Entity Authentication


Entity Authentication is the Authentication of an entity

Some Definitions#

Entity Authentication is defined in the ISO Security Architecture as: 'the corroboration that an entity is the one claimed'

Handbook of Applied Cryptography[1] has definition is given as: "Entity Authentication is the process whereby one party is assured (through acquisition of corroborative evidence) of the identity of a second party involved in a protocol, and that the second has actually participated (i.e., is active at, or immediately prior to, the time the evidence is acquired)."

Entity Authentication contrasted to Message Authentication [1]#

A major difference between entity authentication and message authentication (as provided by digital signatures or MACs) is that message authentication itself provides no timeliness guarantees with respect to when a message was created, whereas entity authentication involves corroboration of a claimant’s identity through actual communications with an associated verifier during execution of the protocol itself (i.e., in real-time, while the verifying entity awaits).

Conversely, entity authentication typically involves no meaningful message other than the claim of being a particular entity, whereas Message Authentication does.

More Information#

There might be more information for this subject on one of the following: