.
AKEP 2
- MAC ( , ).
1) rai.
2) , rbi . - K, Hk (rbi, rai, A, B)= hk. { rbi, rai, A, B } .
3) { rbi, rai, A, B }, hk Hk (rbi, rai, A, B) hk = hk rbi = rbi, .
4) Hk (rbi)= hbk, K2 hbk .
SKID
- MAC , , K. :
1) r a ( SKID-2 64- ) .
2) rb ( SKID-2 64- ), K : Hk (rb, ra, B)= hbk, ID , : hbk, rb
3) Hk (rb, ra, B)= hbk hbk, . , hbk = hbk , .
SKID3 . (1) - (3) SKID2 SKID3 , , :
1) , Hk (rb, A)= hak hak, , ID .
2) Hk (rb, A)= hak , . hak = hak , .
Hk, K, -, SKID. , . .
" ".
. , , .
|
|
(, , -). , , , , , . , , , .
. , , , .
, , .
Wide-Mouth Frog
Wide-Mouth Frog [M. Burrows, M. Abadi, R. Nidham A Logic Autentification, M. Burrows, M. Abadi, R. Nidham Rejoiner to Nessett], . , , , . :
, , , .
. , , . .
, , , . , .
Wide-Mouth Frog
- MAC ( , ).
1) ki, t ai, Ka, Ea (ki, B, Ka,t ai)= c ai.
:
1) Ea.
2) c ai, Ka, Da (c ai)= { ki, B, t ai } Kb, t si, Eb (ki, B, Kb,t si)= c bi .
. , . , .
|
|
.
Yahalom
[M. Burrows, M. Abadi, R. Nidham A Logic Autentification, M. Burrows, M. Abadi, R. Nidham Rejoiner to Nessett]. , , .
:
, . , , , , . , , . , . . , , (1). . , . , . , , .
1) r ai , { B, r ai }.
2) r bi Eb (A, B, Kb, r bi, r ai)= c bi c bi .
3) k i :
1. Eb (ki, A, Kb)= c s1i
2. Ea (ki, B, Ka, r bi, r ai)= c s2i
1) { cs2i , c s1 i } A.
2) c s2 i, Da (Ka, c s2 i)={ ki, B,Ka, r b i, r a i } r a i = r a, k i, Ek (ki, r b i)= c abi { cabi, c s1 i }.
3) c s1 i, Db (c s1 i)={ ki, A } ki cabi, Dk (c abi)= r b i r b i =r b i.
. .
, . , .
.
Needham-Schroeder
, [R. M. Needham, M. D. Schroeder Using Encryption of Autentifications in Large Networks of Computers], .
, , . , , . , , . , . . , , 1. , . . , . . r B-1 . . r B-1.
|
|
1) { A,B, r a } .
2) k i, k b Ek (kb , ki, A)= c bi { r a,B, ki,, c bi }. ka Ek (kb, r a,B, ki, c bi)= c ai.
3) c ai Dk (c ai)={ r a,B, ki, c bi } r a =r a. c bi.
4) c bi k b Dk (c bi)={ ki, A }. r b ki, Ek (ki, r b)= c b2 i .
5) Dk (c b2 i)= { ki, r b }, (r b -1) ki, Ek (r b -1)= c b3 i, c b3 i .
6) c b3 i, Ek (c b3 i)= (r b -1) r b -1.
, . , , . (2) . .
.
Otway-Rees
[D. Otway O. Rees Efficient and Timely Manual Autentification], :
, I, , . , . :
{I, A, B Ek(kat, RA, I, A, B)}
, , , . , .
, , : {I, A, B, Ek(kat, RA, I, A, B), Ek(kab, RB, I, A, B)}
ki,. . , , , . , , , . : {I, Ek(kat, RA, ki), EB(kbt,RB, ki)}
, , : {I, Ek(kab, ki, RA)}.
, . , .
|
|
:
1) Ek(kat, RA, I, A, B)= c ai.
2) Ek(kbt, RB, I, A, B) =c bi
3) .
:
1) {I, A, B, c ai } .
2) c bi {I, A, B, c bi } .
3) , Dk(kat, c ai) = {RA, I, A, B}, Dk(kbt, c bi) = {RB, I, A, B}, Ek(kbt, RB, ki) =s bi, Ek(kat, RA, ki) =s ai {s ai,I}, {s bi,I} .
4) , Dk(s bi) ={RB, ki }, RB RB = RB {s ai,I}, .
5) {s ai,I}, Dk(s ai) ={RA, ki }, R = R.
, , .
Neuman-Stubblebine
, Yahalom, [A. Kehne, J.Schonwalder, H. Langendofer A Nonce-Based Protocol for Multiple Autentifications ] [B.C. Ncuman S. Stubblebine A Note on the Use Timestamps as Nonces].
, . , , , . , . . , , , , . , , ,
. . , , , , (1). . , . - , . , , , (2).
1) RA RA .
2) ti, RB, Ek(kbt, RA, ti )= c bi . { c bi, B,RB }, .
3) , ki, Ek(kat, A, ki, ti )= c b2 i, Ek(kbt, B, ki,, RA, ti )= c a2 i. { c a2 i, c b2 i,B} .
4) Dk(kat, c a2 i )= { B, RA, ti ki }, ki, RA = RA. Ek(ki, ti,RB)= c a3 i. { c a3 i, c b2 i }
5) { c a3 i, c b2 i }, Dk(c b2 i )= { A, ki, RA, ti } ki, Dk(c a3 i ) = { tia,RB } RB = RB.
, . , , , .