A user authentication scheme not requiring secrecy in the computer

Subscribe (Full Service)


	Search: The ACM Digital Library The Guide

	Feedback

A user authentication scheme not requiring secrecy in the computer

Full text

Pdf (592 KB)

Source

Communications of the ACM archive
Volume 17 , Issue 8 (August 1974) table of contents

Pages: 437 - 442

Year of Publication: 1974

ISSN:0001-0782

Authors

Arthur Evans, Jr.	M.I.T. Lincoln Lab, Lexington, MA
William Kantrowitz	M.I.T. Lincoln Lab, Lexington, MA
Edwin Weiss	Boston Univ., Boston, MA

Publisher

ACM New York, NY, USA

Bibliometrics

Downloads (6 Weeks): 8, Downloads (12 Months): 73, Citation Count: 25

Additional Information:

abstract references cited by index terms collaborative colleagues

Tools and Actions:	Request Permissions Review this Article Save this Article to a Binder Display Formats: BibTeX EndNote ACM Ref

DOI Bookmark:	Use this link to bookmark this Article: http://doi.acm.org/10.1145/361082.361087 What is a DOI?

ABSTRACT

In many computer operating systems a user authenticates himself by entering a secret password known solely to himself and the system. The system compares this password with one recorded in a Password Table which is available to only the authentication program. The integrity of the system depends on keeping the table secret. In this paper a password scheme is presented which does not require secrecy in the computer. All aspects of the system, including all relevant code and data bases, may be known by anyone attempting to intrude. The scheme is based on using a function H which the would-be intruder is unable to invert. This function is applied to the user's password and the result compared to a table entry, a match being interpreted as authentication of the user. The intruder may know all about H and have access to the table, but he can penetrate the system only if he can invert H to determine an input that produces a given output. This paper discusses issues surrounding selection of a suitable H. Two different plausible arguments are given that penetration would be exceedingly difficult, and it is then argued that more rigorous results are unlikely. Finally, some human engineering problems relating to the scheme are discussed.

REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	Feistel, Horst. Cryptographic coding tbr data-bank privacy. Res. Rept. RC-2827. T. J. Watson Res. Lab., IBM, 1970.
	2	Feistel, Horst. Cryptography and computer privacy. Scientific American 228 (May 1973), 15-23.
	3	Kahn, David. The Code Breakers. Macmillan, New York, 1967.
	4	Donald E. Knuth, The art of computer programming, volume 2 (3rd ed.): seminumerical algorithms, Addison-Wesley Longman Publishing Co., Inc., Boston, MA, 1997
	5	Purdy, George. Security code. U. of Illinois, Center for Advanced Computation, 1973.
	6	Shannon, Claude E. Communication theory of secrecy systems. Bell System Technical J. 28 (1949), 656-715.
	7	J. L. Smith , W. A. Notz , P. R. Osseck, An experimental application of cryptography to a remotely accessed data system, Proceedings of the ACM annual conference, August 01-01, 1972, Boston, Massachusetts, United States [doi>10.1145/800193.569930]
	8	M. V. Wilkes, Time Sharing Computer Systems, Elsevier Science Inc., New York, NY, 1975

