11. Security Handshake Pitfalls

Knock Knock!Who's there?Alice.Alice who?

and you'll have to read on to find secure ways of continuing...

Security in communications almost always includes an initial authentication handshake, and sometimes, in addition, integrity protection and/or encryption of the data. Let's assume Alice and Bob wish to communicate. In order to communicate, they need to know some information about themselves and about the other party. Some of this information is secret. Some usually isn't, such as the names Alice and Bob.

In §9.3 Cryptographic Authentication Protocols we described some example security handshakes. Although they may seem straightforward, minor variants of secure protocols can have security holes. As a matter of ...

Get Network Security: Private Communication in a Public World, Second Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.