Title :
Explicit communication revisited: two new attacks on authentication protocols
Author_Institution :
Syst. Res. Center, Digital Equipment Corp., Palo Alto, CA, USA
fDate :
3/1/1997 12:00:00 AM
Abstract :
SSH and AKA are recent, practical protocols for secure connections over an otherwise unprotected network. The paper shows that, despite the use of public-key cryptography, SSH and AKA do not provide authentication as intended. The flaws of SSH and AKA can be viewed as the result of their disregarding a basic principle for the design of sound authentication protocols: the principle that messages should be explicit
Keywords :
computer networks; message authentication; protocols; public key cryptography; software engineering; AKA protocol; SSH protocol; authentication protocols; explicit communication; explicit messages; public key cryptography; secure connections; sound authentication protocol design; unprotected network; Authentication; Cryptographic protocols; Displays; Internet; Knowledge based systems; Protection; Public key; Public key cryptography; Terminology; Web server;
Journal_Title :
Software Engineering, IEEE Transactions on
