S. Yamaguchi, K. Okayama, and H. Miyahara. Design and implementation of an authentication system in WIDE Internet environment. In Proc. 10th IEEE Region Conf. on Computer and Communication Systems, 1990.  Home/Search   Document Not in Database   Summary   Related Articles   Check

....b and the nonce N a , so we remove the former. This gives us the following protocol: Message 1: A B : A; fN a ; B; X a ; fY a gK b g K Gamma1 a Message 2: B A : B; fN b ; A; N a ; X b ; fY b gKa g K Gamma1 b Message 3: A B : A; fB; N b g K Gamma1 a . 5 The SPLICE AS Protocol In [YOM90], the following protocol was suggested, which aims to provide each of A and B with the other s public key, and to establish mutual authentication: Message 1: A S : A; B; N a Message 2: S A : S; fS; A; N a ; K b g K Gamma1 s Message 3: A B : A; B; fA; T a ; L; fN 0 a gK b g K ....

S. Yamaguchi, K. Okayama, and H. Miyahara. Design and implementation of an authentication system in WIDE Internet environment. In Proc. 10th IEEE Region Conf. on Computer and Communication Systems, 1990.

....encryption mechanism which are in wide use are not suitable for this algorithm. Descriptions of protocols should be complete: they should give the necessary properties of the encryption mechanism. We discuss this further in Section 2. Hwang and Chen examined the SPLICE AS authentication protocol [6] and found two attacks [2] Again they describe a modification to the protocol. Unfortunately, the protocol is still flawed, and the flaw is independent of the encryption mechanism. We discuss this in Section 3. The notation we use for describing protocols is that which is standard in the ....

S. Yamaguchi, K. Okayama, and H. Miyahara. Design and Implementation of an Authentication System in WIDE Internet Environment. In Proceedings of the 10th Regional Conference on Computers and Communication Systems, 1990.

.... example: the attack on the BAN version of the Yahalom protocol [BAN89] described by Syverson in [Syv94] and my attack on the Woo and Lam mutual authentication protocol [WL94] in [Low96c] Other attacks are due to more blatant errors; for example, Hwang and Chen s attack on the SPLICE protocol [YOM90] in [HC95] which exploits the fact that key delivery messages (from a key server) do not include the identity of the agent whose key is being delivered. Closely related to the notion of aliveness is the case where, when A completes a run of the protocol, apparently with B, then B has previously ....

S. Yamaguchi, K. Okayama, and H. Miyahara. Design and implementation of an authentication system in WIDE Internet environment. In Proc. 10th IEEE Region Conf. on Computer and Communication Systems, 1990.

....public key at the key server. Protocols for public key distribution have appeared in the literature several times, sometimes flawed and sometimes unflawed. For example, the public key distribution protocols of Needham and Schroeder [NS78] Meyer and Matyas [MM82, Fig. 11 32] and Yamaguchi, et al. [YOM90] have known flaws (and do not satisfy our definition of a secure RRP, given below) Denning and Sacco s public key distribution protocol [DS81, x III.A] has no known flaws, but makes use of timestamps and thereby depends on synchronized clocks. Reasoning about timestamp based protocols within the ....

Suguru Yamaguchi, Kiyohiko Okayama, and Hideo Miyahara. Design and implementation of an authentication system in WIDE internet environment. In Proceedings of the IEEE Region 10 Conference on Computer and Communication Systems, pages 653--657, Hong Kong, September 1990.

....can be accomplished by deleting or updating the principal s key at the key server. Protocols for public key distribution have appeared in the literature several times, sometimes flawed and sometimes unflawed. For example, the public key distribution protocols of [15] 14, Fig. 11 32] and [22] have known flaws (and do not satisfy our definition of a secure RRP, given below) Denning and Sacco s public key distribution protocol [7, x III.A] has no known flaws, but makes use of timestamps and thereby depends on synchronized clocks. Reasoning about timestamp based protocols within the ....

S. Yamaguchi, K. Okayama, and H. Miyahara. Design and implementation of an authentication system in WIDE internet environment. In Proceedings of the IEEE Region 10 Conference on Computer and Communication Systems, pages 653--657, Hong Kong, Sept. 1990.

....to tell who is the intended recipient of the encrypted components. Similar flaws have been the cause of numerous attacks on other protocols, for example: the attack on the CCITT X. 509 in [6] the attack on the Denning Sacco protocol [9] reported in [1, 2] two attacks on the SPLICE protocol [31] reported in [12] and [7] and the attack on the Needham Schroeder Public Key Protocol [20, 6] in [16, 17] This is also the cause of the original attack on the Neumann Stubblebine protocol [21] presented in [13] which is also an attack on KSL. These weaknesses represent violations of principle 3 ....

S. Yamaguchi, K. Okayama, and H. Miyahara. Design and implementation of an authentication system in WIDE Internet environment. In Proc. 10th IEEE Region Conf. on Computer and Communication Systems, 1990.

....to tell who is the intended recipient of the encrypted components. Similar flaws have been the cause of numerous attacks on other protocols, for example: the attack on the CCITT X. 509 in [7] the attack on the Denning Sacco protocol [10] reported in [1, 2] two attacks on the SPLICE protocol [33] reported in [13] and [8] and the attack on the NeedhamSchroeder Public Key Protocol [22, 7] in [18, 19] This is also the cause of the original attack on the Neumann Stubblebine protocol [23] presented in [14] which is also an attack on KSL. These weaknesses represent violations of principle 3 ....

S. Yamaguchi, K. Okayama, and H. Miyahara. Design and implementation of an authentication system in WIDE Internet environment. In Proc. 10th IEEE Region Conf. on Computer and Communication Systems, 1990.

.... attacks an agent A by using a second run of a protocol with the same agent A, so as to use the second run as an oracle; for example the attack on the BAN version of the Yahalom protocol [3] in [24] Other attacks are due to more blatant errors; for example, the attack on the SPLICE protocol [25] in [9] which exploits the fact that key delivery messages (from a key server) do not include the identity of the agent whose key is being delivered. Closely related to the notion of aliveness is the case where, when A completes a run of the protocol, apparently with B, then B has previously been ....

S. Yamaguchi, K. Okayama, and H. Miyahara. Design and implementation of an authentication system in WIDE Internet environment. In Proc. 10th IEEE Region Conf. on Computer and Communication Systems, 1990.

....We also propose a new protocol. Keywords: Authentication Protocols; Cryptography; Distributed Systems; Encryption decryption; Key Distribution; Security in Digital Systems; 1 Background Yamaguchi, et al. describe an authentication mechanism for large scale distributed systems called SPLICE AS [7]. Central to their design is a protocol for distributing public keys and authenticating principals (viz, clients and servers) The protocol Supported by grant HKUST 608 94E from the Hong Kong Research Grants Council. can be divided into two parts the key distribution part and the ....

Suguru Yamaguchi, Kiyohiko Okayama, and Hideo Miyahara. Design and implementation of an authentication system in WIDE internet environment. In Proceedings of the IEEE Region 10 Conference on Computer and Communication Systems, pages 653--657, Hong Kong, September 1990.

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC