Entity authentication goes further than verifying passwords. This session focuses on the properties of various authentication factors and protocols, including securely establishing cryptographic keys.
Abstract Entity authentication is about providing proof related to an identity. The most straightforward example of entity authentication is a password. Passwords are a vulnerable, but cheap and convenient way of authenticating an entity. However, in today’s reality, passwords on their own are not enough.
That's where authentication protocols and key establishment protocols come into the picture. In this session, we dive deep into entity authentication. We discuss common authentication factors, such as smart cards, tokens or biometrics. These authentication factors play an important role in deploying multifactor authentication schemes. We investigate the use of authentication servers and authentication protocols. Finally, we analyze the challenges faced by key establishment protocols.
This session is intended for anyone building, designing or securing applications.