20:
793:
for Alice to forward to Bob and also a copy for Alice. Since Alice may be requesting keys for several different people, the nonce assures Alice that the message is fresh and that the server is replying to that particular message and the inclusion of Bob's name tells Alice who she is to share this key
1544:
1393:
725:
5246:
1283:
5159:
4049:
3922:
2981:
590:
2900:
2491:
867:
3778:
3600:
2638:
1041:
4294:
4160:
3180:
1751:
935:
2760:
2347:
1676:
1155:
1206:
1586:
969:
791:
759:
477:
304:
231:
3704:
3284:
3112:
2542:
2254:
2224:
2194:
2134:
2102:
2049:
2017:
1943:
1911:
1783:
1094:
4466:
4439:
4344:
3970:
3648:
3388:
3359:
3228:
3080:
3031:
2686:
1615:
399:
372:
1878:
1852:
1826:
110:
4204:
5271:
5251:
and the intruder cannot successfully replay the message because A is expecting a message containing the identity of I whereas the message will have identity of
5063:
5041:
5021:
4999:
4977:
4957:
4937:
4917:
4895:
4873:
4851:
4829:
4809:
4789:
4769:
4749:
4727:
4705:
4685:
4665:
4645:
4625:
4605:
4583:
4559:
4535:
4508:
4486:
4412:
4392:
4366:
4315:
4226:
4181:
4092:
4070:
3943:
3843:
3821:
3799:
3670:
3621:
3529:
3504:
3482:
3462:
3442:
3422:
3332:
3312:
3250:
3201:
3053:
3002:
2823:
2801:
2781:
2708:
2659:
2564:
2512:
2414:
2390:
2368:
2294:
2274:
2158:
2071:
1985:
1965:
521:
501:
443:
423:
344:
324:
271:
251:
197:
177:
154:
132:
1404:
601:
1294:
1045:
Alice performs a simple operation on the nonce, re-encrypts it and sends it back verifying that she is still alive and that she holds the key.
5582:
5170:
5089:
3979:
3852:
2911:
5587:
536:
2834:
2425:
1217:
801:
5577:
3715:
3537:
2575:
978:
4237:
4103:
3123:
878:
1397:
Alice sends a message to the server identifying herself and Bob, telling the server she wants to communicate with Bob.
871:
Alice forwards the key to Bob who can decrypt it with the key he shares with the server, thus authenticating the data.
594:
Alice sends a message to the server identifying herself and Bob, telling the server she wants to communicate with Bob.
5567:
2719:
2306:
5572:
1681:
5309:
5304:
5076:
1554:
The protocol then continues as described through the final three steps as described in the original protocol
5083:. The fix involves the modification of message six to include the responder's identity, that is we replace:
5471:
1622:
1101:
4959:
without knowing the content. A decrypts the message with her private key and respond with the nonce of
527:
19:
1179:
31:
is one of the two key transport protocols intended for use over an insecure network, both proposed by
1173:. It can also be fixed with the use of nonces as described below. At the beginning of the protocol:
5488:
5347:
5299:
3401:
5289:
1796:
67:
48:
5551:
5483:
5342:
942:
764:
732:
450:
277:
204:
3679:
3259:
3087:
2517:
2229:
2199:
2169:
2109:
2077:
2024:
1992:
1918:
1886:
1758:
1561:
1069:
4444:
4417:
4322:
3948:
3626:
3366:
3337:
3206:
3058:
3009:
2664:
1593:
377:
350:
8:
5284:
1857:
1831:
1805:
402:
89:
52:
4186:
5452:
5404:
5378:
5360:
5294:
5256:
5048:
5026:
5006:
4984:
4962:
4942:
4922:
4902:
4880:
4858:
4836:
4814:
4794:
4774:
4754:
4734:
4712:
4690:
4670:
4650:
4630:
4610:
4590:
4568:
4544:
4520:
4493:
4471:
4397:
4377:
4351:
4300:
4211:
4166:
4077:
4055:
3928:
3828:
3806:
3784:
3655:
3606:
3514:
3489:
3467:
3447:
3427:
3407:
3317:
3297:
3235:
3186:
3038:
2987:
2808:
2786:
2766:
2693:
2644:
2549:
2497:
2399:
2375:
2353:
2279:
2259:
2143:
2056:
1970:
1950:
1539:{\displaystyle S\rightarrow A:\{N_{A},K_{AB},B,\{K_{AB},A,N_{B}'\}_{K_{BS}}\}_{K_{AS}}}
1061:
506:
486:
428:
408:
329:
309:
256:
236:
182:
162:
139:
117:
5497:
5426:
2163:
1619:. The inclusion of this new nonce prevents the replaying of a compromised version of
1166:
74:
between two parties communicating on a network, but in its proposed form is insecure.
36:
5456:
5493:
5442:
5408:
5394:
5364:
5352:
5330:
5540:
1947:, respectively public and private halves of an encryption key-pair belonging to
720:{\displaystyle S\rightarrow A:\{N_{A},K_{AB},B,\{K_{AB},A\}_{K_{BS}}\}_{K_{AS}}}
5023:
decrypts the message using their private key and is now in possession of nonce
71:
5547:
4875:
responds with their own nonce and encrypts the message with the public key of
5561:
5531:
5522:
5422:
5079:. The paper also describes a fixed version of the scheme, referred to as the
1057:
84:
59:
between two parties on a network, typically to protect further communication.
32:
5067:. Therefore, they can now impersonate the bank and the client respectively.
1157:
to Bob, who will accept it, being unable to tell that the key is not fresh.
1388:{\displaystyle A\rightarrow S:\left.A,B,N_{A},\{A,N_{B}'\}_{K_{BS}}\right.}
5399:
5382:
5356:
480:
56:
5447:
5430:
5472:"An attack on the Needham–Schroeder public key authentication protocol"
1170:
5331:"Using encryption for authentication in large networks of computers"
4667:
to encrypt the messages she intends to send to her bank. Therefore,
1287:
Bob responds with a nonce encrypted under his key with the Server.
3444:
to initiate a session with them, they can relay the messages to
1064:
and Sacco). If an attacker uses an older, compromised value for
5529:
5520:
2568:'s identity, signed by the server for authentication purposes.
2749:
2736:
2336:
2323:
1382:
1311:
579:
553:
156:
is a server trusted by both parties. In the communication:
4831:
has no way to know that this message was actually sent by
4751:
decrypts the message using their private key and contacts
5241:{\displaystyle B\rightarrow A:\{N_{A},N_{B},B\}_{K_{PA}}}
5154:{\displaystyle B\rightarrow A:\{N_{A},N_{B}\}_{K_{PA}}}
4044:{\displaystyle I\rightarrow A:\{N_{A},N_{B}\}_{K_{PA}}}
3917:{\displaystyle B\rightarrow I:\{N_{A},N_{B}\}_{K_{PA}}}
2976:{\displaystyle B\rightarrow A:\{N_{A},N_{B}\}_{K_{PA}}}
1753:
which the attacker can't forge since she does not have
5070:
1880:
to distribute public keys on request. These keys are:
5541:"Lowe's fixed version of Needham-Schroder Public Key"
5259:
5173:
5092:
5051:
5029:
5009:
4987:
4965:
4945:
4925:
4905:
4883:
4861:
4839:
4817:
4797:
4777:
4757:
4737:
4715:
4693:
4673:
4653:
4633:
4613:
4593:
4571:
4547:
4523:
4515:
The following example illustrates the attack. Alice (
4496:
4474:
4447:
4420:
4400:
4380:
4354:
4325:
4303:
4240:
4214:
4189:
4169:
4106:
4080:
4058:
3982:
3951:
3931:
3855:
3831:
3809:
3787:
3718:
3682:
3658:
3629:
3609:
3540:
3517:
3492:
3470:
3450:
3430:
3410:
3369:
3340:
3320:
3300:
3262:
3238:
3209:
3189:
3126:
3090:
3061:
3041:
3012:
2990:
2914:
2837:
2811:
2789:
2769:
2722:
2696:
2667:
2647:
2578:
2552:
2520:
2500:
2428:
2402:
2378:
2356:
2309:
2282:
2262:
2232:
2202:
2172:
2146:
2112:
2080:
2059:
2027:
1995:
1973:
1953:
1921:
1889:
1860:
1834:
1808:
1761:
1684:
1625:
1596:
1564:
1407:
1297:
1220:
1182:
1104:
1072:
981:
945:
881:
804:
767:
735:
604:
585:{\displaystyle A\rightarrow S:\left.A,B,N_{A}\right.}
539:
509:
489:
453:
431:
411:
380:
353:
332:
312:
280:
259:
239:
207:
185:
165:
142:
120:
92:
5329:
Needham, Roger; Schroeder, Michael (December 1978).
