Wide Mouth Frog protocol

The Wide-Mouth Frog protocol[1] is a computer network authentication protocol designed for use on insecure networks (the Internet for example). It allows individuals communicating over a network to prove their identity to each other while also preventing eavesdropping or replay attacks, and provides for detection of modification and the prevention of unauthorized reading. This can be proven using BAN logic.

The protocol was first described under the name "The Wide-mouthed-frog Protocol" in the paper "A Logic of Authentication" (1990), which introduced Burrows–Abadi–Needham logic, and in which it was an "unpublished protocol ... proposed by" coauthor Michael Burrows.[2] The paper gives no rationale for the protocol's whimsical name.

The protocol can be specified as follows in security protocol notation:[1][2][3]

A \rightarrow S: A,\{T_A, B, K_{AB}\}_{K_{AS}}
S \rightarrow B: \{T_S, A, K_{AB}\}_{K_{BS}}

Note that to prevent active attacks, some form of authenticated encryption (or message authentication) must be used.

The protocol has several problems:

See also

References

  1. 1 2 Schneier, Bruce (1996). Applied Cryptography, 2e. Wiley. pp. 56 et seq. ISBN 978-0-471-11709-4.
  2. 1 2 Burrows, Abadi, and Needham. "A Logic of Authentication". ACM Transactions on Computer Systems 8 (1990), pp. 1836.
  3. Wide Mouthed Frog, Security Protocols Open Repository
This article is issued from Wikipedia - version of the Tuesday, April 19, 2016. The text is available under the Creative Commons Attribution/Share Alike but additional terms may apply for the media files.