I did read some articles about the protocol but couldn't figure out what would happen. Would the two parties be unable to verify each other? Or would it be something else?
based on the international standard ISO/IEC 9798-2.
Asked
Active
Viewed 251 times
1 Answers
1
The three-pass authentication protocol defined in ISO/IEC 9798-2 at 5.2.2. and it is defined as follows;
- $\text{B}$ generated random $R_B$ and sends to $\text{A}$; $$\text{B}\xrightarrow{R_B\|\text{Text1}}\text{A}$$
- $\text{A}$ generated random $R_A$ and sends to $\text{B}$; $$\text{B} \xleftarrow{\text{TokenAB}\;=\;\text{Text3}\|eK_{AB}(R_A\|R_B\|B\|\text{Text2})} \text{A}$$
- $\text{B}$ generated random $R_A$ and sends to $\text{A}$;
$$\text{B}\xrightarrow{\text{TokenBA}\;=\; \text{Text5}\|eK_{AB}(R_B\|R_A\|\text{Text4})} \text{A}$$
$eK_{AB}$ is the encryption with the $K_{AB}$;
What would happen if the last message in a three-pass authentication protocol was undelivered?
Whoever started the protocol, $\text{A}$ connects to $\text{B}$ by $\text{tokenAB}$.
- If $\text{B}$ started then $\text{B}$ can send back the $\text{tokenBA}$ to $\text{A}$ for the agreement.
- If $\text{B}$ doesn't send back the $\text{tokenBA}$, $\text{A}$ cannot decide it was actually $\text{B}$ or not. Since, anyone can send an $R_B\|\text{Text1}$ to $\text{A}$.
Old answer if the question was the Three-pass protocol of Shamir
It not verification of each other it is just message exchange.
From Wikipedia;
In order for the encryption function and decryption function to be suitable for the three-pass protocol they must have the property that for any message $m$, any encryption key $e$ with corresponding decryption key $d$ and any independent encryption key $k$, $$D(d,E(k,E(e,m))) = E(k,m)$$
i.e.
$$D(d,E(k,E(e,m))) = D(d,E(e,E(k,m))) = E(k,m).$$
If the third, i.e. the last, is not delivered, the messaged won't be decrypted. He will have $E(k,E(e,m)))$ in his hand, but he cannot decrypt this because he doesn't know the key $d$ of the sender.
The receiver can use the Commutativity property to reach $E(e,E(k,m))$ but this won't help,too
kelalaka
- 49,797
- 12
- 123
- 211