Wide Mouth Frog
|
Wide Mouth Frog is a computer network authentication protocol designed for use on insecure networks (the Internet for example). It allows individuals communicating over a network to prove their identity to each other while also preventing evesdropping or replay attacks, and provides for detection of modification and the prevention of unauthorized reading.
The protocol can be specified as follows in security protocol notation, where Alice is authenticating herself to Bob using a server S:
<math>A \rightarrow S: A,\{T_A, K_{AB}, B\}_{K_{AS}}<math>
<math>S \rightarrow B: \{T_S, K_{AB}, A\}_{K_{BS}}<math>
The protocol has several problems
- a global clock is required
- the server has access to all keys
- the value of the shared key between A and B is completely determined by A.
- See also: Kerberos, Otway-Rees, Needham-Schroeder.