Example - Needham-Schroeder

• The Needham- Schroeder symmetric-key protocol [NS78]

  A -> S: A, B, Na
  
  S -> A: {Na, B, Kc, {Kc, A}Kb }Ka
  A -> B: {Kc, A}Kb
  B -> A: {Nb}Kc
  A -> B: {Nb-1}Kc

• A, B are “principals;” S is a trusted key server

• Ka, Kb are secret keys shared with S

• {X, Y}K means: X concatenated with Y, encrypted with K

• Na, Nb are “nonces;” fresh (not used before)

• Kc is a fresh connection key

Previous slide

Next slide

Back to first slide

View graphic version