Definitions[]
An authentication protocol is
“ | [a] well specified message exchange process that verifies possession of a token to remotely authenticate a claimant. Some authentication protocols also generate cryptographic keys that are used to protect an entire session, so that the data transferred in the session is cryptographically protected.[1] | ” |
“ | [a] defined sequence of messages between a Claimant and a Verifier that demonstrates that the Claimant has possession and control of a valid token to establish his/her identity, and optionally, demonstrates to the Claimant that he or she is communicating with the intended Verifier.[2] | ” |
References[]
- ↑ NIST Special Publication 800-63, at 4.
- ↑ CNSSI 4009, at 9.