An attack on the Interlock Protocol when used for authentication

1 January 1994

journal article
Published by Institute of Electrical and Electronics Engineers (IEEE) in IEEE Transactions on Information Theory

Vol. 40 (1), 273-275
https://doi.org/10.1109/18.272497

Abstract

Exponential key exchange may be used to establish secure communications between two parties who do not share a private key. It fails in the presence of an active wiretap, however. Davies and Price suggest the use of Shamir and Rivest's “Interlock Protocol” to surmount this difficulty. The authors demonstrate that an active attacker can, at the cost of a timeout alarm, bypass the passwork exchange, and capture the passwords used. Furthermore, if the attack is from a terminal or workstation attempting to contact a computer, the attacker will have access before any alarm can be sounded

Keywords

This publication has 9 references indexed in Scilit:

Enhanced McCullagh-Barreto identity-based key exchange protocols with master key forward security
International Journal of Security and Networks, 2010
Encrypted key exchange: password-based protocols secure against dictionary attacks
Published by Institute of Electrical and Electronics Engineers (IEEE) ,2003
Computation of discrete logarithms in prime fields
Designs, Codes and Cryptography, 1991
Protocol failures in cryptosystems
Proceedings of the IEEE, 1988
TheUNIXSystem: UNIXOperating System Security
AT&T Bell Laboratories Technical Journal, 1984
How to expose an eavesdropper
Communications of the ACM, 1984
Protocols for Data Security
Computer, 1983
Password security
Communications of the ACM, 1979
New directions in cryptography
IEEE Transactions on Information Theory, 1976

Cited by 25 articles