What is mutual authentication? | Two-way authentication

What is mutual authentication?

Mutual authentication is when two sides of a communications channel verify each other's identity, instead of only one side verifying the other. Mutual authentication is also known as "two-way authentication" because the process goes in both directions.

When someone uses a rideshare app, they usually check the license plate or the description of the vehicle to make sure they are getting into the right car. Once they get in, the driver asks the passenger for their name to confirm they are picking up the right person. The passenger and driver each check that they are interacting with the intended person — so that the driver is providing the correct service, the passenger is in a car going to their destination, and both can confirm they are with someone who has been verified by the rideshare app.

Similarly, mutual authentication verifies both parties in a digital communications channel. For example, a client and a server using mutual authentication take steps to independently verify each other's identity, instead of only the client authenticating the server. Device-to-device connections, like those between Internet of Things (IoT) devices, often use mutual authentication as well.

Mutual authentication is most commonly associated with the Transport Layer Security (TLS) protocol, but it can be used by other protocols and in other contexts too. Learn about mutual TLS.

How does mutual authentication work?

There are three main methods for mutually authenticating the ends of a communications channel:

1. Public key authentication: This method relies on public key encryption. Encryption is the process of scrambling data by use of a key. Public key encryption uses two keys instead of one — a public key and a private key. Data encrypted with the public key is decrypted with the private key, and data encrypted with the private key is decrypted with the public key.

In public key mutual authentication, both sides of the communication advertise a public key, and both have to prove they possess the private key that accompanies their public key — like someone showing a government-issued ID card to verify their name. Each side sends a snippet of data called a "signature" and encrypts that signature with their private key, and the other side decrypts the signature using the public key. If the signature can be decrypted correctly with the public key, then the correct private key was used, and the party that sent the signature is legitimate.

2. Certificate authentication: This approach is similar to public key authentication, except instead of just a public key, both parties have a public key certificate. The certificate contains additional information that helps verify the parties’ identities — including who issued the certificate and public key, whom the certificate applies to, when the certificate expires, and so on. TLS certificates can be used for this type of mutual authentication if both sides have one.

3. Username and password: Despite the name, this method of mutual authentication still uses a certificate on the server side. The server presents a certificate to the client, which verifies the certificate. On the client side, it is just like typical username/password authentication: the client sends its username and password combination to the server, which verifies the credentials.

When is mutual authentication used?

One-way authentication happens all the time on the Internet. Every time someone loads a website that uses HTTPS, their device authenticates the identity of the web server by checking the server's TLS certificate. Another example would be a person signing in to their account on an application — in this case, the application is authenticating the person.

While mutual authentication eliminates some security flaws and makes some types of attacks far more difficult to carry out, it adds more time and computing power to the exchange of information. It also requires some advance setup — both sides of the communication need a set of credentials, a public-private key pair, or a public key certificate (depending on the kind of authentication in use). This makes mutual authentication difficult to implement for the average user, and this is why mutual authentication is not normally a part of TLS when someone is using a web application.

The main use cases for mutual authentication include:

• IoT: Most IoT devices need to connect to a remote server in order to function properly. They may need to connect to other IoT devices as well. IoT devices have to do so over an unsecured network (the Internet). Mutual authentication helps ensure that the data they receive is accurate and from a legitimate source, reducing the chances that an attacker has compromised their connections.
• API security: Authentication ensures that API requests come from a legitimate source. Mutual authentication is one way to make sure that an API is not accepting requests from attackers, and that an API user is not accepting spoofed API responses.
• Zero Trust security: "Zero Trust" is a philosophy that assumes any user or device could present a threat. By requiring both sides of a connection to authenticate, mutual authentication ensures only legitimate users are connected to the network, server, or application. Conversely, users can be sure they have connected to the correct network, server, or application.

What kinds of attacks does mutual authentication help stop?

On-path attacks: In an on-path attack, an attacker is in the middle of a connection between two parties. The attacker intercepts communications in both directions and impersonates the two ends of the conversation to each other. Mutual authentication helps stop this type of attack because the attacker will not be able to authenticate to both ends of the communication.

Spoofing and impersonation: Attackers use these attacks to trick a server or a user into thinking they are a known and trusted party. An attacker could spoof a web server to a user, or vice versa. Such attacks are far more difficult when both sides have to authenticate.

Credential theft: Some forms of mutual authentication are password-based, and these could still be subject to credential theft (when an attacker steals a legitimate user's password). However, since mutual authentication is usually public key based, credential theft is not possible because there are no credentials to steal. This can stop phishing attacks from having an effect.

What protocols support mutual authentication?

These networking protocols either have mutual authentication built in or offer the option to use it:

Secure Shell Protocol (SSH): SSH is a tunneling protocl for securely connecting to a remote server or device. SSH can use either public key authentication or certificate authentication. In other words, it is possible to mutually authenticate in SSH with either a public key or with a public key certificate.

TLS: While TLS does not mutually authenticate both ends of a connection by default, it can be used for this purpose. Mutual TLS (mTLS) is one of the most commonly applied types of mutual authentication. In mTLS, both sides of a connection have a TLS certificate. mTLS is commonly used for API security, IoT security, and Zero Trust security applications.

Does Cloudflare offer mutual authentication?

Mutual authentication is core to several of the Zero Trust security solutions that Cloudflare offers. Cloudflare for Teams, a Zero Trust solution suite for application access control and Internet browsing, offers mTLS for verifying users and devices. Cloudflare API Shield supports mTLS for API authentication and security.