Abstract
Purchase PDF (404 K)
E-mail Article
Add to my Quick Links
Cited By in Scopus (0)
Purchase PDF (261 K)
doi:10.1016/S0020-0190(97)00072-0 
Copyright © 1997 Published by Elsevier Science B.V.
On the Clark-Jacob version of SPLICE/AS
James W. Gray, III 
, 1
Received 7 May 1996;
References and further reading may be available for this article. To view references and further reading you must purchase this article.
Abstract
SPLICE/AS is an authentication system for large-scale distributed systems. Two distinct flaws have been discovered in SPLICE/AS — the most recent by Clark and Jacob. In addition to pointing out the flaw, Clark and Jacob propose a modification. We show the Clark-Jacob version is still flawed by describing an attack that can be carried out under certain assumptions. We argue that the underlying reason for the flaw is that the Clark-Jacob version and its predecessors are not using the appropriate cryptographic tool (namely a digital signature) for authentication. We also propose a new protocol.
Author Keywords: Authentication protocols; Cryptography; Distributed systems; Encryption/decryption; Key distribution; Security in digital systems
