HOME

TheInfoList



Click Here for Items Related To - Neuman–Stubblebine Protocol
OR:
Neuman–Stubblebine Protocol on:   [Wikipedia]   [Google]   [Amazon]

The Neuman–Stubblebine protocol is a
computer network A computer network is a set of computers sharing resources located on or provided by network nodes. The computers use common communication protocols over digital interconnections to communicate with each other. These interconnections ar ...
authentication Authentication (from ''authentikos'', "real, genuine", from αὐθέντης ''authentes'', "author") is the act of proving an assertion, such as the identity of a computer system user. In contrast with identification, the act of indicat ...
protocol Protocol may refer to: Sociology and politics * Protocol (politics), a formal agreement between nation states * Protocol (diplomacy), the etiquette of diplomacy and affairs of state * Etiquette, a code of personal behavior Science and technology ...
designed for use on
insecure network InSecurity is a Canadian spy comedy television series that aired on CBC Television from 2011 to 2012. The series centres on a team of covert operatives working for the National Intelligence and Security Agency (NISA), a fictional Canadian intelli ...
s (e.g., the
Internet The Internet (or internet) is the global system of interconnected computer networks that uses the Internet protocol suite (TCP/IP) to communicate between networks and devices. It is a ''internetworking, network of networks'' that consists ...
). It allows individuals communicating over such a network to prove their identity to each other. This protocol utilizes time stamps, but does not depend on synchronized clocks.


The protocol

If
Alice Alice may refer to: * Alice (name), most often a feminine given name, but also used as a surname Literature * Alice (''Alice's Adventures in Wonderland''), a character in books by Lewis Carroll * ''Alice'' series, children's and teen books by ...
(A) initiates the communication to Bob (B) with S is a server trusted by both parties, the protocol can be specified as follows using
security protocol notation In cryptography, security (engineering) protocol notation, also known as protocol narrations and Alice & Bob notation, is a way of expressing a protocol of correspondence between entities of a dynamic system, such as a computer network. In the c ...
: * A and B are identities of Alice and Bob respectively * M is a session identifier * K_ is a
symmetric key Symmetric-key algorithms are algorithms for cryptography that use the same cryptographic keys for both the encryption of plaintext and the decryption of ciphertext. The keys may be identical, or there may be a simple transformation to go between t ...
known only to A and S * K_ is a symmetric key known only to B and S * N_A and N_B are nonces generated by A and B respectively * T_A and T_B are
timestamp A timestamp is a sequence of characters or encoded information identifying when a certain event occurred, usually giving date and time of day, sometimes accurate to a small fraction of a second. Timestamps do not have to be based on some absolut ...
s generated by A and B respectively * K_ is a generated symmetric key, which will be the
session key A session key is a single-use symmetric key used for encrypting all messages in one communication session. A closely related term is content encryption key (CEK), traffic encryption key (TEK), or multicast key which refers to any key used for e ...
of the session between A and B A \rightarrow B: A, N_A :Alice notified Bob of intent to initiate secure communication. B \rightarrow S: B, N_B, \_ :Bob generates a times stamp and a nonce, and sends this to the trusted Server. S \rightarrow A: \_, \_, N_B :The trusted Server generates a session key and a message for Alice to forward to Bob. :A \rightarrow B: \_, \_ Alice forwards the message and verifies N_A is the same that she generated earlier. Bob will verify T_B and N_B have not changed when he receives the message.


Subsequent communications

An advantage provided by this protocol is that Alice can utilize the trusted Server's message to initiate authentication with Bob within some predetermined time limit without utilizing the trusted Server. The protocol proceeds as follows using the same definitions as above. A \rightarrow B: \_, N'_A :Alice sends the message the trusted Server sent her previously when communication with Bob. B \rightarrow A: N'_B, \_ :Bob sends Alice a new nonce and her new nonce encrypted with session key that Alice resent from previous communication. A \rightarrow B: \_ :Alice returns Bob's nonce encrypted with the session key to allow him to verify the communication is successful.


Attack

Using the theorem prover
SPASS SPASS is an automated theorem prover for first-order logic with equality developed at the Max Planck Institute for Computer Science and using the superposition calculus. The name originally stood for ''Synergetic Prover Augmenting Superposition ...
it has been shown that this protocol can be attacked. This attack and two more from are outlined i


See also

* Kerberos (protocol), Kerberos *
Needham–Schroeder protocol The Needham–Schroeder protocol is one of the two key transport protocols intended for use over an insecure network, both proposed by Roger Needham and Michael Schroeder. These are: * The ''Needham–Schroeder Symmetric Key Protocol'', based on ...
*
Otway–Rees protocol The Otway–Rees protocol is a computer network authentication protocol designed for use on insecure networks (e.g. the Internet). It allows individuals communicating over such a network to prove their identity to each other while also preventi ...
* Yahalom *
Wide Mouth Frog protocol The Wide-Mouth Frog protocol is a computer network authentication protocol designed for use on insecure networks (the Internet for example). It allows individuals communicating over a network to prove their identity to each other while also prev ...


References

{{DEFAULTSORT:Neuman-Stubblebine protocol Cryptographic protocols Computer access control protocols