Title :
What do we mean by entity authentication?
Author :
Gollmann, Dieter
Author_Institution :
Dept. of Comput. Sci., London Univ., Egham, UK
Abstract :
The design of authentication protocols has proven to be surprisingly error-prone. We suggest that this is partly due to a language problem. The objectives of entity authentication are usually given in terms of human encounters while we actually implement message passing protocols. We propose various translations of the high-level objectives into a language appropriate for communication protocols. In addition, protocols are often specified at too low a level of abstraction. We argue that encryption should not be used as a general primitive as it does not capture the specific purpose for using a cryptographic function in a particular protocol
Keywords :
cryptography; formal specification; message authentication; message passing; protocols; authentication protocol design; communication protocols; cryptographic function; encryption; entity authentication; high-level objectives; message passing protocols; protocol specification abstraction level; Authentication; Computer errors; Computer science; Cryptographic protocols; Guidelines; IEC standards; ISO standards; Logic; Message passing; Public key cryptography;
Conference_Titel :
Security and Privacy, 1996. Proceedings., 1996 IEEE Symposium on
Conference_Location :
Oakland, CA
Print_ISBN :
0-8186-7417-2
DOI :
10.1109/SECPRI.1996.502668
