O'Reilly logo

Computer Security and Cryptography by Alan G. Konheim

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

16.7 THE NEEDHAM–SCHROEDER KEY DISTRIBUTION PROTOCOL [NEEDHAM AND SCHROEDER, 1998]

This paper describes a protocol for a key server to generate and deliver a session key to the pair of users User_ID[A] and User_ID[B]. Two user-authentication issues arise when a common session key is used in a session User_ID[A] ↔ User_ID[B].

    A1. Is User_ID[A] really communicating with User_ID[B]?
    A2. Is User_IDB really communicating with User_ID[A]?

This paper considers two protocols: the first for users enciphering with a symmetric key cryptosystem, the second for users enciphering with a public key cryptosystem (PKC).

16.7.1 Needham–Schroeder Using a Symmetric Key Cryptosystem

The key server is assumed to securely store

  • The (secret) key K(ID[A]) of User_ID[A] with identifier ID[A], and
  • The (secret) key K(ID[B]) of User_ID[B] with identifier ID[B].

It is assumed that

  • Only the key server and a user have knowledge of the user's secret key, and
  • It is not feasible to decipher messages without the key.

16.7.2 The Key Server Generates and Delivers a Session Key KS for a User_ID[A] ↔ User_ID[B] Session

The key exchange process is composed of the following steps:

1a.   User_ID[A] contacts the key server and requests a session key KS be generated for a User_ID[A] ↔ User_ID[B] session (Fig. 16.8). The message REQ = (ID[A], ID[B], NimageA) is transmitted in the clear to the key server by User_ID[A] ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required