This page was last modified on 2 June 2016, at 21:41.
This name is used for both symmetrical (using a trusted third party) and asymmetrical schemes of authentication and session key generation. They were invented by M.Schroeder and R.Needham in 1978.
This protocol is used for a mutual authentication and shared secret key generation for establishing a secure connection with the use of trusted third party. Later this protocol became a base for a range of symmetric authentication protocols, in particular Kerberos.
The protocol is used by two users and and a trusted party (Key Generator Center), which has shared symmetric keys with users ( and respectively).
- sends a plaintext information about the requested connection to the trusted party: his ID, 's ID and a random number :
- generates a session key and forms a package for , which contains the random , generated by , 's IS, session key and a package for : a session key and 's ID, encrypted with . KDC encrypt the whole package with a key, shared between him and and sends it to :
- decrypts the package and checks and 's ID. This makes impossible for malefactor to spoof or impersonate , by changing the recepient ID in 's first message. Then resends to his part of the package:
- Having decrypted the message, discovers the session key and interlocutor's ID. After that the checking happens: generates a random and sends it, encrypted with a session key, to :
- decrypts a message and sends to the confirmation of the successful session establishment: , decreased by 1 and encrypted with the session key:
This protocol version uses asymmetric cryptography, which means that shared secrets between users and a trusted third party are not needed. It allows users to discover each others's public keys and perform a mutual authentication of each other and the third party.
Two users participate the process: and also a trusted key generator center: . All of them have public/private key pairs: respectively. knows public keys of the users and users know 's public key.
- sends a request for establishing a secure messaging channel with :
- sends to a message with 's public key and 's ID, signed with his digital signature (encrypted with a secret key):
- verifies (by decrypting the message with 's public key) and gets public key. After that forms a package for : 's ID and a random number , encrypts it with 's public key and sends to :
- decrypts the package and finds out 's desire to start communication. Then makes a similar request for 's public key:
- sends to a signed 's public key:
- Now all the participants know public keys of each other. They need to authenticate and make sure that the connection is set up correctly. generates a random number and sends it and , he got earlier, to in encrypted form:
- decrypts 's package and checks . If everything is all right, encrypts with 's public key and sends back to :
В. Мао Современная криптография: теория и практика. — "Вильямс", 2005. — С.76-84 — ISBN 5-8459-0847-7
Roger M. Needham, Michael D. Schroeder Using encryption for authentication in large networks of computers. — Commun. ACM. — New York, NY, USA: ACM, 1978. — Vol. 21, fasc. 12. — P. 993—999.
Bruce Schneier Applied Cryptography. — Wiley, 1996. — pp. 47 et seq. — ISBN 978-0-471-11709-4.