Chapter 9
Simple Authentication Protocols
“I quite agree with you,” said the Duchess; “and the moral of that is—‘Be what you would seem to be’—or,if you’d like it put more simply—‘Never imagine yourself not to beotherwise than what it might appear to others that what you wereor might have been was not otherwise than what youhad been would have appeared to them to be otherwise.’”
—Lewis Carroll, Alice in Wonderland
Seek simplicity, and distrust it.
—Alfred North Whitehead
9.1 Introduction
Protocols are the rules that are followed in some particular interaction. For example, there is a protocol that you follow if you want to ask a question in class, and it goes something like this:
1. You raise your hand.
2. The teacher calls on you.
3. You ask your question.
4. The teacher says, “I don’t know.”1
There are a vast number of human protocols, some of which can be very intricate, with numerous special cases to consider.
In the context of networking, protocols are the rules followed in networked communication systems. Examples of formal networking protocols include HTTP, FTP, TCP, UDP, PPP, and there are many, many more. In fact, the study of networks is largely the study of networking protocols.
Security protocols are the communication rules followed in security applications. In Chapter 10 we’ll look closely at several real-world security protocols including SSH, SSL, IPSec, WEP, and Kerberos. In this chapter, we’ll consider simplified authentication protocols so that we can better ...
