Definitions[edit | edit source]

An authentication protocol is

[a] well specified message exchange process that verifies possession of a token to remotely authenticate a claimant. Some authentication protocols also generate cryptographic keys that are used to protect an entire session, so that the data transferred in the session is cryptographically protected.[1]
[a] defined sequence of messages between a Claimant and a Verifier that demonstrates that the Claimant has possession and control of a valid token to establish his/her identity, and optionally, demonstrates to the Claimant that he or she is communicating with the intended Verifier.[2]

References[edit | edit source]

Community content is available under CC-BY-SA unless otherwise noted.