authentication and secret key establishment# Security - 系统安全
c*o
1 楼
I have a client/server application need to communicate securely. The client
needs to input username/passwd to access the server and the client knows the
public key of the server (Ku). My two-way authentication and secret key
establishment protocol is as follows:
1. The client sends Ku(username||passwd||N1) to the server. N1 is a random
number generated by the client in this session.
2. The server decrypts the message using the private key and verify the
username/passwd by consulting a database.
needs to input username/passwd to access the server and the client knows the
public key of the server (Ku). My two-way authentication and secret key
establishment protocol is as follows:
1. The client sends Ku(username||passwd||N1) to the server. N1 is a random
number generated by the client in this session.
2. The server decrypts the message using the private key and verify the
username/passwd by consulting a database.