The Neuman–Stubblebine protocol is a computer network authentication protocol designed for use on insecure networks (e.g., the Internet).
It allows individuals communicating over such a network to prove their identity to each other.
This protocol utilizes time stamps, but does not depend on synchronized clocks.
If Alice (A) initiates the communication to Bob (B) with S is a server trusted by both parties, the protocol can be specified as follows using security protocol notation:
Alice forwards the message and verifies
Bob will verify
have not changed when he receives the message.
An advantage provided by this protocol is that Alice can utilize the trusted Server's message to initiate authentication with Bob within some predetermined time limit without utilizing the trusted Server.
The protocol proceeds as follows using the same definitions as above.
Using the theorem prover SPASS it has been shown that this protocol can be attacked.
[1] This attack and two more from [2] are outlined in [1].
Schneier, Bruce (1996), Applied Cryptography, John Wiley & Sons, pp.