Title :
An attack on the Interlock Protocol when used for authentication
Author :
Bellovin, Steven M. ; Merritt, Michael
Author_Institution :
AT&T Bell Labs., Murray Hill, NJ, USA
fDate :
1/1/1994 12:00:00 AM
Abstract :
Exponential key exchange may be used to establish secure communications between two parties who do not share a private key. It fails in the presence of an active wiretap, however. Davies and Price suggest the use of Shamir and Rivest´s “Interlock Protocol” to surmount this difficulty. The authors demonstrate that an active attacker can, at the cost of a timeout alarm, bypass the passwork exchange, and capture the passwords used. Furthermore, if the attack is from a terminal or workstation attempting to contact a computer, the attacker will have access before any alarm can be sounded
Keywords :
cryptography; protocols; public key cryptography; Interlock Protocol; active wiretap; authentication; exponential key exchange; passwork exchange bypass; public key cryptosystem; timeout alarm; Authentication; Computer science; Decoding; Lattices; Linear code; Notice of Violation; Protocols; Public key cryptography; Security; Vectors;
Journal_Title :
Information Theory, IEEE Transactions on
