and a message to be forwarded to Bob.

$A \to B : {A, K_{A B}}_{K_{B S}}, {N_{B}}_{K_{A B}}$

Alice forwards the message to Bob and verifies

N_{A}

has not changed. Bob will verify

N_{B}

has not changed when he receives the message.

BAN-Yahalom

Burrows􏰂, Abadi􏰂 and Needham proposed a variant of this protocol in their 1989 paper as follows:^[1] $A \to B : A, N_{A}$
$B \to S : B, N_{B}, {A, N_{A}}_{K_{B S}}$
$S \to A : N_{B}, {B, K_{A B}, N_{A}}_{K_{A S}}, {A, K_{A B}, N_{B}}_{K_{B S}}$
$A \to B : {A, K_{A B}, N_{B}}_{K_{B S}}, {N_{B}}_{K_{A B}}$ In 1994, Paul Syverson demonstrated two attacks on this protocol.^[1]

References

↑ ^1.0 ^1.1 Paul Syverson. A taxonomy of replay attacks. In Proceedings of the 7th IEEE Computer Security Foundations Workshop, pages 131􏰀–136. IEEE Computer Society Press, 1994.

Schneier, Bruce (1996). Applied Cryptography. John Wiley & Sons. pp. 57–58. ISBN 0-471-12845-7.
M. Burrows, M. Abadi, R. Needham A Logic of Authentication, Research Report 39, Digital Equipment Corp. Systems Research Center, Feb. 1989
M. Burrows, M. Abadi, R. Needham A Logic of Authentication. ACM Transactions on Computer Systems, v. 8, n. 1, Feb. 1990, pp. 18—36

Stub icon

This cryptography-related article is a stub. You can help Wikipedia by expanding it.

[syv94-1] 1.0 ^1.1 Paul Syverson. A taxonomy of replay attacks. In Proceedings of the 7th IEEE Computer Security Foundations Workshop, pages 131􏰀–136. IEEE Computer Society Press, 1994.

[1]

Yahalom (protocol)

Contents

Protocol description

BAN-Yahalom

See also

References

Navigation menu

Page actions

Page actions

Personal tools

Navigation

Search

Tools

In other projects

In other languages