Introduction to Identification or Entity Authentication

Objective of Identification Protocol

The outcome of an entity authentication protocol, from the perspective of the verifier, is either acceptance of the claimant's identity as authentic, i.e., completion with acceptance or termination without acceptance, i.e., rejection. The following are the specific objectives of an identification protocol.
 

1. In the case of trustworthy parties A and B, A can successfully authenticate itself to B. Then B will complete the protocol after accepting the identity of A.
    
2. Transferability: Reusing an identification exchange with A is impossible to impersonate A to a third party C successfully.
    
3. Impersonation: The likelihood that any party C, different from A, following the protocol and playing the role of A, will cause B to complete and accept A's identity is negligible. In this context, negligible typically means "so small as to be of no practical significance"; the precise definition depends on the application.

Identification Protocol Basis

Entity authentication techniques can be divided into three main categories based on which of the following is used to secure the entity:

Something Known

Some examples are shared passwords, sometimes used to generate a symmetric key. PINs and secret or private keys whose knowledge is demonstrated in challenge-response protocols.

Something Possessed

This is typically a physical accessory that functions similarly to a passport. Some of the examples are listed below:

• Magnetic-striped cards
   
• Chip cards (like smart cards or 1C cards)
   
• Hand-held customized calculators (password generators).

Something Inherent

Methods that use human physical characteristics and involuntary actions like biometrics, such as handwritten signatures, voice, fingerprints, retinal patterns, hand geometries, and dynamic keyboarding characteristics, fall into this category.

Applications of Identification Protocol 

One of the primary purposes of identification, when an access privilege is linked to a specific identity, is to facilitate access control to a resource, such as:

• Computer accounts can be accessed locally or remotely.
   
• withdrawals from automated teller machines.
   
• permissions to communicate via a communications port.
   
• use of software applications.
   
• physical access to prohibited areas or border crossings.
   

A password scheme used to gain access to a user's computer account is the most basic example of an access control matrix. Each resource has a list of associated identities, e.g., a computer account that authorized entities may access. Successful corroboration of an identity grants access to the authorized resources listed for that entity.

The motivation for identification in many applications, for example, cellular telephony, is to allow the resource usage to be tracked to the identified entities, allowing appropriate billing. Identification is also commonly required in authenticated key establishment protocols.

Properties of Identification Protocol

Identification protocols can have a variety of properties. Users are interested in the following properties:
 

1. Identification reciprocity: One or both parties may confirm their identities to the other. Also, allows for mutual or unilateral identification. Some techniques, like fixed-password schemes, may be vulnerable to an entity impersonating a verifier to obtain a claimant's password.
    
2. Computation Efficiency: The number of operations needed to carry out a protocol.
    
3. Effective communication: Includes the number of passes (message exchanges) and the required bandwidth (total number of bits transmitted).
    
4. Involvement of a third party in real-time: Examples of third parties include an online trusted third party distributing standard symmetric keys to the entities for authentication purposes and an online (untrusted) directory sendee distributing public-key certificates supported by an offline certification authority.
    
5. Trust required in a third party: For example, relying on a third party with access to an entity's private key to correctly authenticate and link the entity's name to a public key.
    
6. Security guarantees: Provable security and zero-knowledge properties are two examples.
    
7. Secrets storage: This includes the location and method of storing critical keying material (e.g., software only, local disks, hardware tokens, etc.).

Frequently Asked Questions

What exactly is entity authentication?

The procedure of assuring the identity of an entity engaging with a system (e.g., to access a resource).

What are the three different kinds of authentication?

There are three authentication factors: Something you know is a password or PIN. Something you have is a token, such as a bank card, and something you are is biometrics, such as fingerprints and voice recognition.

What exactly is an identification protocol?

An identification protocol generally consists of claimant A and verifier B. The verifier is presented with or assumes the claimant's purported identity beforehand. The goal is to confirm that the claimant's identity is indeed A, i.e. A provides entity authentication.

What are the properties of the Identification protocol?

Identification reciprocity, computation efficiency, and effective communication are a few of the main properties of identification protocol.

Conclusions

In this blog, we have learned about Entity authentication or Identification. Also, we learned what the Identification Protocol’s basis, applications and properties are.

If you want to learn more, check out our articles on What is the Rabin Cryptosystem?, Message Authentication Codes in Cryptography, Nested MACs and HMAC in Cryptography, and CBC-MAC in Cryptography.

You can also refer to our guided paths on Coding Ninjas Studio to learn more about DSA, Competitive Programming, JavaScript, System Design, etc. Enrol in our courses and refer to the mock test and problems available. Take a look at the interview experiences and interview bundle for placement preparations.

Happy Learning!