Authentication

Terms and concepts you should know

Paul Krzyzanowski

March 27, 2022

Key exchange and authentication

  • Identification
  • Authentication
  • Authorization
  • Pre-shared key
  • Mutual authentication
  • Trusted third party
  • Session key
  • Security protocol notation
  • Nonce
  • Replay attack
  • Needham-Schroeder protocol
  • Denning-Sacco modification
  • Otway-Rees Protocol
  • Kerberos
    • Authentication Service
    • Ticket Granting Service
    • Ticket
  • Public key authentication

User authentication

  • Factors of authentication
  • Multi-factor authentication
  • Password Authentication Protocol (PAP)
  • Password hashes
  • Dictionary attack
  • Precomputed hashes
  • Salt
  • Password manager
  • Reusable vs. one-time passwords
  • One-time passwords
    • Forms of one-time passwords
    • Sequence-based passwords: S/Key
    • Challenge-based passwords: CHAP
    • Time-based passwords: TOTP
    • Hash-based passwords: HOTP
    • You don’t need to know RSA SecurID, SASL
    • Main-in-the-middle (MitM) attacks
Last modified January 17, 2024.
recycled pixels