Secure communications with an asymptotic secrecy model
Knowledge-Based Systems
SSL/TLS session-aware user authentication - Or how to effectively thwart the man-in-the-middle
Computer Communications
Hi-index | 754.84 |
Exponential key exchange may be used to establish secure communications between two parties who do not share a private key. It fails in the presence of an active wiretap, however. Davies and Price suggest the use of Shamir and Rivest's “Interlock Protocol” to surmount this difficulty. The authors demonstrate that an active attacker can, at the cost of a timeout alarm, bypass the passwork exchange, and capture the passwords used. Furthermore, if the attack is from a terminal or workstation attempting to contact a computer, the attacker will have access before any alarm can be sounded