2895:{\displaystyle S\rightarrow B:\{K_{PA},A\}_{K_{SS}}}
2486:{\displaystyle S\rightarrow A:\{K_{PB},B\}_{K_{SS}}}
1278:{\displaystyle B\rightarrow A:\{A,N_{B}'\}_{K_{BS}}}
862:{\displaystyle A\rightarrow B:\{K_{AB},A\}_{K_{BS}}}
3773:{\displaystyle I\rightarrow B:\{N_{A},A\}_{K_{PB}}}
3595:{\displaystyle A\rightarrow I:\{N_{A},A\}_{K_{PI}}}
2633:{\displaystyle A\rightarrow B:\{N_{A},A\}_{K_{PB}}}
1036:{\displaystyle A\rightarrow B:\{N_{B}-1\}_{K_{AB}}}
5265:
5240:
5153:
5075:The attack was first described in a 1995 paper by
5057:
5035:
5015:
4993:
4971:
4951:
4931:
4911:
4889:
4867:
4845:
4823:
4803:
4783:
4763:
4743:
4721:
4699:
4679:
4659:
4639:
4619:
4599:
4577:
4553:
4529:
4502:
4480:
4460:
4433:
4406:
4386:
4360:
4338:
4309:
4288:
4220:
4198:
4175:
4154:
4086:
4064:
4043:
3964:
3937:
3916:
3837:
3815:
3793:
3772:
3698:
3664:
3642:
3615:
3594:
3531:, which is unchanged, the attack runs as follows:
3523:
3498:
3476:
3456:
3436:
3416:
3382:
3353:
3326:
3306:
3278:
3244:
3222:
3195:
3174:
3106:
3074:
3047:
3025:
2996:
2975:
2894:
2817:
2795:
2775:
2754:
2702:
2680:
2653:
2632:
2558:
2536:
2506:
2485:
2408:
2384:
2362:
2341:
2288:
2268:
2248:
2218:
2188:
2152:
2128:
2096:
2065:
2043:
2011:
1979:
1959:
1937:
1905:
1872:
1846:
1820:
1777:
1745:
1678:since such a message would need to be of the form
1670:
1609:
1580:
1538:
1387:
1277:
1200:
1149:
1088:
1035:
963:
929:
861:
785:
753:
719:
584:
515:
495:
471:
437:
417:
393:
366:
338:
318:
298:
265:
245:
225:
191:
171:
148:
126:
104:
4289:{\displaystyle I\rightarrow B:\{N_{B}\}_{K_{PB}}}
4155:{\displaystyle A\rightarrow I:\{N_{B}\}_{K_{PI}}}
3175:{\displaystyle A\rightarrow B:\{N_{B}\}_{K_{PB}}}
930:{\displaystyle B\rightarrow A:\{N_{B}\}_{K_{AB}}}
479:is a symmetric, generated key, which will be the
5559:
5421:
5328:
5322:
3392:. These nonces are not known to eavesdroppers.
2755:{\displaystyle B\rightarrow S:\left.B,A\right.}
2342:{\displaystyle A\rightarrow S:\left.A,B\right.}
761:and sends back to Alice a copy encrypted under
70:. This protocol is intended to provide mutual
5543:. Laboratoire Spécification et Vérification.
5534:. Laboratoire Spécification et Vérification.
5525:. Laboratoire Spécification et Vérification.
5377:
5219:
5186:
5132:
5105:
4267:
4253:
4133:
4119:
4022:
3995:
3895:
3868:
3751:
3731:
3573:
3553:
3395:
3334:know each other's identities, and know both
3153:
3139:
2954:
2927:
2873:
2850:
2611:
2591:
2464:
2441:
2162:. (Note that this key-pair will be used for
1746:{\displaystyle \{K_{AB},A,N_{B}'\}_{K_{BS}}}
1724:
1685:
1649:
1626:
1517:
1497:
1458:
1420:
1362:
1339:
1256:
1233:
1128:
1105:
1014:
994:
908:
894:
840:
817:
698:
678:
655:
617:
526:The protocol can be specified as follows in
199:are identities of Alice and Bob respectively
55:protocol. This protocol aims to establish a
4919:is not in possession of the private key of
4707:her nonce encrypted with the public key of
1555:
23:Symmetric Needham–Schroeder protocol scheme
5538:
5383:"Timestamps in key distribution protocols"
4607:that they are the bank. As a consequence,
1051:
5530:Roger Needham; Michael Schroeder (1978).
5521:Roger Needham; Michael Schroeder (1978).
5487:
5446:
5398:
5346:
939:Bob sends Alice a nonce encrypted under
45:Needham–Schroeder Symmetric Key Protocol
18:
5548:Explanation of man-in-the-middle attack
5560:
1790:
2783:now knows A wants to communicate, so
1671:{\displaystyle \{K_{AB},A\}_{K_{BS}}}
1150:{\displaystyle \{K_{AB},A\}_{K_{BS}}}
78:
64:Needham–Schroeder Public-Key Protocol
5469:
4414:is communicating with him, and that
1160:
5463:
5435:ACM SIGOPS Operating Systems Review
5071:Fixing the man-in-the-middle attack
4647:instead of using the public key of
3254:, to prove ability to decrypt with
112:initiates the communication to Bob
13:
4939:they have to relay the message to
4539:) would like to contact her bank (
14:
5599:
5583:Computer access control protocols
5532:"Needham Schroeder Symmetric Key"
5514:
4979:encrypted with the public key of
4791:encrypted with the public key of
3511:Ignoring the traffic to and from
3400:This protocol is vulnerable to a
3082:to prove ability to decrypt with
1098:, he can then replay the message
306:is a symmetric key known only to
233:is a symmetric key known only to
5381:; Sacco, Giovanni Maria (1981).
3674:, who decrypts the message with
1548:Note the inclusion of the nonce.
1201:{\displaystyle A\rightarrow B:A}
1056:The protocol is vulnerable to a
5081:Needham–Schroeder–Lowe protocol
4563:). We assume that an impostor (
2196:used for signing a message and
1797:public-key encryption algorithm
5523:"Needham-Schroeder Public Key"
5476:Information Processing Letters
5415:
5371:
5177:
5096:
4244:
4110:
3986:
3859:
3722:
3544:
3484:that he is communicating with
3130:
2918:
2841:
2726:
2582:
2432:
2313:
2300:The protocol runs as follows:
1867:
1861:
1841:
1835:
1815:
1809:
1411:
1301:
1224:
1186:
985:
885:
808:
608:
543:
99:
93:
49:symmetric encryption algorithm
1:
5470:Lowe, Gavin (November 1995).
5315:
1987:stands for "secret key" here)
1210:Alice sends to Bob a request.
51:. It forms the basis for the
5498:10.1016/0020-0190(95)00144-2
3294:At the end of the protocol,
2296:before the protocol starts.)
971:to show that he has the key.
7:
5588:Telecommunication protocols
5310:Diffie–Hellman key exchange
5305:Neuman–Stubblebine protocol
5278:
10:
5604:
5578:Symmetric-key cryptography
5431:"Authentication revisited"
4374:At the end of the attack,
1795:This assumes the use of a
1588:is a different nonce from
1165:This flaw is fixed in the
528:security protocol notation
29:Needham–Schroeder protocol
5387:Communications of the ACM
5335:Communications of the ACM
4587:) successfully convinces
3396:An attack on the protocol
2514:responds with public key
5568:Authentication protocols
5300:Wide Mouth Frog protocol
5164:with the fixed version:
4771:sending it the nonce of
4368:that she's decrypted it.
3402:man-in-the-middle attack
2226:used for verification.
