Hi folks, Ed Amorosa here.

What I want to do in this video,

is I want to take you through the basics of the authentication

protocol between Alice and Bob, where Alice is the client, Bob is the server.

Alice is reporting her identity to Bob and Bob is going to try to authenticate.

Fair enough?

So that's what we're going to do.

The first step in every authentication involves

Alice reporting an identity to Bob.

It's called the identification step.

A lot of times, we just say it's like hi, Bob, I'm Alice.

And it might be reporting a user ID, an email, a mobile number, whatever it is.

And we've said previously, whether that identifier is secret or

not is kind of contextual.

It may or may not be a secret.

Probably not, but it could be.

So let's assume that first step I say, hi, I'm Alice.

In the second step, Bob then goes back to Alice with a challenge.

So step two is this challenge step where Bob says,

hey, all right, prove it please, tell me who are you, prove it.

You say you're Alice, I need to validate that, so provide some proof and

that challenge step is so fundamental to the whole concept of authentication.

Because that's what we're doing here, we're asking you to validate, so

that's the second step.

The third step are unusual, rather than sort of providing the answer in step

three, we're going to call out a computation step,

where you actually creating or deriving or doing something to establish the proof.

Now, it could be a simple as you looking up your password in your brain, but

it could be something more, there could be some puzzle that you're doing,

there could be some operation you have to do.

Again, you're being challenged and now you're computing the response.

And again, it could be as simple as just looking up your password.

So that's the third step.

Fourth step is the response, that's where I provide back.

Alice provides to Bob the response, the proof.

You said prove it, I looked it up at this computation, and

now I'm going to supply it back to you.

Now Steps two and four have a very special relationship because it's a challenge and

it's a response.

And a lot of times, we refer to an authentication as a challenge-response

activity, the kind of foundational nature of those two steps.

So that's step four.