Back-to-Basics Weekend Reading - Using Encryption for Authentication
Now that I am enjoying some time in Seattle with real weekends, I like to remind you that my reading list is called back-to-basics. My goal with reading these papers is that by revisiting the original problems systems researchers were trying to solve you get a much better understanding of the challenges we are often still faced with today. That means that many papers on these papers are “old”, as I was recently told, even published before some of you were born :-).
That might definitely be the case with this famous Needham - Schroeder paper from 1978. Roger Needham and Mike Schroeder were some of the first researchers to tackle the problem of secure communication over insecure networks; their protocols deal with how to authenticate both parties and how to establish a secure channel between the parties. All of this is a world that is large enough to make centralized authentication impractical. Doesn’t sound to different from some challenges we are still being faced with today, does it?
Using Encryption for Authentication in Large Networks of Computers, Roger M. Needham and Michael D. Schroeder, Communications of the ACM 21(12), December 1978, pp.993-998.