964:{\displaystyle {K_{AB}}}
786:{\displaystyle {K_{BS}}}
754:{\displaystyle {K_{AB}}}
472:{\displaystyle {K_{AB}}}
299:{\displaystyle {K_{BS}}}
226:{\displaystyle {K_{AS}}}
5573:Key transport protocols
4627:uses the public key of
2138:, similar belonging to
2053:, similar belonging to
1052:Attacks on the protocol
483:of the session between
68:public-key cryptography
5267:
5242:
5155:
5059:
5037:
5017:
4995:
4973:
4953:
4933:
4913:
4891:
4869:
4847:
4825:
4805:
4785:
4765:
4745:
4723:
4701:
4681:
4661:
4641:
4621:
4601:
4579:
4555:
4531:
4504:
4482:
4462:
4435:
4408:
4394:falsely believes that
4388:
4362:
4340:
4311:
4290:
4222:
4200:
4177:
4156:
4088:
4066:
4045:
3966:
3939:
3918:
3839:
3817:
3801:relays the message to
3795:
3774:
3700:
3699:{\displaystyle K_{SI}}
3666:
3644:
3617:
3596:
3525:
3500:
3478:
3458:
3438:
3418:
3384:
3355:
3328:
3308:
3280:
3279:{\displaystyle K_{SA}}
3246:
3224:
3197:
3176:
3108:
3107:{\displaystyle K_{SB}}
3076:
3049:
3027:
2998:
2977:
2896:
2819:
2797:
2777:
2756:
2704:
2682:
2655:
2634:
2560:
2538:
2537:{\displaystyle K_{PB}}
2508:
2487:
2410:
2386:
2364:
2343:
2290:
2270:
2250:
2249:{\displaystyle K_{PS}}
2220:
2219:{\displaystyle K_{PS}}
2190:
2189:{\displaystyle K_{SS}}
2154:
2130:
2129:{\displaystyle K_{SS}}
2098:
2097:{\displaystyle K_{PS}}
2067:
2045:
2044:{\displaystyle K_{SB}}
2013:
2012:{\displaystyle K_{PB}}
1981:
1961:
1939:
1938:{\displaystyle K_{SA}}
1907:
1906:{\displaystyle K_{PA}}
1874:
1848:
1822:
1779:
1778:{\displaystyle K_{BS}}
1747:
1672:
1611:
1582:
1581:{\displaystyle N_{B}'}
1540:
1389:
1279:
1202:
1169:by the inclusion of a
1151:
1090:
1089:{\displaystyle K_{AB}}
1037:
965:
931:
863:
787:
755:
721:
586:
517:
497:
473:
439:
419:
395:
368:
340:
320:
300:
267:
247:
227:
193:
173:
150:
128:
106:
24:
16:Key transport protocol
5400:10.1145/358722.358740
5357:10.1145/359657.359659
5268:
5243:
5156:
5060:
5038:
5018:
4996:
4974:
4954:
4934:
4914:
4892:
4870:
4848:
4826:
4806:
4786:
4766:
4746:
4724:
4702:
4682:
4662:
4642:
4622:
4602:
4580:
4556:
4532:
4505:
4483:
4463:
4461:{\displaystyle N_{B}}
4436:
4434:{\displaystyle N_{A}}
4409:
4389:
4363:
4341:
4339:{\displaystyle N_{B}}
4312:
4291:
4223:
4201:
4178:
4157:
4089:
4067:
4046:
3967:
3965:{\displaystyle N_{B}}
3940:
3919:
3840:
3818:
3796:
3775:
3701:
3667:
3645:
3643:{\displaystyle N_{A}}
3618:
3597:
3526:
3501:
3479:
3459:
3439:
3419:
3385:
3383:{\displaystyle N_{B}}
3356:
3354:{\displaystyle N_{A}}
3329:
3309:
3281:
3247:
3225:
3223:{\displaystyle N_{B}}
3198:
3177:
3109:
3077:
3075:{\displaystyle N_{A}}
3050:
3028:
3026:{\displaystyle N_{B}}
2999:
2978:
2897:
2820:
2798:
2778:
2757:
2705:
2683:
2681:{\displaystyle N_{A}}
2656:
2635:
2561:
2539:
2509:
2488:
2411:
2387:
2365:
2344:
2291:
2271:
2251:
2221:
2191:
2155:
2131:
2099:
2068:
2046:
2014:
1982:
1962:
1940:
1908:
1875:
1854:use a trusted server
1849:
1823:
1780:
1748:
1673:
1612:
1610:{\displaystyle N_{B}}
1583:
1541:
1390:
1280:
1203:
1152:
1091:
1038:
966:
932:
864:
788:
756:
729:The server generates
722:
587:
518:
498:
474:
440:
420:
396:
394:{\displaystyle N_{B}}
369:
367:{\displaystyle N_{A}}
341:
321:
301:
268:
248:
228:
194:
174:
151:
129:
107:
22:
5257:
5171:
5090:
5049:
5027:
5007:
4985:
4963:
4943:
4923:
4903:
4881:
4859:
4837:
4815:
4795:
4775:
4755:
4735:
4713:
4691:
4671:
4651:
4631:
4611:
4591:
4569:
4545:
4521:
4494:
4472:
4445:
4418:
4398:
4378:
4352:
4323:
4301:
4238:
4212:
4187:
4167:
4104:
4078:
4056:
3980:
3949:
3929:
3853:
3829:
3807:
3785:
3716:
3680:
3656:
3627:
3607:
3538:
3515:
3490:
3468:
3448:
3428:
3408:
3367:
3338:
3318:
3298:
3260:
3236:
3207:
3187:
3124:
3088:
3059:
3039:
3010:
2988:
2912:
2835:
2809:
2787:
2767:
2720:
2694:
2665:
2645:
2576:
2550:
2518:
2498:
2426:
2400:
2394:'s public keys from
2376:
2354:
2307:
2280:
2260:
2230:
2200:
2170:
2144:
2110:
2078:
2057:
2025:
1993:
1971:
1951:
1919:
1887:
1858:
1832:
1806:
1759:
1682:
1623:
1594:
1562:
1405:
1295:
1218:
1180:
1102:
1070:
979:
943:
879:
802:
765:
733:
602:
537:
507:
487:
451:
429:
409:
378:
351:
330:
310:
278:
257:
237:
205:
183:
163:
140:
118:
90:
5539:Gavin Lowe (1995).
5448:10.1145/24592.24593
5379:Denning, Dorothy E.
5290:Otway–Rees protocol
4206:and confirms it to
1873:{\displaystyle (S)}
1847:{\displaystyle (B)}
1821:{\displaystyle (A)}
1791:Public-key protocol
1722:
1577:
1495:
1360:
1254:
105:{\displaystyle (A)}
5263:
5238:
5151:
5055:
5033:
5013:
4991:
4969:
4949:
4929:
4909:
4887:
4865:
4843:
4821:
4801:
4781:
4761:
4741:
4719:
4697:
4677:
4657:
4637:
4617:
4597:
4575:
4551:
4527:
4500:
4478:
4468:are known only to
4458:
4431:
4404:
4384:
4358:
4336:
4307:
4286:
4218:
4199:{\displaystyle NB}
4196:
4173:
4152:
4084:
4062:
4041:
3962:
3935:
3914:
3835:
3825:, pretending that
3813:
3791:
3770:
3696:
3662:
3640:
3613:
3592:
3521:
3496:
3474:
3454:
3434:
3414:
3380:
3351:
3324:
3304:
3276:
3242:
3220:
3193:
3172:
3104:
3072:
3045:
3035:, and sends it to
3023:
2994:
2973:
2892:
2815:
2793:
2773:
2752:
2700:
2678:
2651:
2630:
2556:
2534:
2504:
2483:
2406:
2382:
2360:
2339:
2286:
2266:
2246:
2216:
2186:
2164:digital signatures
2150:
2126:
2094:
2063:
2041:
2009:
1977:
1957:
1935:
1903:
1870:
1844:
1818:
1775:
1743:
1710:
1668:
1607:
1578:
1565:
1536:
1483:
1385:
1348:
1275:
1242:
1198:
1147:
1086:
1060:(as identified by
1033:
961:
927:
859:
783:
751:
717:
582:
513:
493:
469:
435:
415:
391:
364:
336:
316:
296:
263:
243:
223:
189:
169:
146:
124:
102:
79:Symmetric protocol
25:
5266:{\displaystyle B}
5058:{\displaystyle B}
5036:{\displaystyle A}
5016:{\displaystyle I}
4994:{\displaystyle I}
4972:{\displaystyle B}
4952:{\displaystyle A}
4932:{\displaystyle A}
4912:{\displaystyle I}
4890:{\displaystyle A}
4868:{\displaystyle B}
4846:{\displaystyle I}
4824:{\displaystyle B}
4804:{\displaystyle B}
4784:{\displaystyle A}
4764:{\displaystyle B}
4744:{\displaystyle I}
4722:{\displaystyle I}
4700:{\displaystyle I}
4680:{\displaystyle A}
4660:{\displaystyle B}
4640:{\displaystyle I}
4620:{\displaystyle A}
4600:{\displaystyle A}
4578:{\displaystyle I}
4554:{\displaystyle B}
4530:{\displaystyle A}
4503:{\displaystyle B}
4481:{\displaystyle A}
4407:{\displaystyle A}
4387:{\displaystyle B}
4361:{\displaystyle B}
4310:{\displaystyle I}
4221:{\displaystyle I}
4176:{\displaystyle A}
4087:{\displaystyle A}
4065:{\displaystyle I}
3938:{\displaystyle B}
3845:is communicating.
