c*****o
发帖数: 6 | 1 I have a client/server application need to communicate securely. The client
needs to input username/passwd to access the server and the client knows the
public key of the server (Ku). My two-way authentication and secret key
establishment protocol is as follows:
1. The client sends Ku(username||passwd||N1) to the server. N1 is a random
number generated by the client in this session.
2. The server decrypts the message using the private key and verify the
username/passwd by consulting a database. |
c*****a
发帖数: 1577 | 2 What about a replay attack?
N1 seems redundant and insecure here. U may refer to Kerberos for session key
and ticket issueing.
【在 c*****o 的大作中提到】
: I have a client/server application need to communicate securely. The client
: needs to input username/passwd to access the server and the client knows the
: public key of the server (Ku). My two-way authentication and secret key
: establishment protocol is as follows:
: 1. The client sends Ku(username||passwd||N1) to the server. N1 is a random
: number generated by the client in this session.
: 2. The server decrypts the message using the private key and verify the
: username/passwd by consulting a database.
|
c*****o
发帖数: 6 | 3 N1 is against replay attack because it's a random number each time. Also it's
used to authenticate the server since only the server can decrypt the first
package containing N1.
Kerberos is too complex for this simple case, that's why I disign this
protocol.
【在 c*****a 的大作中提到】
: What about a replay attack?
: N1 seems redundant and insecure here. U may refer to Kerberos for session key
: and ticket issueing.
|
