Session keys are a critical component to the operation of different security solutions. Examine the establishment of session keys such that the session key is incomputable and non-spoofable. You may wish to study systems that rely on: a) A shared secret; b) Authenticated public keys (including Diffie-Hellman); c) A single public key; and d)One time passwords (including Lamport's Hash).
To better understand how these methods are used, study their implementation in various protocols/products such as:
? Kerberos V4
? Kerberos V5
? Secure Socket Layer
Show attacks and defenses to these session key establishment protocols at all levels, including one or both of the communicating machines being compromised.