3838:{\displaystyle A}
3816:{\displaystyle B}
3794:{\displaystyle I}
3665:{\displaystyle I}
3616:{\displaystyle A}
3524:{\displaystyle S}
3499:{\displaystyle A}
3477:{\displaystyle B}
3457:{\displaystyle B}
3437:{\displaystyle A}
3417:{\displaystyle I}
3404:. If an impostor
3327:{\displaystyle B}
3307:{\displaystyle A}
3245:{\displaystyle B}
3196:{\displaystyle A}
3048:{\displaystyle A}
3004:chooses a random
2997:{\displaystyle B}
2818:{\displaystyle A}
2796:{\displaystyle B}
2776:{\displaystyle B}
2703:{\displaystyle B}
2661:chooses a random
2654:{\displaystyle A}
2559:{\displaystyle B}
2507:{\displaystyle S}
2409:{\displaystyle S}
2385:{\displaystyle B}
2363:{\displaystyle A}
2289:{\displaystyle B}
2269:{\displaystyle A}
2256:must be known to
2153:{\displaystyle S}
2066:{\displaystyle B}
1980:{\displaystyle S}
1960:{\displaystyle A}
1167:Kerberos protocol
1161:Fixing the attack
516:{\displaystyle B}
496:{\displaystyle A}
438:{\displaystyle B}
418:{\displaystyle A}
339:{\displaystyle S}
319:{\displaystyle B}
266:{\displaystyle S}
246:{\displaystyle A}
192:{\displaystyle B}
172:{\displaystyle A}
149:{\displaystyle S}
127:{\displaystyle B}
37:Michael Schroeder
5595:
5544:
5535:
5526:
5508:
5507:
5505:
5504:
5491:
5467:
5461:
5460:
5450:
5427:Schroeder, M. D.
5419:
5413:
5412:
5402:
5375:
5369:
5368:
5350:
5326:
5274:
5272:
5270:
5269:
5264:
5247:
5245:
5244:
5239:
5237:
5236:
5235:
5234:
5211:
5210:
5198:
5197:
5160:
5158:
5157:
5152:
5150:
5149:
5148:
5147:
5130:
5129:
5117:
5116:
5066:
5064:
5062:
5061:
5056:
5042:
5040:
5039:
5034:
5022:
5020:
5019:
5014:
5002:
5000:
4998:
4997:
4992:
4978:
4976:
4975:
4970:
4958:
4956:
4955:
4950:
4938:
4936:
4935:
4930:
4918:
4916:
4915:
4910:
4898:
4896:
4894:
4893:
4888:
4874:
4872:
4871:
4866:
4854:
4852:
4850:
4849:
4844:
4830:
4828:
4827:
4822:
4810:
4808:
4807:
4802:
4790:
4788:
4787:
4782:
4770:
4768:
4767:
4762:
4750:
4748:
4747:
4742:
4730:
4728:
4726:
4725:
4720:
4706:
4704:
4703:
4698:
4686:
4684:
4683:
4678:
4666:
4664:
4663:
4658:
4646:
4644:
4643:
4638:
4626:
4624:
4623:
4618:
4606:
4604:
4603:
4598:
4586:
4584:
4582:
4581:
4576:
4562:
4560:
4558:
4557:
4552:
4538:
4536:
4534:
4533:
4528:
4511:
4509:
4507:
4506:
4501:
4487:
4485:
4484:
4479:
4467:
4465:
4464:
4459:
4457:
4456:
4440:
4438:
4437:
4432:
4430:
4429:
4413:
4411:
4410:
4405:
4393:
4391:
4390:
4385:
4367:
4365:
4364:
4359:
4348:, and convinces
4347:
4345:
4343:
4342:
4337:
4335:
4334:
4316:
4314:
4313:
4308:
4295:
4293:
4292:
4287:
4285:
4284:
4283:
4282:
4265:
4264:
4230:, who learns it.
4229:
4227:
4225:
4224:
4219:
4205:
4203:
4202:
4197:
4182:
4180:
4179:
4174:
4161:
4159:
4158:
4153:
4151:
4150:
4149:
4148:
4131:
4130:
4095:
4093:
4091:
4090:
4085:
4071:
4069:
4068:
4063:
4050:
4048:
4047:
4042:
4040:
4039:
4038:
4037:
4020:
4019:
4007:
4006:
3971:
3969:
3968:
3963:
3961:
3960:
3944:
3942:
3941:
3936:
3923:
3921:
3920:
3915:
3913:
3912:
3911:
3910:
3893:
3892:
3880:
3879:
3844:
3842:
3841:
3836:
3824:
3822:
3820:
3819:
3814:
3800:
3798:
3797:
3792:
3779:
3777:
3776:
3771:
3769:
3768:
3767:
3766:
3743:
3742:
3707:
3705:
3703:
3702:
3697:
3695:
3694:
3673:
3671:
3669:
3668:
3663:
3649:
3647:
3646:
3641:
3639:
3638:
3622:
3620:
3619:
3614:
3601:
3599:
3598:
3593:
3591:
3590:
3589:
3588:
3565:
3564:
3530:
3528:
3527:
3522:
3507:
3505:
3503:
3502:
3497:
3483:
3481:
3480:
3475:
3463:
3461:
3460:
3455:
3443:
3441:
3440:
3435:
3423:
3421:
3420:
3415:
3391:
3389:
3387:
3386:
3381:
3379:
3378:
3360:
3358:
3357:
3352:
3350:
3349:
3333:
3331:
3330:
3325:
3313:
3311:
3310:
3305:
3287:
3285:
3283:
3282:
3277:
3275:
3274:
3253:
3251:
3249:
3248:
3243:
3229:
3227:
3226:
3221:
3219:
3218:
3202:
3200:
3199:
3194:
3181:
3179:
3178:
3173:
3171:
3170:
3169:
3168:
3151:
3150:
3115:
3113:
3111:
3110:
3105:
3103:
3102:
3081:
3079:
3078:
3073:
3071:
3070:
3054:
3052:
3051:
3046:
3034:
3032:
3030:
3029:
3024:
3022:
3021:
3003:
3001:
3000:
2995:
2982:
2980:
2979:
2974:
2972:
2971:
2970:
2969:
2952:
2951:
2939:
2938:
2904:Server responds.
