AAA and Network Security for Mobile Access: Radius, Diameter, EAP, PKI and IP Mobility by Mahsa Nakhjiri, Madjid Nakhjiri

1.1. Authentication Concepts

According to the dictionary, the word "authentic" refers to something that is not false, or a fake imitation, but is worthy of acceptance as a truth or a fact. From the times of early civilizations, where people have run 26 miles only to deliver a message and then fall over and die, to today, when information can travel across the globe in fractions of a minute with a mouse click, proof of authenticity is the first thing the receiver of a message checks.

Authentication consists of two acts: first, the act of providing proof of authenticity for the information that is being delivered or stored, and second, the act of verifying the proof of authenticity for the information that is being received or retrieved. In the early ages, an emperor would use his personal seal on his letters to provide assurance for the authenticity of the letter. The letter could then be carried by any messenger, whose identity was not important. The local lord would recognize the emperor seal and trust authenticity of the letter. He would break the seal, read the letter, start an attack or collect taxes accordingly. In the days of digital information delivery, delivering proof of authenticity is equally important but poses its own challenges, as we will see.

The message delivery example above presents one type of authentication problem where authenticity of the information is important, while the identity of the messenger is not. However, in most of the cases, the identity of ...