Password authentication using public-key cryptography. (English) Zbl 0685.68030
Summary: Password authentication is one of the most common and elementary applications of encryption techniques, and when these authentication services are embedded into the underlying operation system, their security is usually assured. However, there are an increasing number of systems requiring authentication services which are layered on top of a host operating system. In these cases the security of the application system is highly dependent on the security of the password file, and, when operating outside the host operating system, compromises of the password file need to be taken seriously. We propose three different password protection schemes which preserve system security even if the password file is compromised. These schemes are based on the concepts of public-key cryptography: public-key encryption, public-key distribution and quadratic residues. In each scheme the user’s password is effectively bound to the user’s identification, regardless of the state of the password file, in a time-efficient and simple manner. We discuss the special features, degrees of secrecy, advantages and disadvantages for each scheme.
References:
| [1] | Wilkes, M. V., Time-sharing Computing Systems (1975), Elsevier/MacDonald: Elsevier/MacDonald New York · Zbl 0191.46305 |
| [2] | Hwang, T. Y., Password authentication using public-key encryption, (1983 Int. Carnahan Conf. Security Technol.. 1983 Int. Carnahan Conf. Security Technol., Zurich, Switzerland (4-6 Oct. 1983)) |
| [3] | R. L. Rivest, A. Shamir and L. Adleman, A method for obtaining digital signatures and public-key cryptosystems. Commun. ACM21; R. L. Rivest, A. Shamir and L. Adleman, A method for obtaining digital signatures and public-key cryptosystems. Commun. ACM21 · Zbl 0368.94005 |
| [4] | Diffie, W.; Hellman, M., New directions in cryptography, IEEE Trans. Info. Theory, IT-22, 6, 644-654 (1976) · Zbl 0435.94018 |
| [5] | Lipton, R. J., How to cheat at mental poker (Aug. 1979), Comput. Sci. Dept, Univ. of Calif: Comput. Sci. Dept, Univ. of Calif Berkeley, Calif |
| [6] | Purdy, G. B., A high security log-in procedure, Commun. ACM, 17, 8, 442-445 (1974) |
| [7] | Lennon, R. E.; Matyas, S. M.; Meyer, C. H., Cryptographic authentication of time-invariant quantities, IEEE Trans. Commun. Theory, COM-29, 6, 644-654 (1976) |
| [8] | Denning, D. E., Cryptography and Data Security (1982), Addison-Wesley: Addison-Wesley Reading, Mass · Zbl 0573.68001 |
| [9] | Lipton, R. J., An improved power encryption method (Aug. 1979), Comput. Sci. Dept, Univ. of Calif: Comput. Sci. Dept, Univ. of Calif Berkeley, Calif |
This reference list is based on information provided by the publisher or from digital mathematics libraries. Its items are heuristically matched to zbMATH identifiers and may contain data conversion errors. In some cases that data have been complemented/enhanced by data from zbMATH Open. This attempts to reflect the references listed in the original paper as accurately as possible without claiming completeness or a perfect matching.
