[manual index][section index]

NAME

auth - authentication using station-to-station protocol

DESCRIPTION

The following protocol, based on the Station-to-Station protocol, is used for mutual authentication of two parties, each possessing a certificate from the same certifying authority (CA).

In the description below:


alpha
is a Diffie-Hellman base used system wide
p
is a Diffie-Hellman modulus used system wide
Rx
is a random number of the same order as p.
PKx
the public key of x
SKx
the private key of x
CERTx
the public key of x signed by the certifying authority
sign(x)
represents x signed with n's private key

In the following, the parties are labelled 0 and 1.

Each sends its public key and certificate to the other together with a computation alpha**r0 mod p (alpha**r1 mod p) based on the Diffie-Hellman parameters contained in the certificate:

0 -> 1  alpha**r0 mod p, CERTu0, PKu0
1 -> 0  alpha**r1 mod p, CERTu1, PKu1

Each can now use the CA's public key and the certificate received to check that each has the other's public key.

Finally, each user signs values known to both that each can then verify:

0 -> 1  sig0(alpha**r0 mod p, alpha**r1 mod p)
1 -> 0  sig1(alpha**r0 mod p, alpha**r1 mod p)

At this point 0 and 1 can calculate the shared secret alpha**(r0*r1), and can use it to encrypt later communications.

SEE ALSO

keyring-auth(2), keytext(6), login(6)

AUTH(6 ) Rev:  Thu Feb 15 14:43:48 GMT 2007