An Attack on the Interlock Protocol When Used for Authentication
Exponential key exchange may be used to establish secure communications between two parties who do not share a private key. It fails in the presence of an active wiretap, however. Davies and Price suggest the use of Shamir and Rivest's "Interlock Protocol" to surmount this difficulty. The authors demonstrate that an active attacker can, at the cost of a timeout alarm, bypass the passwork exchange, and capture the passwords used. Furthermore, if the attack is from a terminal or workstation attempting to contact a computer, the attacker will have access before any alarm can be sounded.
- interlock.pdf application/pdf 111 KB Download File
Also Published In
More About This Work
- Academic Units
- Computer Science
- Published Here
- June 28, 2010
IEEE Transactions on Information Theory, vol. 40, no. 1 (January 1994), pp. 273-275.