2901:
2899:
2898:
2893:
2891:
2890:
2889:
2888:
2865:
2864:
2826:
2824:
2822:
2821:
2816:
2802:
2800:
2799:
2794:
2782:
2780:
2779:
2774:
2761:
2759:
2758:
2753:
2751:
2748:
2711:
2709:
2707:
2706:
2701:
2688:and sends it to
2687:
2685:
2684:
2679:
2677:
2676:
2660:
2658:
2657:
2652:
2639:
2637:
2636:
2631:
2629:
2628:
2627:
2626:
2603:
2602:
2567:
2565:
2563:
2562:
2557:
2543:
2541:
2540:
2535:
2533:
2532:
2513:
2511:
2510:
2505:
2492:
2490:
2489:
2484:
2482:
2481:
2480:
2479:
2456:
2455:
2417:
2415:
2413:
2412:
2407:
2393:
2391:
2389:
2388:
2383:
2369:
2367:
2366:
2361:
2348:
2346:
2345:
2340:
2338:
2335:
2295:
2293:
2292:
2287:
2275:
2273:
2272:
2267:
2255:
2253:
2252:
2247:
2245:
2244:
2225:
2223:
2222:
2217:
2215:
2214:
2195:
2193:
2192:
2187:
2185:
2184:
2161:
2159:
2157:
2156:
2151:
2137:
2135:
2133:
2132:
2127:
2125:
2124:
2103:
2101:
2100:
2095:
2093:
2092:
2072:
2070:
2069:
2064:
2052:
2050:
2048:
2047:
2042:
2040:
2039:
2018:
2016:
2015:
2010:
2008:
2007:
1986:
1984:
1983:
1978:
1966:
1964:
1963:
1958:
1946:
1944:
1942:
1941:
1936:
1934:
1933:
1912:
1910:
1909:
1904:
1902:
1901:
1879:
1877:
1876:
1871:
1853:
1851:
1850:
1845:
1827:
1825:
1824:
1819:
1786:
1784:
1782:
1781:
1776:
1774:
1773:
1752:
1750:
1749:
1744:
1742:
1741:
1740:
1739:
1718:
1700:
1699:
1677:
1675:
1674:
1669:
1667:
1666:
1665:
1664:
1641:
1640:
1618:
1616:
1614:
1613:
1608:
1606:
1605:
1587:
1585:
1584:
1579:
1573:
1545:
1543:
1542:
1537:
1535:
1534:
1533:
1532:
1515:
1514:
1513:
1512:
1491:
1473:
1472:
1448:
1447:
1432:
1431:
1394:
1392:
1391:
1386:
1384:
1381:
1380:
1379:
1378:
1377:
1356:
1335:
1334:
1284:
1282:
1281:
1276:
1274:
1273:
1272:
1271:
1250:
1207:
1205:
1204:
1199:
1156:
1154:
1153:
1148:
1146:
1145:
1144:
1143:
1120:
1119:
1097:
1095:
1093:
1092:
1087:
1085:
1084:
1042:
1040:
1039:
1034:
1032:
1031:
1030:
1029:
1006:
1005:
970:
968:
967:
962:
960:
959:
958:
936:
934:
933:
928:
926:
925:
924:
923:
906:
905:
868:
866:
865:
860:
858:
857:
856:
855:
832:
831:
792:
790:
789:
784:
782:
781:
780:
760:
758:
757:
752:
750:
749:
748:
726:
724:
723:
718:
716:
715:
714:
713:
696:
695:
694:
693:
670:
669:
645:
644:
629:
628:
591:
589:
588:
583:
581:
578:
577:
576:
522:
520:
519:
514:
502:
500:
499:
494:
478:
476:
475:
470:
468:
467:
466:
444:
442:
441:
436:
424:
422:
421:
416:
400:
398:
397:
392:
390:
389:
373:
371:
370:
365:
363:
362:
345:
343:
342:
337:
325:
323:
322:
317:
305:
303:
302:
297:
295:
294:
293:
272:
270:
269:
264:
252:
250:
249:
244:
232:
230:
229:
224:
222:
221:
220:
198:
196:
195:
190:
178:
176:
175:
170:
155:
153:
152:
147:
135:
133:
131:
130:
125:
111:
109:
108:
103:
5603:
5602:
5598:
5597:
5596:
5594:
5593:
5592:
5558:
5557:
5517:
5512:
5511:
5502:
5500:
5489:10.1.1.394.6094
5468:
5464:
5420:
5416:
5376:
5372:
5348:10.1.1.357.4298
5341:(12): 993–999.
5327:
5323:
5318:
5281:
5258:
5255:
5254:
5252:
5227:
5223:
5222:
5218:
5206:
5202:
5193:
5189:
5172:
5169:
5168:
5140:
5136:
5135:
5131:
5125:
5121:
5112:
5108:
5091:
5088:
5087:
5073:
5050:
5047:
5046:
5044:
5028:
5025:
5024:
5008:
5005:
5004:
4986:
4983:
4982:
4980:
4964:
4961:
4960:
4944:
4941:
4940:
4924:
4921:
4920:
4904:
4901:
4900:
4882:
4879:
4878:
4876:
4860:
4857:
4856:
4838:
4835:
4834:
4832:
4816:
4813:
4812:
4796:
4793:
4792:
4776:
4773:
4772:
4756:
4753:
4752:
4736:
4733:
4732:
4714:
4711:
4710:
4708:
4692:
4689:
4688:
4672:
4669:
4668:
4652:
4649:
4648:
4632:
4629:
4628:
4612:
4609:
4608:
4592:
4589:
4588:
4570:
4567:
4566:
4564:
4546:
4543:
4542:
4540:
4522:
4519:
4518:
4516:
4495:
4492:
4491:
4489:
4473:
4470:
4469:
4452:
4448:
4446:
4443:
4442:
4425:
4421:
4419:
4416:
4415:
4399:
4396:
4395:
4379:
4376:
4375:
4353:
4350:
4349:
4330:
4326:
4324:
4321:
4320:
4318:
4302:
4299:
4298:
4275:
4271:
4270:
4266:
4260:
4256:
4239:
4236:
4235:
4213:
4210:
4209:
4207:
4188:
4185:
4184:
4168:
4165:
4164:
4141:
4137:
4136:
4132:
4126:
4122:
4105:
4102:
4101:
4079:
4076:
4075:
4073:
4057:
4054:
4053:
4030:
4026:
4025:
4021:
4015:
4011:
4002:
3998:
3981:
3978:
3977:
3956:
3952:
3950:
3947:
3946:
3930:
3927:
3926:
3903:
3899:
3898:
3894:
3888:
3884:
3875:
3871:
3854:
3851:
3850:
3830:
3827:
3826:
3808:
3805:
3804:
3802:
3786:
3783:
3782:
3759:
3755:
3754:
3750:
3738:
3734:
3717:
3714:
3713:
3687:
3683:
3681:
3678:
3677:
3675:
3657:
3654:
3653:
3651:
3634:
3630:
3628:
3625:
3624:
3608:
3605:
3604:
3581:
3577:
3576:
3572:
3560:
3556:
3539:
3536:
3535:
3516:
3513:
3512:
3491:
3488:
3487:
3485:
3469:
3466:
3465:
3449:
3446:
3445:
3429:
3426:
3425:
3409:
3406:
3405:
3398:
3374:
3370:
3368:
3365:
3364:
3362:
3345:
3341:
3339:
3336:
3335:
3319:
3316:
3315:
3299:
3296:
3295:
3267:
3263:
3261:
3258:
3257:
3255:
3237:
3234:
3233:
3231:
3214:
3210:
3208:
3205:
3204:
3188:
3185:
3184:
3161:
3157:
3156:
3152:
3146:
3142:
3125:
3122:
3121:
3095:
3091:
3089:
3086:
3085:
3083:
3066:
3062:
3060:
3057:
3056:
3040:
3037:
3036:
3017:
3013:
3011:
3008:
3007:
3005:
2989:
2986:
2985:
2962:
2958:
2957:
2953:
2947:
2943:
2934:
2930:
2913:
2910:
2909:
2881:
2877:
2876:
2872:
2857:
2853:
2836:
2833:
2832:
2827:'s public keys.
