Entity authentication provides confidence in the claimed identity of a peer entity, but the manner in which this goal is achieved results in different types of authentication. An important factor in this regard is the order between authentication and the execution of the associated session. In this paper, we consider the case of post-session authentication, where parties authenticate each other at the end of their interactive session. This use of authentication is different from session-less authentication (e.g., in RFID) and pre-session authentication (e.g., for access control.) Post-session authentication, although a new term, is not a new concept; it is the basis of at least a few practical schemes. We, for the first time, systematically study it and present the underlying authentication model. Further, we show that an important class of problems is solvable using post-session authentication as the only setup assumption. We hope post-session authentication can be used to devise new strategies for building trust among strangers.
|Title of host publication||Trust Management VI : 6th IFIP WG 11.11 International Conference, IFIPTM 2012, Surat, India, May 21-25, 2012. Proceedings|
|Publication status||Published - 2012|
|Event||6th IFIP WG 11.11 International Conference on Trust Management (IFIPTM 2012) - Surat, India|
Duration: 21 May 2012 → 25 May 2012
|Conference||6th IFIP WG 11.11 International Conference on Trust Management (IFIPTM 2012)|
|Period||21/05/2012 → 25/05/2012|
|Series||IFIP AICT - Advances in Information and Communication technology|