Showing papers on "Authentication protocol published in 1985"
Patent•
IBM1
TL;DR: In this paper, the technique of tree authentication is used for offline personal authentication in multi-terminal systems using a secret user PIN, a secret key and other nonsecret data stored on a customer memory card and a nonsecret validation value stored in each terminal connected in a network.
Abstract: A method of offline personal authentication in a multi-terminal system uses a secret user PIN, a secret key and other nonsecret data stored on a customer memory card and a nonsecret validation value stored in each terminal connected in a network. The technique of "tree authentication" is used which employs an authentication tree with an authentication tree function comprising a one-way function. An authentication parameter is calculated as a function of a personal key and a user identifier read from the user's card and the PIN entered by the user. The calculated authentication parameter is mapped to a verification value using the one-way function to the root of the authentication tree. The verification value obtained by mapping the calculated authentication parameter is then compared with a global verification value stored at the terminal. If the comparison is favorable, the system is enabled for the user; otherwise, the user is rejected.
62 citations
22 Apr 1985
TL;DR: The protocol uses an authentication scheme that provides the desired degree of anonymity and authentication and is used to detect active attackers, and to camouflage information that cannot be hidden cryptographically.
Abstract: A problem with conflicting goals of anonymity and authentication is defined and a cryptographic protocol that solves the problem is presented. The protocol uses an authentication scheme that provides the desired degree of anonymity and authentication. Fake transactions are used to detect active attackers, and to camouflage information that cannot be hidden cryptographically.
35 citations
22 Apr 1985
TL;DR: A system which offers an innovative solution to the problem of establishing identities over insecure communications channels through the possession of a personal authentication device and knowledge of a unique PIN number.
Abstract: Passwords have long been used as the most common method for providing user authentication when accessing remote computer systems. However, there are many security problems associated with passwords including their susceptibility to the attacks of eavesdropping, playback, and exhaustive search. This paper describes a system which offers an innovative solution to the problem of establishing identities over insecure communications channels. The system embodies the security concept of a one-time pad because it requires that a different password be used for each access. Through the possession of a personal authentication device (the PassPort) and knowledge of a unique PIN number, an authorized user is able to generate the correct password to be used for each access.
24 citations
18 Aug 1985
TL;DR: A simple model of computation under which to study the meaning of cryptographic protocol and security is developed and back up its contention that the model is reasonable by solving some well known cryptography problems within the framework of the model.
Abstract: We develop a simple model of computation under which to study the meaning of cryptographic protocol and security. We define a protocol as a mathematical object and security as a possible property of this object, Having formalized the concept of a secure protocol we study its general properties. We back up our contention that the model is reasonable by solving some well known cryptography problems within the framework of the model.
20 citations
TL;DR: Girling's strategy for one-time keywords for authentication forwarding is combined with a proxy login mechanism to obtain a reliable method for network authentication that does not depend on the transmission of passwords.
Abstract: This paper proposes a new mechanism for authentication and discretionary access control in networks with decentralized control. Girling's strategy for one-time keywords for authentication forwarding is combined with a proxy login mechanism to obtain a reliable method for network authentication that does not depend on the transmission of passwords. The authentication mechanism is used as the basis for a scheme for network-wide access control lists allowing a user to grant access rights to any other user in a network. These proposals are described in the context of the Digital Network Architecture (DNA), but are in fact applicable to any packet switched network.
18 citations
TL;DR: A technique to allow long password-phrases that makes an exhaustive search impracticable is presented, and a solution to eavesdropping problems using public-key cryptography is proposed.
Abstract: Due to the increasing value of information being stored in computers, it is important that unforgeable user authentication policies are implemented. Existing password authentication schemes, threats and counter-measures are described. A solution to eavesdropping problems using public-key cryptography is proposed. A technique to allow long password-phrases that makes an exhaustive search impracticable is presented.
14 citations
TL;DR: In the last chapter, the authors discussed the data integrity threats and the use of hashing technique to detect if any modification attacks have taken place on the data.
Abstract: In the last chapter, we discussed the data integrity threats and the use of hashing technique to detect if any modification attacks have taken place on the data. Another type of threat that exist for data is the lack of message authentication. In this threat, the user is not sure about the originator of the message. Message authentication can be provided using the cryptographic techniques that use secret keys as done in case of encryption. Message Authentication Code MAC MAC algorithm is a symmetric key cryptographic technique to provide message authentication. For establishing MAC process, the sender and receiver share a symmetric key K. Essentially, a MAC is an encrypted checksum generated on the underlying message that is sent along with a message to ensure message authentication. The process of using MAC for authentication is depicted in the following illustration −