2810:
2807:
2806:
2804:
2788:
2785:
2784:
2768:
2765:
2764:
2738:
2735:
2721:
2718:
2717:
2695:
2692:
2691:
2689:
2672:
2668:
2666:
2663:
2662:
2646:
2643:
2642:
2619:
2615:
2614:
2610:
2598:
2594:
2577:
2574:
2573:
2551:
2548:
2547:
2545:
2525:
2521:
2519:
2516:
2515:
2499:
2496:
2495:
2472:
2468:
2467:
2463:
2448:
2444:
2427:
2424:
2423:
2401:
2398:
2397:
2395:
2377:
2374:
2373:
2371:
2355:
2352:
2351:
2325:
2322:
2308:
2305:
2304:
2281:
2278:
2277:
2261:
2258:
2257:
2237:
2233:
2231:
2228:
2227:
2207:
2203:
2201:
2198:
2197:
2177:
2173:
2171:
2168:
2167:
2145:
2142:
2141:
2139:
2117:
2113:
2111:
2108:
2107:
2105:
2085:
2081:
2079:
2076:
2075:
2058:
2055:
2054:
2032:
2028:
2026:
2023:
2022:
2020:
2000:
1996:
1994:
1991:
1990:
1972:
1969:
1968:
1952:
1949:
1948:
1926:
1922:
1920:
1917:
1916:
1914:
1894:
1890:
1888:
1885:
1884:
1859:
1856:
1855:
1833:
1830:
1829:
1807:
1804:
1803:
1793:
1766:
1762:
1760:
1757:
1756:
1754:
1732:
1728:
1727:
1723:
1714:
1692:
1688:
1683:
1680:
1679:
1657:
1653:
1652:
1648:
1633:
1629:
1624:
1621:
1620:
1601:
1597:
1595:
1592:
1591:
1589:
1569:
1563:
1560:
1559:
1525:
1521:
1520:
1516:
1505:
1501:
1500:
1496:
1487:
1465:
1461:
1440:
1436:
1427:
1423:
1406:
1403:
1402:
1370:
1366:
1365:
1361:
1352:
1330:
1326:
1313:
1310:
1296:
1293:
1292:
1264:
1260:
1259:
1255:
1246:
1219:
1216:
1215:
1181:
1178:
1177:
1163:
1136:
1132:
1131:
1127:
1112:
1108:
1103:
1100:
1099:
1077:
1073:
1071:
1068:
1067:
1065:
1054:
1022:
1018:
1017:
1013:
1001:
997:
980:
977:
976:
951:
947:
946:
944:
941:
940:
916:
912:
911:
907:
901:
897:
880:
877:
876:
848:
844:
843:
839:
824:
820:
803:
800:
799:
773:
769:
768:
766:
763:
762:
741:
737:
736:
734:
731:
730:
706:
702:
701:
697:
686:
682:
681:
677:
662:
658:
637:
633:
624:
620:
603:
600:
599:
572:
568:
555:
552:
538:
535:
534:
508:
505:
504:
488:
485:
484:
459:
455:
454:
452:
449:
448:
430:
427:
426:
410:
407:
406:
385:
381:
379:
376:
375:
358:
354:
352:
349:
348:
331:
328:
327:
311:
308:
307:
286:
282:
281:
279:
276:
275:
258:
255:
254:
238:
235:
234:
213:
209:
208:
206:
203:
202:
184:
181:
180:
164:
161:
160:
141:
138:
137:
119:
116:
115:
113:
91:
88:
87:
81:
17:
12:
11:
5:
5601:
5591:
5590:
5585:
5580:
5575:
5570:
5556:
5555:
5545:
5536:
5527:
5516:
5515:External links
5513:
5510:
5509:
5482:(3): 131–136.
5462:
5423:Needham, R. M.
5414:
5393:(8): 533–535.
5370:
5320:
5319:
5317:
5314:
5313:
5312:
5307:
5302:
5297:
5292:
5287:
5280:
5277:
5262:
5249:
5248:
5233:
5230:
5226:
5221:
5217:
5214:
5209:
5205:
5201:
5196:
5192:
5188:
5185:
5182:
5179:
5176:
5162:
5161:
5146:
5143:
5139:
5134:
5128:
5124:
5120:
5115:
5111:
5107:
5104:
5101:
5098:
5095:
5072:
5069:
5054:
5032:
5012:
4990:
4968:
4948:
4928:
4908:
4886:
4864:
4842:
4820:
4800:
4780:
4760:
4740:
4718:
4696:
4676:
4656:
4636:
4616:
4596:
4574:
4550:
4526:
4499:
4477:
4455:
4451:
4428:
4424:
4403:
4383:
4372:
4371:
4370:
4369:
4357:
4333:
4329:
4306:
4281:
4278:
4274:
4269:
4263:
4259:
4255:
4252:
4249:
4246:
4243:
4233:
4232:
4231:
4217:
4195:
4192:
4172:
4147:
4144:
4140:
4135:
4129:
4125:
4121:
4118:
4115:
4112:
4109:
4099:
4098:
4097:
4083:
4061:
4036:
4033:
4029:
4024:
4018:
4014:
4010:
4005:
4001:
3997:
3994:
3991:
3988:
3985:
3975:
3974:
3973:
3959:
3955:
3934:
3909:
3906:
3902:
3897:
3891:
3887:
3883:
3878:
3874:
3870:
3867:
3864:
3861:
3858:
3848:
3847:
3846:
3834:
3812:
3790:
3765:
3762:
3758:
3753:
3749:
3746:
3741:
3737:
3733:
3730:
3727:
3724:
3721:
3711:
3710:
3709:
3693:
3690:
3686:
3661:
3637:
3633:
3612:
3587:
3584:
3580:
3575:
3571:
3568:
3563:
3559:
3555:
3552:
3549:
3546:
3543:
3520:
3495:
3473:
3453:
3433:
3413:
3397:
3394:
3377:
3373:
3348:
3344:
3323:
3303:
3292:
3291:
3290:
3289:
3273:
3270:
3266:
3241:
3217:
3213:
3192:
3167:
3164:
3160:
3155:
3149:
3145:
3141:
3138:
3135:
3132:
3129:
3119:
3118:
3117:
3101:
3098:
3094:
3069:
3065:
3044:
3020:
3016:
2993:
2968:
2965:
2961:
2956:
2950:
2946:
2942:
2937:
2933:
2929:
2926:
2923:
2920:
2917:
2907:
2906:
2905:
2887:
2884:
2880:
2875:
2871:
2868:
2863:
2860:
2856:
2852:
2849:
2846:
2843:
2840:
2830:
2829:
2828:
2814:
2792:
2772:
2750:
2747:
2744:
2741:
2737:
2734:
2731:
2728:
2725:
2715:
2714:
2713:
2699:
2675:
2671:
2650:
2625:
2622:
2618:
2613:
2609:
2606:
2601:
2597:
2593:
2590:
2587:
2584:
2581:
2571:
2570:
2569:
2555:
2531:
2528:
2524:
2503:
2478:
2475:
2471:
2466:
2462:
2459:
2454:
2451:
2447:
2443:
2440:
2437:
2434:
2431:
2421:
2420:
2419:
2405:
2381:
2359:
2337:
2334:
2331:
2328:
2324:
2321:
2318:
2315:
2312:
2298:
2297:
2285:
2265:
2243:
2240:
2236:
2213:
2210:
2206:
2183:
2180:
2176:
2149:
2123:
2120:
2116:
2091:
2088:
2084:
2073:
2062:
2038:
2035:
2031:
2006:
2003:
1999:
1988:
1976:
1956:
1932:
1929:
1925:
1900:
1897:
1893:
1869:
1866:
1863:
1843:
1840:
1837:
1817:
1814:
1811:
1792:
1789:
1772:
1769:
1765:
1738:
1735:
1731:
1726:
1721:
1717:
1713:
1709:
1706:
1703:
1698:
1695:
1691:
1687:
1663:
1660:
1656:
1651:
1647:
1644:
1639:
1636:
1632:
1628:
1604:
1600:
1576:
1572:
1568:
1552:
1551:
1550:
1549:
1531:
1528:
1524:
1519:
1511:
1508:
1504:
1499:
1494:
1490:
1486:
1482:
1479:
1476:
1471:
1468:
1464:
1460:
1457:
1454:
1451:
1446:
1443:
1439:
1435:
1430:
1426:
1422:
1419:
1416:
1413:
1410:
1400:
1399:
1398:
1383:
1376:
1373:
1369:
1364:
1359:
1355:
1351:
1347:
1344:
1341:
1338:
1333:
1329:
1325:
1322:
1319:
1316:
1312:
1309:
1306:
1303:
1300:
1290:
1289:
1288:
1270:
1267:
1263:
1258:
1253:
1249:
1245:
1241:
1238:
1235:
1232:
1229:
1226:
1223:
1213:
1212:
1211:
1197:
1194:
1191:
1188:
1185:
1162:
1159:
1142:
1139:
1135:
1130:
1126:
1123:
1118:
1115:
1111:
1107:
1083:
1080:
1076:
1053:
