Navigation
  • Home
  • Recent
  • Most Active
  • Popular
  • Blog
  • Credits
  • RSS
    		•
      Interaction
  • Register
  • Statistics
    		•
      Help
  • Suggestions
  • Contact Us
  • How to Edit
  • Help
    		•



    [Edit]


    The Otway-Rees protocol is a computer network authentication protocol designed for use on insecure networks (eg. the Internet). It allows individuals communicating over such a network to prove their identity to each other while also preventing eavesdropping or replay attacks and allowing for the detection of modification.
    The protocol can be specified as follows in security protocol notation, where Alice is authenticating herself to Bob using a server S:

    1. A
    ightarrow B: M,A,B,_

    2. B
    ightarrow S: M,A,B,_,_

    3. S
    ightarrow B: M,_,_

    4. B
    ightarrow A: M,_

    One problem with this protocol is that a malicious intruder can arrange for A and B to end up with different keys. Here is how. After A and B execute the first three messages, B has received the key K_. The intruder then intercepts the fourth message. S/he resends message 2, which results in S generating a new key K'_, subsequently sent to B. The intruder intercepts this message too, but sends to A the part of it that B would have sent to A. So now A has finally received the expected fourth message, but with K'_ instead of K_.

    Another problem is that although the server tells B that A used a nonce, B doesn't know if this was a replay of an old message.

        Otway-Rees protocol
            See also

    top

    See also





     
    Search more:
     

       
    Source Privacy License Download Contact Us Atlas
    Scientus.org Dictionary (Yet Another Wiki) RC : 1.39
    This article is licensed under the GNU Free Documentation License [copyleft]. It uses material from the Wikipedia article "Otway-Rees protocol". link