Woo–Lam

In cryptography, Woo–Lam refers to various computer network authentication protocols designed by Simon S. Lam and Thomas Woo.^[1]^[2] The protocols enable two communicating parties to authenticate each other's identity and to exchange session keys, and involve the use of a trusted key distribution center (KDC) to negotiate between the parties. Both symmetric-key and public-key variants have been described. However, the protocols suffer from various security flaws, and in part have been described as being inefficient compared to alternative authentication protocols.^[3]

Public-key protocol[edit]

Notation[edit]

The following notation is used to describe the algorithm:

A,B

- network nodes.

KU_{x}

- public key of node

x

.

KR_{x}

- private key of

x

.

N_{x}

- nonce chosen by

x

.

ID_{x}

- unique identifier of

x

.

E_{k}

- public-key encryption using key

k

.

S_{k}

- digital signature using key

k

.

K

- random session key chosen by the KDC.

||

- concatenation.

It is assumed that all parties know the KDC's public key.

Message exchange[edit]

1)A\rightarrow KDC:ID_{A}||ID_{B}

2)KDC\rightarrow A:S_{KR_{KDC}}[ID_{B}||KU_{B}]

3)A\rightarrow B:E_{KU_{B}}[N_{A}||ID_{A}]

4)B\rightarrow KDC:ID_{B}||ID_{A}||E_{KU_{KDC}}[N_{A}]

5)KDC\rightarrow B:S_{KR_{KDC}}[ID_{A}||KU_{A}]||E_{KU_{B}}[S_{KR_{KDC}}[N_{A}||K||ID_{B}||ID_{A}]]

6)B\rightarrow A:E_{KU_{A}}[S_{KR_{KDC}}[N_{A}||K]||N_{B}]

7)A\rightarrow B:E_{K}[N_{B}]

The original version of the protocol^[4] had the identifier $ID_{A}$ omitted from lines 5 and 6, which did not account for the fact that $N_{A}$ is unique only among nonces generated by A and not by other parties. The protocol was revised after the authors themselves spotted a flaw in the algorithm.^[1]^[3]

References[edit]

^ ^a ^b T.Y.C. Woo; S.S. Lam (March 1992). "Authentication Revisited". Computer. 25 (3): 10. doi:10.1109/2.121502.
^ Colin Boyd; Anish Mathuria (2003). Protocols for authentication and key establishment. Springer. p. 78 and 99. ISBN 978-3-540-43107-7.
^ ^a ^b Stallings, William (2005). Cryptography and Network Security Principles and Practices, Fourth Edition. Prentice Hall. p. 387. ISBN 978-0-13-187316-2.
^ Thomas Y.C. Woo; Simon S. Lam (January 1992). "Authentication for Distributed Systems". Computer. 25 (1): 39–52. CiteSeerX 10.1.1.38.9374. doi:10.1109/2.108052.

This cryptography-related article is a stub. You can help Wikipedia by expanding it.

[woo-lam-2-1] T.Y.C. Woo; S.S. Lam (March 1992). "Authentication Revisited". Computer. 25 (3): 10. doi:10.1109/2.121502.

[boyd-mathuria-2] Colin Boyd; Anish Mathuria (2003). Protocols for authentication and key establishment. Springer. p. 78 and 99. ISBN 978-3-540-43107-7.

[stallings-3] Stallings, William (2005). Cryptography and Network Security Principles and Practices, Fourth Edition. Prentice Hall. p. 387. ISBN 978-0-13-187316-2.

[woo-lam-1-4] Thomas Y.C. Woo; Simon S. Lam (January 1992). "Authentication for Distributed Systems". Computer. 25 (1): 39–52. CiteSeerX 10.1.1.38.9374. doi:10.1109/2.108052.

[1]

[2]

[3]

[4]

v t e Authentication
Authentication APIs	BSD Authentication (BSD Auth) eAuthentication (eAuth) Generic Security Services API (GSSAPI) Java Authentication and Authorization Service (JAAS) Pluggable Authentication Modules (PAM) Simple Authentication and Security Layer (SASL) Security Support Provider Interface (SSPI) XCert Universal Database API (XUDA)
Authentication protocols	ACF2 Authentication and Key Agreement (AKA) CAVE-based authentication Challenge-Handshake Authentication Protocol (CHAP) MS-CHAP Central Authentication Service (CAS) CRAM-MD5 Diameter Extensible Authentication Protocol (EAP) Host Identity Protocol (HIP) IndieAuth Kerberos LAN Manager NT LAN Manager (NTLM) OAuth OpenID OpenID Connect (OIDC) Password-authenticated key agreement protocols Password Authentication Protocol (PAP) Protected Extensible Authentication Protocol (PEAP) Remote Access Dial In User Service (RADIUS) Resource Access Control Facility (RACF) Secure Remote Password protocol (SRP) TACACS Woo–Lam
Category Commons

Public-key protocol[edit]

Notation[edit]

Message exchange[edit]

See also[edit]

References[edit]