One of Needham and Schroeder's proposed signature authentication protocols is shown to fail when there is a possibility of compromised keys: this invalidates one of the applications of their technique. A more elaborate mechanism is proposed which does not require a network clock, but does require a third party to the transaction. The latter approach is shown to be reliable in a fairly strong sense.
Authentication of signatures using public key encryption
The Latest from CACM
Shape the Future of Computing
ACM encourages its members to take a direct hand in shaping the future of the association. There are more ways than ever to get involved.
Get InvolvedCommunications of the ACM (CACM) is now a fully Open Access publication.
By opening CACM to the world, we hope to increase engagement among the broader computer science community and encourage non-members to discover the rich resources ACM has to offer.
Learn More
Join the Discussion (0)
Become a Member or Sign In to Post a Comment