Yahalom (protocol)
Yahalom is an authentication and secure key-sharing protocol designed for use on an insecure network such as the Internet. Yahalom uses a trusted arbitrator to distribute a shared key between two people. This protocol can be considered as an improved version of Wide Mouth Frog protocol, but less secure than the Needham–Schroeder protocol.
Protocol description
If Alice initiates the communication to Bob with S is a server trusted by both parties, the protocol can be specified as follows using security protocol notation:- A and B are identities of Alice and Bob respectively
- is a symmetric key known only to A and S
- is a symmetric key known only to B and S
- and are nonces generated by A and B respectively
- is a symmetric, generated key, which will be the session key of the session between A and B
BAN-Yahalom
Burrows?, Abadi? and Needham proposed a variant of this protocol in their 1989 paper as follows:In 1994, Paul Syverson demonstrated two attacks on this protocol.