Authentication Protocols
An important application area is that of mutual authentication protocols. Such protocols enable communicating parties to satisfy themselves mutually about each other`s identity and to exchange session keys.
Central to the problem of authenticated key exchange are two issues confidentiality and timeliness. To prevent masquerade and to prevent comprise of session keys, essential identification and session key information must be communicated in encrypted form. This requires the prior existence of secret or public keys that can be used for this purpose. The second issue, timeliness is important because of the threat of message replays. Such replays, at worst, could allow an opponent to compromise a session key or successfully impersonate another party. At minimum, a successful replay can disrupt operations by presenting with messages that appear genuine but are not.
These are some of the examples of replay attacks. Simple relay:-The opponent simply copies a message and replays it later. Repetition that cannot be detected, this situation could arise because the original message could have been suppressed and thus did not arrive at its destination but a reply message can arrive. Repetition replay without modification, this is a reply back to the message sender. This attack is possible if symmetric encryption is used and the sender cannot easily recognize the difference between messages sent and messages received on the basis of content.
One approach to coping with replay attacks is to attach a sequence number to each message used in an authentication exchange. A new message is accepted only if its sequence number is in the proper order. The difficulty with this approach is that it requires each party to keep track of the last sequence number for each claimant it has dealt with. Because of this overhead, sequence numbers are generally not used for authentication and key exchange. Instead, one of the following two general approaches are Time stamps and Challenge/response and their, examples, Party A accepts a message as fresh only if the message contains a time stamp that, in A`s judgment, is close enough A`s acknowledge of current time. This approach requires that clocks among the various participants be synchronized.
Party a, expecting a fresh message from B, first sends B a nonce and requires that the subsequent message received from B contain the correct nonce value.
Quick Note: Taking the Nonsense out of looking for the right spyware remover
If you really want to take the work out of looking for that right Spyware Protection from a Spybot go to the Internet and get a Free Spybot or a Free Spybot Search and Destroy
Download, In order to prevent your vital information from being ripped from your computer get your Spybot Remover Today.
Time stamp approach should not be used for connection-oriented applications because of the inherent difficulties with this time stamp technique
You really want to take the work out of looking for Protection from a lurking theif then you should get your free Spybot to protect you. Go to the Internet and get The New Spybot Search And Destroy Download or just Spybot
to prevent your vital information from being taken from you and given to someone who will steal your money or something else that you treasure so dearly.
Article Source: ArticlesBase.com - Authentication Protocols