CITED BY 25

	Dorothy E. Denning , Peter J. Denning, Data Security, ACM Computing Surveys (CSUR), v.11 n.3, p.227-249, Sept. 1979
	C. Leung, Some Open Problems In Cryptography, Proceedings of the 1978 annual conference, p.471-475, December 04-06, 1978, Washington, D.C., United States
	Robert P. Trueblood , H. Rex Hartson , Johannes J. Martin, MULTISAFE—a modular multiprocessing approach to secure database management, ACM Transactions on Database Systems (TODS), v.8 n.3, p.382-409, Sept. 1983
	Gregory R. Andrews, Partitions and principles for secure operating systems, Proceedings of the 1975 annual conference, p.177-180, January 1975
	Leslie Lamport, Password authentication with insecure communication, Communications of the ACM, v.24 n.11, p.770-772, Nov. 1981
	R. S. Sandhu, On some cryptographic solutions for access control in a tree hierarchy, Proceedings of the 1987 Fall Joint Computer Conference on Exploring technology: today and tomorrow, p.405-410, December 1987, Dallas, Texas, United States
	Chun-I Fan , Chin-Laung Lei, An unlinkably divisible and intention attachable ticket scheme for runoff elections, Journal of Network and Computer Applications, v.25 n.2, p.93-107, April 2002
	Jason Gait, Easy entry: the password encryption problem, ACM SIGOPS Operating Systems Review, v.12 n.3, p.54-60, July 1978
	H. Rex Hartson , David K. Hsiao, Full protection specifications in the semantic model for database protection languages, Proceedings of the annual conference, p.90-95, October 20-22, 1976, Houston, Texas, United States
	C. H. Meyer , S. M. Matyas, Some cryptographic principles of authentication in electronic funds transfer systems, ACM SIGCOMM Computer Communication Review, v.11 n.4, p.73-88, October 1981
	Andrew S. Tanenbaum , Robbert van Renesse , Hans van Staveren , Gregory J. Sharp , Sape J. Mullender, Experiences with the Amoeba distributed operating system, Communications of the ACM, v.33 n.12, p.46-63, Dec. 1990
	Gustavus J. Simmons, Symmetric and Asymmetric Encryption, ACM Computing Surveys (CSUR), v.11 n.4, p.305-330, Dec. 1979
	Gerald J. Popek , Charles S. Kline, Encryption and Secure Computer Networks, ACM Computing Surveys (CSUR), v.11 n.4, p.331-356, Dec. 1979
	Kamaljit Singh, On improvements to password security, ACM SIGOPS Operating Systems Review, v.19 n.1, p.53-60, January 1985
	V L Chung , C S McDonald, The development of a distributed capability system for VLOS, Australian Computer Science Communications, v.24 n.3, p.57-64, January-February 2002
	David Lipton, Logical authentication method, ACM SIGSAC Review, v.4 n.2, p.9-20, Spring 1986
	I-En Liao , Cheng-Chi Lee , Min-Shiang Hwang, A password authentication scheme over insecure networks, Journal of Computer and System Sciences, v.72 n.4, p.727-740, June 2006
	Ting-Fang Cheng , Jung-San Lee , Chin-Chen Chang, Security enhancement of an IC-card-based remote login mechanism, Computer Networks: The International Journal of Computer and Telecommunications Networking, v.51 n.9, p.2280-2287, June, 2007
	Marc Joye , Sung-Ming Yen, ID-based secret-key cryptography, ACM SIGOPS Operating Systems Review, v.32 n.4, p.33-39, Oct. 1998
	Norman R. Nielsen, Computers, security, and the audit function, Proceedings of the May 19-22, 1975, national computer conference and exposition, May 19-22, 1975, Anaheim, California
	Tzung-Her Chen , Gwoboa Horng , Chuan-Sheng Yang, Public Key Authentication Schemes for Local Area Networks, Informatica, v.19 n.1, p.3-16, January 2008
	Charles R. Young, A security policy for a profile-oriented operating system, Proceedings of the May 4-7, 1981, national computer conference, May 04-07, 1981, Chicago, Illinois
	Helen M. Wood, The use of passwords for controlling access to remote computer systems and services, Proceedings of the June 13-16, 1977, national computer conference, June 13-16, 1977, Dallas, Texas
	Whitfield Diffie , Martin E. Hellman, Multiuser cryptographic techniques, Proceedings of the June 7-10, 1976, national computer conference and exposition, June 07-10, 1976, New York, New York
	Iuon-Chang Lin , Chin-Chen Chang, A countable and time-bound password-based user authentication scheme for the applications of electronic commerce, Information Sciences: an International Journal, v.179 n.9, p.1269-1277, April, 2009