Authentication is the process of verifying an asserted identity. Mutual authentication protocols provide for verification of the identities asserted by both sides of a network connection, causing the connection to fail if either side fails the authentication test.
Authentication is the process of verifying an asserted identity. In network terms, the party requesting a connection and the party granting the connection can potentially assert identities. The connection is said to be mutually authenticated when a) the identities of both sides are validated; b) the connection fails if either validation fails.
Single, or one-way authentication
A common example is a connection from a web browser to a banking web site. The user must have assurance that the web site is authentic before entering ID and password credentials. The https protocol compares the URL in the browser to the Common Name or Subject Alternative name in the bank's X.509 certificate. This assures the user that the bank's web site is authentic. However, the user typically is not required to use an X.509 certificate to sign on. Instead, they enter their credentials over the encrypted connection that was established during the HTTPS session setup.
Mutual authentication
A common example of mutual authentication is an employer's VPN that authenticates both the employer and the employee using X.509 certificates. In this example, the employer's VPN server presents its certificate details during the initial handshake so the client can authenticate them. Once this is complete, the client presents its certificate details to the server for verification. When both sides have - mutually - authenticated each other, the connection is complete.
