The identity concept – Entity Authentication

5.1 The identity concept

Let’s recall from Chapter 2, Secure Channel and the CIA Triad that entity authentication is the ability to assure one communicating party – using fresh supporting evidence – of the identity of a second communicating party and to ensure that the second party was actually active when the supporting evidence was generated [117].

But what do we actually mean by the term identity? According to the Merriam-Webster online dictionary, identity is the distinguishing character or personality of an individual as well as the condition of being the same with something described or asserted. In cryptography, identity typically refers to a unique property of a communicating party. This actually can mean a lot of things; it might be the name that can be found in your passport, or the pseudonym you have chosen for yourself when posting on www.dogforums.com. As communicating parties very often involve computers, it might also be the name of a server. In the TLS context, it is most often the Fully Qualified Domain Name (FQDN). So, the term identity can have many different meanings that change from context to context.

Identity plays an important role in cryptography and, in particular, in secure communication. In addition to keeping a message sent by Bob to Alice confidential, Alice needs assurance that this message is indeed from Bob. The following example illustrates why identity verification is important for security.

Imagine that Alice and Bob are two generals besieging Eve’s stronghold. Although Eve is too weak to break the siege, Alice and Bob must act in a coordinated manner if they want to succeed. That is, in order to capture Eve’s stronghold, Alice and Bob must attack simultaneously.

To communicate with each other, Alice and Bob use messengers (after all, the internet will not be invented for the next 500 years or so). The messengers are trustworthy but Alice and Bob do not know each other’s messengers in advance.

To deliver their message, a messenger has to cross a valley controlled by Eve’s army and, therefore, can be captured. If this happens, the genuine messenger is replaced by Eve’s messenger, who delivers a message of Eve’s choice to Alice or Bob. This way, Eve can easily defeat Alice and Bob by faking a message. Namely, if Alice sends Bob a message that they both shall attack at a certain time, and Eve captures the messenger, she can simply replace Alice’s original message with a fake one saying that Alice will attack at a different time. If, instead, Alice’s message tells Bob not to attack yet, Eve can present Bob with a message to attack right away. In both cases, Alice and Bob lose.

This example illustrates that in certain situations, the confidentiality and integrity of the information alone are not sufficient. Alice and Bob need to be sure that the message they are receiving actually originates from the other legitimate party. This means Alice and Bob are in need of the security objective message authentication.

Let’s come back into the present and imagine that Alice and Bob are engaged in some kind of real-time interaction, such as a phone call. But something about Bob’s voice seems strange to Alice. It might just be some atmospheric noise, or could it be that Bob’s phone has been stolen? In this case, Alice wants to verify the identity of the party she is currently interacting with, in other words, she needs entity authentication or, synonymously, identification. For example, she might ask Bob a question that only Bob could answer, such as ”Where did we first meet?” and, based on the answer, decide whether she is really talking to Bob.

Note that in both examples, neither message authentication nor entity authentication directly leads to a secure channel between Alice and Bob. This is because after the authenticity of Alice’s message and the identity of Bob are verified, an attacker might still take over the channel, for example, by pushing Bob away from his phone. In order to get a secure channel, Alice and Bob need to establish a key between them by way of an authenticated key exchange. However, entity authentication forms an important part of authenticated key establishment – after all, you need to be sure with whom you are going to share a secret key.