1050:
1049:
1048:
1047:
1046:
1028:
1025:
1021:
1016:
1012:
1009:
1004:
1000:
996:
993:
990:
987:
984:
974:
973:
972:
957:
954:
950:
922:
919:
915:
910:
904:
900:
896:
893:
890:
887:
884:
874:
873:
872:
854:
851:
847:
842:
838:
835:
830:
827:
823:
819:
816:
813:
810:
807:
797:
796:
795:
779:
776:
772:
747:
744:
740:
712:
709:
705:
700:
692:
689:
685:
680:
676:
673:
668:
665:
661:
657:
654:
651:
648:
643:
640:
636:
632:
627:
623:
619:
616:
613:
610:
607:
597:
596:
595:
580:
575:
571:
567:
564:
561:
558:
554:
551:
548:
545:
542:
524:
523:
512:
492:
465:
462:
458:
446:
434:
414:
388:
384:
361:
357:
346:
335:
315:
292:
289:
285:
273:
262:
242:
219:
216:
212:
200:
188:
168:
145:
123:
101:
98:
95:
80:
77:
76:
75:
72:authentication
60:
15:
9:
6:
4:
3:
2:
5600:
5589:
5586:
5584:
5581:
5579:
5576:
5574:
5571:
5569:
5566:
5565:
5563:
5553:
5552:Computerphile
5549:
5546:
5542:
5537:
5533:
5528:
5524:
5519:
5518:
5499:
5495:
5490:
5485:
5481:
5477:
5473:
5466:
5458:
5454:
5449:
5444:
5440:
5436:
5432:
5428:
5424:
5418:
5410:
5406:
5401:
5396:
5392:
5388:
5384:
5380:
5374:
5366:
5362:
5358:
5354:
5349:
5344:
5340:
5336:
5332:
5325:
5321:
5311:
5308:
5306:
5303:
5301:
5298:
5296:
5293:
5291:
5288:
5286:
5283:
5282:
5276:
5260:
5231:
5228:
5224:
5215:
5212:
5207:
5203:
5199:
5194:
5190:
5183:
5180:
5174:
5167:
5166:
5165:
5144:
5141:
5137:
5126:
5122:
5118:
5113:
5109:
5102:
5099:
5093:
5086:
5085:
5084:
5082:
5078:
5068:
5052:
5030:
5010:
4988:
4966:
4946:
4926:
4906:
4884:
4862:
4840:
4818:
4798:
4778:
4758:
4738:
4716:
4694:
4674:
4654:
4634:
4614:
4594:
4572:
4548:
4524:
4513:
4497:
4475:
4453:
4449:
4426:
4422:
4401:
4381:
4355:
4331:
4327:
4304:
4297:
4296:
4279:
4276:
4272:
4261:
4257:
4250:
4247:
4241:
4234:
4215:
4193:
4190:
4170:
4163:
4162:
4145:
4142:
4138:
4127:
4123:
4116:
4113:
4107:
4100:
4081:
4072:relays it to
4059:
4052:
4051:
4034:
4031:
4027:
4016:
4012:
4008:
4003:
3999:
3992:
3989:
3983:
3976:
3957:
3953:
3932:
3925:
3924:
3907:
3904:
3900:
3889:
3885:
3881:
3876:
3872:
3865:
3862:
3856:
3849:
3832:
3810:
3788:
3781:
3780:
3763:
3760:
3756:
3747:
3744:
3739:
3735:
3728:
3725:
3719:
3712:
3691:
3688:
3684:
3659:
3635:
3631:
3610:
3603:
3602:
3585:
3582:
3578:
3569:
3566:
3561:
3557:
3550:
3547:
3541:
3534:
3533:
3532:
3518:
3509:
3493:
3471:
3464:and convince
3451:
3431:
3424:can persuade
3411:
3403:
3393:
3375:
3371:
3346:
3342:
3321:
3301:
3271:
3268:
3264:
3239:
3215:
3211:
3190:
3183:
3182:
3165:
3162:
3158:
3147:
3143:
3136:
3133:
3127:
3120:
3099:
3096:
3092:
3067:
3063:
3042:
3018:
3014:
2991:
2984:
2983:
2966:
2963:
2959:
2948:
2944:
2940:
2935:
2931:
2924:
2921:
2915:
2908:
2903:
2902:
2885:
2882:
2878:
2869:
2866:
2861:
2858:
2854:
2847:
2844:
2838:
2831:
2812:
2790:
2770:
2763:
2762:
2745:
2742:
2739:
2732:
2729:
2723:
2716:
2697:
2673:
2669:
2648:
2641:
2640:
2623:
2620:
2616:
2607:
2604:
2599:
2595:
2588:
2585:
2579:
2572:
2553:
2529:
2526:
2522:
2501:
2494:
2493:
2476:
2473:
2469:
2460:
2457:
2452:
2449:
2445:
2438:
2435:
2429:
2422:
2403:
2379:
2357:
2350:
2349:
2332:
2329:
2326:
2319:
2316:
2310:
2303:
2302:
2301:
2283:
2263:
2241:
2238:
2234:
2211:
2208:
2204:
2181:
2178:
2174:
2165:
2147:
2121:
2118:
2114:
2089:
2086:
2082:
2074:
2060:
2036:
2033:
2029:
2004:
2001:
1997:
1989:
1974:
1954:
1930:
1927:
1923:
1898:
1895:
1891:
1883:
1882:
1881:
1864:
1838:
1812:
1800:
1798:
1788:
1770:
1767:
1763:
1736:
1733:
1729:
1719:
1715:
1711:
1707:
1704:
1701:
1696:
1693:
1689:
1661:
1658:
1654:
1645:
1642:
1637:
1634:
1630:
1602:
1598:
1574:
1570:
1566:
1557:
1547:
1546:
1529:
1526:
1522:
1509:
1506:
1502:
1492:
1488:
1484:
1480:
1477:
1474:
1469:
1466:
1462:
1455:
1452:
1449:
1444:
1441:
1437:
1433:
1428:
1424:
1417:
1414:
1408:
1401:
1396:
1395:
1374:
1371:
1367:
1357:
1353:
1349:
1345:
1342:
1336:
1331:
1327:
1323:
1320:
1317:
1314:
1307:
1304:
1298:
1291:
1286:
1285:
1268:
1265:
1261:
1251:
1247:
1243:
1239:
1236:
1230:
1227:
1221:
1214:
1209:
1208:
1195:
1192:
1189:
1183:
1176:
1175:
1174:
1172:
1168:
1158:
1140:
1137:
1133:
1124:
1121:
1116:
1113:
1109:
1081:
1078:
1074:
1063:
1059:
1058:replay attack
1044:
1043:
1026:
1023:
1019:
1010:
1007:
1002:
998:
991:
988:
982:
975:
955:
952:
948:
938:
937:
920:
917:
913:
902:
898:
891:
888:
882:
875:
870:
869:
852:
849:
845:
836:
833:
828:
825:
821:
814:
811:
805:
798:
777:
774:
770:
745:
742:
738:
728:
727:
710:
707:
703:
690:
687:
683:
674:
671:
666:
663:
659:
652:
649:
646:
641:
638:
634:
630:
625:
621:
614:
611:
605:
598:
593:
592:
573:
569:
565:
562:
559:
556:
549:
546:
540:
533:
532:
531:
529:
510:
490:
482:
463:
460:
456:
447:
432:
412:
405:generated by
404:
386:
382:
359:
355:
347:
333:
313:
290:
287:
283:
274:
260:
240:
217:
214:
210:
201:
186:
166:
159:
158:
157:
143:
121:
96:
86:
73:
69:
65:
61:
58:
54:
50:
47:, based on a
46:
42:
41:
40:
39:. These are:
38:
34:
33:Roger Needham
30:
21:
5501:. Retrieved
5479:
5475:
5465:
5438:
5434:
5417:
5390:
5386:
5373:
5338:
5334:
5324:
5250:
5163:
5080:
5074:
4514:
4373:
4317:re-encrypts
3510:
3399:
3293:
2299:
1802:Here, Alice
1801:
1794:
1558:. Note that
1553:
1164:
1055:
525:
445:respectively
82:
63:
44:
28:
26:
3055:along with
481:session key
66:, based on
57:session key
5562:Categories
5503:2008-04-17
5316:References
5077:Gavin Lowe
2544:alongside
5484:CiteSeerX
5343:CiteSeerX
5178:→
5097:→
4245:→
4183:decrypts
4111:→
3987:→
3860:→
3723:→
3545:→
3203:confirms
3131:→
2919:→
2842:→
2803:requests
2727:→
2583:→
2433:→
2370:requests
2314:→
1412:→
1302:→
1225:→
1187:→
1171:timestamp
1008:−
986:→
886:→
809:→
609:→
544:→
5457:33658476
5441:(1): 7.
5429:(1987).
