Mutual authentication

Schemes that have a mutual authentication step may use different methods of encryption, communication, and verification, but they all share one thing in common: each entity involved in the communication is verified. If Alice wants to communicate with Bob, they will both authenticate the other and verify that it is who they are expecting to communicate with before any data or messages are transmitted. A mutual authentication process that exchanges user IDs may be implemented as follows: • Alice sends a message encrypted with Bob's public key to Bob to show that Alice is a valid user. • Bob verifies the message: • Bob checks the format and timestamp. If either is incorrect or invalid, the session is aborted. • The message is then decrypted with Bob's secret key, giving Alice's ID. • Bob checks if the message matches a valid user. If not, the session is aborted. • Bob sends Alice a message back, encrypted with Alice's public key, to show that Bob is a valid user. • Alice verifies the message: • Alice checks the format and timestamp. If either is incorrect or invalid, the session is aborted. • The message is then decrypted with Alice's secret key, giving Bob's ID. • Alice checks if the message matches a valid user. If not, the session is aborted. • At this point, both parties are verified to be who they claim to be and safe for the other to communicate with. Lastly, Alice and Bob will create a shared secret key so that they can continue communicating in a secure manner. To verify that mutual authentication has occurred successfully, Burrows-Abadi-Needham logic (BAN logic) is a well regarded and widely accepted method to use, because it verifies that a message came from a trustworthy entity. BAN logic first assumes an entity is not to be trusted, and then will verify its legality. == Defenses ==

Mutual authentication supports zero trust networking because it can protect communications against adversarial attacks, ; Replay attack: : A replay attack is similar to a MITM attack in which older messages are replayed out of context to fool the server. However, this does not work against schemes using mutual authentication because timestamps are a verification factor that are used in the protocols. If the change in time is greater than the maximum allowed time delay, the session will be aborted. When each party authenticates the other, they send each other a certificate that only the other party knows how to unscramble, verifying themselves as a trusted source. In this way, adversaries cannot use impersonation attacks because they do not have the correct certificate to act as if they are the other party. Mutual authentication also ensures information integrity because if the parties are verified to be the correct source, then the information received is reliable as well. == mTLS ==

By default the TLS protocol only proves the identity of the server to the client using X.509 certificates, and the authentication of the client to the server is left to the application layer. TLS also offers client-to-server authentication using client-side X.509 authentication. As it requires provisioning of the certificates to the clients and involves a less user-friendly experience, it is rarely used in end-user applications. Mutual TLS authentication (mTLS) is more often used in business-to-business (B2B) applications, where a limited number of programmatic and homogeneous clients are connecting to specific web services, the operational burden is limited, and security requirements are usually much higher as compared to consumer environments. mTLS is also used in microservices-based applications based on runtimes such as Dapr, via systems like SPIFFE. == Lightweight schemes vs. secured schemes ==

While lightweight schemes and secure schemes are not mutually exclusive, adding a mutual authentication step to data transmissions protocols can often increase performance runtime and computational costs. However, the authentication still occurs through insecure channels, so researchers believe it is still important to ensure mutual authentication occurs in order to keep a secure scheme. Schemes may sacrifice a better runtime or storage cost when ensuring mutual authentication in order to prioritize protecting the sensitive data. == Password-based schemes ==

In mutual authentication schemes that require a user's input password as part of the verification process, there is a higher vulnerability to hackers because the password is human-made rather than a computer-generated certificate. While applications could simply require users to use a computer-generated password, it is inconvenient for people to remember. User-made passwords and the ability to change one's password are important for making an application user-friendly, so many schemes work to accommodate the characteristic. Researchers note that a password based protocol with mutual authentication is important because user identities and passwords are still protected, as the messages are only readable to the two parties involved. However, a negative aspect about password-based authentication is that password tables can take up a lot of memory space. Multi-factor authentication Recently, more schemes have higher level authentication than password based schemes. While password-based authentication is considered as "single-factor authentication," schemes are beginning to implement smart card (two-factor) or biometric-based (three-factor) authentication schemes. Smart cards are simpler to implement and easy for authentication, but still have risks of being tampered with. Biometrics have grown more popular over password-based schemes because it is more difficult to copy or guess session keys when using biometrics, but it can be difficult to encrypt noisy data. Due to these security risks and limitations, schemes can still employ mutual authentication regardless of how many authentication factors are added. == Certificate based schemes and system applications ==

Mutual authentication is often found in schemes employed in the Internet of Things (IoT), where physical objects are incorporated into the Internet and can communicate via IP address. Radio frequency identification (RFID) tags are commonly used for object detection, which many manufacturers are implementing into their warehouse systems for automation. This allows for a faster way to keep up with inventory and track objects. However, keeping track of items in a system with RFID tags that transmit data to a cloud server increases the chances of security risks, as there are now more digital elements to keep track of. Instead of considering all tag readers as one entity, only certain readers can read specific tags. With this method, if a reader is breached, it will not affect the whole system. Individual readers will communicate with specific tags during mutual authentication, which runs in constant time as readers use the same private key for the authentication process. Many e-Healthcare systems that remotely monitor patient health data use wireless body area networks (WBAN) that transmit data through radio frequencies. Fog-cloud computing is a networking system that can handle large amounts of data, but still has limitations regarding computational and memory cost. Mobile edge computing (MEC) is considered to be an improved, more lightweight fog-cloud computing networking system, and can be used for medical technology that also revolves around location-based data. Due to the large physical range required of locational tracking, 5G networks can send data to the edge of the cloud to store data. An application like smart watches that track patient health data can be used to call the nearest hospital if the patient shows a negative change in vitals. Fog node networks can be implemented in car automation, keeping data about the car and its surrounding states secure. By authenticating the fog nodes and the vehicle, vehicular handoff becomes a safe process and the car’s system is safe from hackers. Machine to machine verification Many systems that do not require a human user as part of the system also have protocols that mutually authenticate between parties. In unmanned aerial vehicle (UAV) systems, a platform authentication occurs rather than user authentication. Mutual authentication during vehicle communication prevents one vehicle's system from being breached, which can then affect the whole system negatively. For example, a system of drones can be employed for agriculture work and cargo delivery, but if one drone were to be breached, the whole system has the potential to collapse. == External links ==