This article includes a list of references, related reading or external links, but its sources remain unclear because it lacks inline citations. (June 2013) (Learn how and when to remove this template message)
Yahalom is an authentication and secure key-sharing protocol designed for use on an insecure network such as the Internet. Yahalom uses a trusted arbitrator to distribute a shared key between two people. This protocol can be considered as an improved version of Wide Mouth Frog protocol (with additional protection against man-in-the-middle attack), but less secure than the Needham–Schroeder protocol.
- A and B are identities of Alice and Bob respectively
- is a symmetric key known only to A and S
- is a symmetric key known only to B and S
- and are nonces generated by A and B respectively
- is a symmetric, generated key, which will be the session key of the session between A and B
- Alice sends a message to Bob requesting communication.
- Bob sends a message to the Server encrypted under .
- The Server sends to Alice a message containing the generated session key and a message to be forwarded to Bob.
- Alice forwards the message to Bob and verifies has not changed. Bob will verify has not changed when he receives the message.
- Schneier, Bruce (1996). Applied Cryptography. John Wiley & Sons. pp. 57–58. ISBN 0-471-12845-7.
- M. Burrows, M. Abadi, R. Needham A Logic of Authentication, Research Report 39, Digital Equipment Corp. Systems Research Center, Feb. 1989
- M. Burrows, M. Abadi, R. Needham A Logic of Authentication. ACM Transactions on Computer Systems, v. 8, n. 1, Feb. 1990, pp. 18—36
|This cryptography-related article is a stub. You can help Wikipedia by expanding it.|