Chapter 11. Security Handshake Pitfalls

Knock Knock!

Who’s there?

Alice.

Alice who?

and you’ll have to read on to find secure ways of continuing...

Security in communications almost always includes an initial authentication handshake, and sometimes, in addition, integrity protection and/or encryption of the data. Let’s assume Alice and Bob wish to communicate. In order to communicate, they need to know some information about themselves and about the other party. Some of this information is secret. Some usually isn’t, such as the names Alice and Bob.

In §9.3 Cryptographic Authentication Protocols we described some example security handshakes. Although they may seem straightforward, minor variants of secure protocols can have security holes. As a matter ...

Get Network Security: Private Communication in a Public World, Second Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.