Chapter 9 Simple Authentication protocol

Authentication protocols: 
bulletPasswords can not go in the clear.  The password needs hashing
bulletA replay should not be possible Use "number once"

Authentication using symmetric keys:

bulletInstead of hashing, symmetric keys are used

Authentication using public keys:

bulletWhat ever we can do with symmetric keys, we can do with public keys

Session keys: Key for confidentiality or integrity protection or both for the current session.

bulletStill needs authentication

Perfect forward secrecy  PFS:

bulletUsing a session key so that the mutual key can  not be used in the future for Trudy to decrypt a recorded messages.


bulletCan be used in place of a nounce
bulletSaves messages going back and forth, exchaning nonces