Woo–Lam

In cryptography, Woo–Lam refers to various computer network authentication protocols designed by Simon S. Lam and Thomas Woo.^[1]^[2] The protocols enable two communicating parties to authenticate each other's identity and to exchange session keys, and involve the use of a trusted key distribution center (KDC) to negotiate between the parties. Both symmetric-key and public-key variants have been described. However, the protocols suffer from various security flaws, and in part have been described as being inefficient compared to alternative authentication protocols.^[3]

Public-key protocol

Notation

The following notation is used to describe the algorithm:

A,B

- network nodes.

KU_x

- public key of node

x

.

KR_x

- private key of

x

.

N_x

- nonce chosen by

x

.

ID_x

- unique identifier of

x

.

E_k

- public-key encryption using key

k

.

S_k

- digital signature using key

k

.

K

- random session key chosen by the KDC.

||

- concatenation.

It is assumed that all parties know the KDC's public key.

Message exchange

1) A \rightarrow KDC : ID_A || ID_B

2) KDC \rightarrow A : S_{KR_{KDC}}[ID_B||KU_B]

3) A \rightarrow B : E_{KU_B}[N_A||ID_A]

4) B \rightarrow KDC: ID_B||ID_A||E_{KU_{KDC}}[N_A]

5) KDC \rightarrow B : S_{KR_{KDC}}[ID_A||KU_A]||E_{KU_B}[S_{KR_{KDC}}[N_A||K||ID_B||ID_A]]

6) B \rightarrow A : E_{KU_A}[S_{KR_{KDC}}[N_A || K ] || N_B]

7) A \rightarrow B : E_{K}[N_B]

The original version of the protocol^[4] had the identifier $ID_A$ omitted from lines 5 and 6, which did not account for the fact that $N_A$ is unique only among nonces generated by A and not by other parties. The protocol was revised after the authors themselves spotted a flaw in the algorithm.^[1]^[3]

References

↑ ^1.0 ^1.1 Lua error in package.lua at line 80: module 'strict' not found.
↑ Lua error in package.lua at line 80: module 'strict' not found.
↑ ^3.0 ^3.1 Lua error in package.lua at line 80: module 'strict' not found.
↑ Lua error in package.lua at line 80: module 'strict' not found.

This cryptography-related article is a stub. You can help Wikipedia by expanding it.

[woo-lam-2-1] 1.0 ^1.1 Lua error in package.lua at line 80: module 'strict' not found.

[boyd-mathuria-2] Lua error in package.lua at line 80: module 'strict' not found.

[stallings-3] 3.0 ^3.1 Lua error in package.lua at line 80: module 'strict' not found.

[woo-lam-1-4] Lua error in package.lua at line 80: module 'strict' not found.

[1]

[2]

[3]

[4]

Woo–Lam

Contents

Public-key protocol

Notation

Message exchange

See also

References

Navigation menu

Personal tools

Namespaces

Variants

Views

More

Search

Navigation

Tools