2. ARCHITECHTURE
• Client – Server System
Server
Client A Client BMutual Authentication
Shared Key generation
3. USER REGISTRATION AND CLIENT-SERVER AUTHENTICATION
PROTOCOL
ASSUMPTIONS
• Server holds the public key of all the Clients along with its own public key and shard key is
generated to be used with respective clients.
• Server has a list of Registered Usernames and Passwords.
• Client is aware of server’s registration connection port and ip.
• Client sends the user name and challenge in its first contact with the server as an argument.
4. USER REGISTRATION AND CLIENT-SERVER AUTHENTICATION
PROTOCOL
1. Sending timestamps along with user name and
passwords.
2. Server replies with a ‘Hello’ along with a T2
encrypted with public key of the client.
3. Key Establishment and Authentication happens in
a Diffie Hellman Exchange.
4. Password Hashes and User list is forwarded from
the server to the client along with message
integrity and authentication.
(u_name, pwd) : T1
{ga, T2+1}S, {N1}S
{gs(+) (N1+1)}A
Hello, {T2}A
{R1}gas
{R1+1}gas, {R2}gas
{R2 – 1}gas
A S
g,p,a,kS s,g,p, KA
[Pwd, N] gas, [H(pwd)] gas
[H(u_list)] gas, [u_list] gas
5. Specifications
• Size of R1 = 8 bytes.
• Restrict the user name and password to 8 bytes in length.
• Asymmetric Encryption is used for solving challenges.
• SHA-256 is used for message integrity.
6. MUTUAL AUTHENTICATION AND KEY ESTABILSHMENT PROTOCOL
Assumptions
• Server holds the public key of all the Clients along with its own public key and shared key with each
of its clients.
• Usage of NONCE assuming each NONCE is difficult to replicate by any outsider.
• Authentication and Key Establishment occurs between active clients only.
• Diffie Hellman Keys are dropped once a session is complete between any two clients.
7. MUTUAL AUTHENTICATION AND KEY ESTABILSHMENT PROTOCOL
u_name, T1
{ga, T2+1}S, {N1}S
{gS(+) (N1+1)}A
Hello, {T2}A
{R1}gas
{R1+1}gas, {R2}gas
{R2 – 1}gas
A S
g,p,a,kS s,g,p, KA
8. Specifications
• Size of N1 = 8 bytes.
• Restrict the user name and password to 8 bytes in length.
• ‘a’ -> private key for Diffie Hellman Exchange.
• ‘g’ -> function to calculate shared key
• ‘p’ -> Large Prime Number used in Diffie Hellman Exchange.
• Asymmetric Encryption is used for solving challenges.
• SHA-256 is used for message integrity.