Chapter 11. Security Handshake Pitfalls
and you’ll have to read on to find secure ways of continuing...
Security in communications almost always includes an initial authentication handshake, and sometimes, in addition, integrity protection and/or encryption of the data. Let’s assume Alice and Bob wish to communicate. In order to communicate, they need to know some information about themselves and about the other party. Some of this information is secret. Some usually isn’t, such as the names Alice and Bob.
In §9.3 Cryptographic Authentication Protocols we described some example security handshakes. Although they may seem straightforward, minor variants of secure protocols can have security holes. As a matter ...