Yahalom is an authentication and secure key-sharing protocol designed for use on an insecure network such as the Internet.
Yahalom uses a trusted arbitrator to distribute a shared key between two people.
This protocol can be considered as an improved version of Wide Mouth Frog protocol (with additional protection against man-in-the-middle attack), but less secure than the Needham–Schroeder protocol.
If Alice (A) initiates the communication to Bob (B) with S is a server trusted by both parties, the protocol can be specified as follows using security protocol notation:
{\displaystyle B\rightarrow S:B,\{A,N_{A},N_{B}\}_{K_{BS}}}
{\displaystyle S\rightarrow A:\{B,K_{AB},N_{A},N_{B}\}_{K_{AS}},\{A,K_{AB}\}_{K_{BS}}}
{\displaystyle A\rightarrow B:\{A,K_{AB}\}_{K_{BS}},\{N_{B}\}_{K_{AB}}}
Burrows, Abadi and Needham proposed a variant of this protocol in their 1989 paper as follows:[1]
{\displaystyle S\rightarrow A:N_{B},\{B,K_{AB},N_{A}\}_{K_{AS}},\{A,K_{AB},N_{B}\}_{K_{BS}}}
{\displaystyle A\rightarrow B:\{A,K_{AB},N_{B}\}_{K_{BS}},\{N_{B}\}_{K_{AB}}}
In 1994, Paul Syverson demonstrated two attacks on this protocol.
[1] This cryptography-related article is a stub.
You can help Wikipedia by expanding it.