In cryptography, Woo–Lam refers to various computer network authentication protocols designed by Simon S. Lam and Thomas Woo.
[1][2] The protocols enable two communicating parties to authenticate each other's identity and to exchange session keys, and involve the use of a trusted key distribution center (KDC) to negotiate between the parties.
However, the protocols suffer from various security flaws, and in part have been described as being inefficient compared to alternative authentication protocols.
[3] The following notation is used to describe the algorithm: It is assumed that all parties know the KDC's public key.
The protocol was revised after the authors themselves spotted a flaw in the algorithm.