Woo–Lam Explained

In cryptography, Woo–Lam refers to various computer network authentication protocols designed by Simon S. Lam and Thomas Woo.^[1] The protocols enable two communicating parties to authenticate each other's identity and to exchange session keys, and involve the use of a trusted key distribution center (KDC) to negotiate between the parties. Both symmetric-key and public-key variants have been described. However, the protocols suffer from various security flaws, and in part have been described as being inefficient compared to alternative authentication protocols.^[2]

Public-key protocol

Notation

The following notation is used to describe the algorithm:

- network nodes. - public key of node . - private key of . - nonce chosen by . - unique identifier of . - public-key encryption using key . - digital signature using key . - random session key chosen by the KDC. - concatenation.

It is assumed that all parties know the KDC's public key.

Message exchange

The original version of the protocol^[3] had the identifier

omitted from lines 5 and 6, which did not account for the fact that is unique only among nonces generated by A and not by other parties. The protocol was revised after the authors themselves spotted a flaw in the algorithm.^{[4] [2]}

See also

• Kerberos
• Needham–Schroeder protocol
• Otway–Rees protocol

Notes and References

1. Book: Colin Boyd . Anish Mathuria . Protocols for authentication and key establishment. limited. 2003. Springer. 978-3-540-43107-7. 78 and 99.
2. Book: Stallings, William. Cryptography and Network Security Principles and Practices, Fourth Edition. 2005. Prentice Hall. 978-0-13-187316-2. 387.
3. Thomas Y.C. Woo . Simon S. Lam . Authentication for Distributed Systems. Computer. January 1992. 25. 1. 39–52. 10.1109/2.108052. 10.1.1.38.9374.
4. T.Y.C. Woo . S.S. Lam . Authentication Revisited. Computer. March 1992. 25. 3. 10. 10.1109/2.121502.