Neuman–Stubblebine protocol

The Neuman–Stubblebine protocol is a computer network authentication protocol designed for use on insecure networks (e.g., the Internet). It allows individuals communicating over such a network to prove their identity to each other. This protocol utilizes time stamps, but does not depend on synchronized clocks.

The protocol

If Alice (A) initiates the communication to Bob (B) with S is a server trusted by both parties, the protocol can be specified as follows using security protocol notation:

A \rightarrow B: A, N_A

Alice notified Bob of intent to initiate secure communication.

B \rightarrow S: B, N_B, \{A, N_A, T_B\}_{K_{BS}}

Bob generates a times stamp and a nonce, and sends this to the trusted Server.

S \rightarrow A: \{B, N_A, K_{AB}, T_B\}_{K_{AS}}, \{A, K_{AB}, T_B\}_{K_{BS}}, N_B

The trusted Server generates a session key and a message for Alice to forward to Bob.
A \rightarrow B: \{A, K_{AB}, T_B\}_{K_{BS}}, \{N_B\}_{K_{AB}}

Alice forwards the message and verifies N_A is the same that she generated earlier. Bob will verify T_B and N_B have not changed when he receives the message.

Subsequent communications

An advantage provided by this protocol is that Alice can utilize the trusted Server's message to initiate authentication with Bob within some predetermined time limit without utilizing the trusted Server. The protocol proceeds as follows using the same definitions as above.

A \rightarrow B: \{A, K_{AB}, T_B\}_{K_{BS}}, N'_A

Alice sends the message the trusted Server sent her previously when communication with Bob.

B \rightarrow A: N'_B, \{N'_A\}_{K_{AB}}

Bob sends Alice a new nonce and her new nonce encrypted with session key that Alice resent from previous communication.

A \rightarrow B: \{N'_B\}_{K_{AB}}

Alice returns Bob's nonce encrypted with the session key to allow him to verify the communication is successful.

Attack

Using the theorem prover SPASS it has been shown that this protocol can be attacked.[1] This attack and two more from [2] are outlined in .

See also

References

Schneier, Bruce (1996), Applied Cryptography, John Wiley & Sons, pp. 60–62, ISBN 0-471-12845-7 

  1. Weidenbach, Christoph (1999), Towards an Automatic Analysis of Security Protocols in First-Order Logic, Saarbrücken, Germany
  2. Hwang, Tzonelih; Lee, Narn-Yih; Li, Chuan-Ming; Ko, Ming-Yung; Chen, Yung-Hsiang (1994), "Two attacks on Neuman-Stubblebine authentication protocols", Information Processing Letters (Tainan, Taiwan) 53 (2): 103–107, doi:10.1016/0020-0190(95)00177-E
This article is issued from Wikipedia - version of the Tuesday, September 17, 2013. The text is available under the Creative Commons Attribution/Share Alike but additional terms may apply for the media files.