Mutual Authentication

Why Trust Techopedia

What Does Mutual Authentication Mean?

Mutual authentication is a security process in which both client and server authenticate each other's identities before actual communication occurs.

Advertisements

This authentication process is common in web-based and online applications. This is to ensure that clients are communicating exclusively with legitimate entities or servers and so the servers can be certain that the client attempting access has a legitimate purpose.

Mutual authentication is also known as website-to-user authentication and two-way authentication.

Techopedia Explains Mutual Authentication

Mutual authentication requires that both the server and the client prove their respective identities to each other before performing any communication-related functions.

The identities can be proven using trusted third parties and by using shared secrets or through cryptographic methods like a public key infrastructure.

So in a web-based mutual authentication process, communication can occur only if the client and the server trust each other’s digital certificates. The certificate exchange is done through Transport Layer Security (TLS) protocol.

The core essence of this process is that neither party trusts the other until identities are proven. This simply means that the server must be sure of who the client is and the client must be sure of the server.

This prevents security from being compromised through simple attacks like impersonation.

Advertisements

Related Terms

Margaret Rouse
Editor

Margaret jest nagradzaną technical writerką, nauczycielką i wykładowczynią. Jest znana z tego, że potrafi w prostych słowach pzybliżyć złożone pojęcia techniczne słuchaczom ze świata biznesu. Od dwudziestu lat jej definicje pojęć z dziedziny IT są publikowane przez Que w encyklopedii terminów technologicznych, a także cytowane w artykułach ukazujących się w New York Times, w magazynie Time, USA Today, ZDNet, a także w magazynach PC i Discovery. Margaret dołączyła do zespołu Techopedii w roku 2011. Margaret lubi pomagać znaleźć wspólny język specjalistom ze świata biznesu i IT. W swojej pracy, jak sama mówi, buduje mosty między tymi dwiema domenami, w ten…