What is Needham Schroeder protocol?

Needham-Schroeder Protocol is a cryptographic protocol designed to establish secure communication between two parties over an insecure network. It was proposed by Roger Needham and Michael Schroeder in 1978 and has since become a fundamental protocol in network security.

Overview

The protocol involves three main entities:

• A trusted server

• Initiator (Alice)

• Responder (Bob)

Its goal is to establish a shared session key between initiator and responder, which can be used for secure communication.

Steps involved

Step 1:

Alice informs the trusted server (S) about her intention to contact Bob. Alice includes her identity (A), Bob's identity (B), and a random nonce (N_i) to identify the session. It's important to note that the server (S) cannot determine if it is indeed Alice or an impersonator.

Step 2:

Upon receiving Alice's request, the trusted server (S) encrypts the message using the shared key K_AS, ensuring that only Alice can read it. Alice recognizes her nonce (N_i) and assumes the response is fresh. She obtains the session key (K_AB) and receives the ticket {K_AB, A}_KBS. However, Alice cannot read or modify the ticket as it is protected by the key K_BS, which Alice cannot decrypt.

Step 3:

Alice forwards the ticket {K_AB, A}_KBS to Bob, allowing him to decrypt the ticket and learn that Alice (A) wishes to establish communication with him. Bob also obtains the session key K_AB.

Step 4:

Bob responds by sending a nonce (N_j) to Alice, encrypted with the session key K_AB. Although Alice is unaware of N_j, she recognizes K_AB as the new session key, indicating that Bob possesses the knowledge of the shared key.

Step 5:

To ensure authenticity, Alice sends a modified nonce (N_j-1) to Bob, encrypted with the new session key K_AB. By knowing that only Alice possesses N_j, Bob confirms the origin of the message. The change from N_j to N_j-1 differentiates messages sent in steps 4 and 5, preventing replay attacks.

Step 6:

Alice and Bob have now established a secure connection and can communicate safely using their session key K_AB.

Limitations

There are some limitations to the Needham-Schroeder protocol.

• It provides no protection for past communications if long-term keys are compromised.

• The protocol is susceptible to replay attacks if an attacker gains access to the shared secret keys and can intercept and replay messages, compromising the integrity of the communication.

• It's reliance on a trusted server creates a central vulnerability.

• It relies on a pre-existing trust relationship with a trusted server.

• It lacks measures to mitigate Denial-of-Service attacks.

Applications

The Needham-Schroeder protocol is utilized in several different applications, including:

• Transport Layer Security (TLS)

• Secure Socket Layers (SSL)

• KerberosA protocol for authenticating service requests between trusted hosts across an untrusted network, such as the internet.

Conclusion

The Needham-Schroeder protocol ensures secure communication and authentication using trusted third parties. It is a crucial component in network security, enabling secure communication over untrusted networks.