# Woo–Lam

In cryptography, **Woo–Lam** refers to various computer network authentication protocols designed by Simon S. Lam and Thomas Woo.^{[1]}^{[2]} The protocols enable two communicating parties to authenticate each other's identity and to exchange session keys, and involve the use of a trusted key distribution center (KDC) to negotiate between the parties. Both symmetric-key and public-key variants have been described. However, the protocols suffer from various security flaws, and in part have been described as being inefficient compared to alternative authentication protocols.^{[3]}

## Public-key protocol

### Notation

The following notation is used to describe the algorithm:

- - network nodes.
- - public key of node .
- - private key of .
- - nonce chosen by .
- - unique identifier of .
- - public-key encryption using key .
- - digital signature using key .
- - random session key chosen by the KDC.
- - concatenation.

It is assumed that all parties know the KDC's public key.

### Message exchange

The original version of the protocol^{[4]} had the identifier omitted from lines 5 and 6, which did not account for the fact that is unique only among nonces generated by A and not by other parties. The protocol was revised after the authors themselves spotted a flaw in the algorithm.^{[1]}^{[3]}

## See also

## References

- 1 2 T.Y.C. Woo, S.S. Lam (March 1992). "Authentication Revisited".
*Computer*. IEEE.**25**(3). doi:10.1109/2.121502. - ↑ Colin Boyd, Anish Mathuria (2003).
*Protocols for authentication and key establishment*. Springer. p. 78 and 99. ISBN 978-3-540-43107-7. - 1 2 Stallings, William (2005).
*Cryptography and Network Security Principles and Practices, Fourth Edition*. Prentice Hall. p. 387. ISBN 0-13-187316-4. - ↑ Thomas Y.C. Woo, Simon S. Lam (January 1992). "Authentication for Distributed Systems".
**25**(1). IEEE: 39–52. doi:10.1109/2.108052.