5285:Kerberos
5279:See also
4899:. Since
2166:, i.e.,
1828:and Bob
1720:′
1575:′
1493:′
1358:′
1252:′
53:Kerberos
5409:3228356
5365:7704786
5295:Yahalom
5273:
5253:
5065:
5045:
5001:
4981:
4897:
4877:
4853:
4833:
4729:
4709:
4585:
4565:
4561:
4541:
4537:
4517:
4510:
4490:
4346:
4319:
4228:
4208:
4094:
4074:
3823:
3803:
3706:
3676:
3672:
3652:
3506:
3486:
3390:
3363:
3286:
3256:
3252:
3232:
3114:
3084:
3033:
3006:
2825:
2805:
2710:
2690:
2566:
2546:
2416:
2396:
2392:
2372:
2160:
2140:
2136:
2106:
2051:
2021:
1945:
1915:
1785:
1755:
1617:
1590:
1096:
1066:
1062:Denning
134:
114:
5486:
5455:
5407:
5363:
5345:
4687:sends
3945:sends
3623:sends
403:nonces
83:Here,
5453:S2CID
5405:S2CID
5361:S2CID
1556:above
794:with.
85:Alice
5043:and
4488:and
4441:and
3361:and
3314:and
2276:and
2104:and
2019:and
1913:and
503:and
425:and
401:are
374:and
326:and
253:and
179:and
62:The
43:The
35:and
27:The
5550:by
5494:doi
5443:doi
5395:doi
5353:doi
3650:to
3230:to
5564::
5492:.
5480:56
5478:.
5474:.
5451:.
5439:21
5437:.
5433:.
5425:;
5403:.
5391:24
5389:.
5385:.
5359:.
5351:.
5339:21
5337:.
5333:.
5275:.
5003:.
4855:.
4811:.
4731:.
4512:.
3508:.
1799:.
1787:.
530::
136:.
5554:.
5506:.
5496::
5459:.
5445::
5411:.
5397::
5367:.
5355::
5261:B
5232:A
5229:P
5225:K
5220:}
5216:B
5213:,
5208:B
5204:N
5200:,
5195:A
5191:N
5187:{
5184::
5181:A
5175:B
5145:A
5142:P
5138:K
5133:}
5127:B
5123:N
5119:,
5114:A
5110:N
5106:{
5103::
5100:A
5094:B
5053:B
5031:A
5011:I
4989:I
4967:B
4947:A
4927:A
4907:I
4885:A
4863:B
4841:I
4819:B
4799:B
4779:A
4759:B
4739:I
4717:I
4695:I
4675:A
4655:B
4635:I
4615:A
4595:A
4573:I
4549:B
4525:A
4498:B
4476:A
4454:B
4450:N
4427:A
4423:N
4402:A
4382:B
4356:B
4332:B
4328:N
4305:I
4280:B
4277:P
4273:K
4268:}
4262:B
4258:N
4254:{
4251::
4248:B
4242:I
4216:I
4194:B
4191:N
4171:A
4146:I
4143:P
4139:K
4134:}
4128:B
4124:N
4120:{
4117::
4114:I
4108:A
4096:.
4082:A
4060:I
4035:A
4032:P
4028:K
4023:}
4017:B
4013:N
4009:,
4004:A
4000:N
3996:{
3993::
3990:A
3984:I
3972:.
3958:B
3954:N
3933:B
3908:A
3905:P
3901:K
3896:}
3890:B
3886:N
3882:,
3877:A
3873:N
3869:{
3866::
3863:I
3857:B
3833:A
3811:B
3789:I
3764:B
3761:P
3757:K
3752:}
3748:A
3745:,
3740:A
3736:N
3732:{
3729::
3726:B
3720:I
3708:.
3692:I
3689:S
3685:K
3660:I
3636:A
3632:N
3611:A
3586:I
3583:P
3579:K
3574:}
3570:A
3567:,
3562:A
3558:N
3554:{
3551::
3548:I
3542:A
3519:S
3494:A
3472:B
3452:B
3432:A
3412:I
3376:B
3372:N
3347:A
3343:N
3322:B
3302:A
3288:.
3272:A
3269:S
3265:K
3240:B
3216:B
3212:N
3191:A
3166:B
3163:P
3159:K
3154:}
3148:B
3144:N
3140:{
3137::
3134:B
3128:A
3116:.
3100:B
3097:S
3093:K
3068:A
3064:N
3043:A
3019:B
3015:N
2992:B
2967:A
2964:P
2960:K
2955:}
2949:B
2945:N
2941:,
2936:A
2932:N
2928:{
2925::
2922:A
2916:B
2886:S
2883:S
2879:K
2874:}
2870:A
2867:,
2862:A
2859:P
2855:K
2851:{
2848::
2845:B
2839:S
2813:A
2791:B
2771:B
2746:A
2743:,
2740:B
2733::
2730:S
2724:B
2712:.
2698:B
2674:A
2670:N
2649:A
2624:B
2621:P
2617:K
2612:}
2608:A
2605:,
2600:A
2596:N
2592:{
2589::
2586:B
2580:A
2554:B
2530:B
2527:P
2523:K
2502:S
2477:S
2474:S
2470:K
2465:}
2461:B
2458:,
2453:B
2450:P
2446:K
2442:{
2439::
2436:A
2430:S
2418:.
2404:S
2380:B
2358:A
2333:B
2330:,
2327:A
2320::
2317:S
2311:A
2284:B
2264:A
2242:S
2239:P
2235:K
2212:S
2209:P
2205:K
2182:S
2179:S
2175:K
2148:S
2122:S
2119:S
2115:K
2090:S
2087:P
2083:K
2061:B
2037:B
2034:S
2030:K
2005:B
2002:P
1998:K
1975:S
1967:(
1955:A
1931:A
1928:S
1924:K
1899:A
1896:P
1892:K
1868:)
1865:S
1862:(
1842:)
1839:B
1836:(
1816:)
1813:A
1810:(
1771:S
1768:B
1764:K
1737:S
1734:B
1730:K
1725:}
1716:B
1712:N
1708:,
1705:A
1702:,
1697:B
1694:A
1690:K
1686:{
1662:S
1659:B
1655:K
1650:}
1646:A
1643:,
1638:B
1635:A
1631:K
1627:{
1603:B
1599:N
1571:B
1567:N
1530:S
1527:A
1523:K
1518:}
1510:S
1507:B
1503:K
1498:}
1489:B
1485:N
1481:,
1478:A
1475:,
1470:B
1467:A
1463:K
1459:{
1456:,
1453:B
1450:,
1445:B
1442:A
1438:K
1434:,
1429:A
1425:N
1421:{
1418::
1415:A
1409:S
1375:S
1372:B
1368:K
1363:}
1354:B
1350:N
1346:,
1343:A
1340:{
1337:,
1332:A
1328:N
1324:,
1321:B
1318:,
1315:A
1308::
1305:S
1299:A
1269:S
1266:B
1262:K
1257:}
1248:B
1244:N
1240:,
1237:A
1234:{
1231::
1228:A
1222:B
1196:A
1193::
1190:B
1184:A
1141:S
1138:B
1134:K
1129:}
1125:A
1122:,
1117:B
1114:A
1110:K
1106:{
1082:B
1079:A
1075:K
1027:B
1024:A
1020:K
1015:}
1011:1
1003:B
999:N
995:{
992::
989:B
983:A
956:B
953:A
949:K
921:B
918:A
914:K
909:}
903:B
899:N
895:{
892::
889:A
883:B
853:S
850:B
846:K
841:}
837:A
834:,
829:B
826:A
822:K
818:{
815::
812:B
806:A
778:S
775:B
771:K
746:B
743:A
739:K
711:S
708:A
704:K
699:}
691:S
688:B
684:K
679:}
675:A
672:,
667:B
664:A
660:K
656:{
653:,
650:B
647:,
642:B
639:A
635:K
631:,
626:A
622:N
618:{
615::
612:A
606:S
574:A
570:N
566:,
563:B
560:,
557:A
550::
547:S
541:A
511:B
491:A
464:B
461:A
457:K
433:B
413:A
387:B
383:N
360:A
356:N
334:S
314:B
291:S
288:B
284:K
261:S
241:A
218:S
215:A
211:K
187:B
167:A
144:S
122:B
100:)
97:A
94:(
Text is available under the Creative Commons Attribution-ShareAlike License. Additional terms may apply.
