SSYM'95 Proceedings of the 5th conference on USENIX UNIX Security Symposium - Volume 5
Explicit Communication Revisited: Two New Attacks on Authentication Protocols
IEEE Transactions on Software Engineering
Hi-index | 0.00 |
At the Fourth USENIX Security Conference, we presented a paper on SRA Telnet, which was a simple Diffie-Hellman based system to defeat standard password sniffing, without requiring externally validated keys. Since that time, several projects, such as Secure Telnet (stel), have worked to extend this simple Diffie-Hellman model to add data encryption, larger keys, and resistance to man-in-the-middle attack. Other projects, such as SSL and SSH use validated RSA keys for full authentication. This project uses standard PGP keys as the basis of unified authentication, authorization, and encryption, combining both perfect forward secrecy and strong RSA authentication.