Leslie Lamport, Password Authentication with Insecure Communication, Communications of the ACM, vol. 24(11), 1981, pp. 770-772.  Home/Search   Document Not in Database   Summary   Related Articles   Check

....efficient hash tree authentication mechanism. Authenticating a sequence of values efficiently is an important primitive used in many security protocols. One way hash chains are predominantly used for this purpose. One of the first uses of one way hash chains was for one time passwords by Lamport [24], which Haller later used to design the S KEY one time password system [15] To motivate why we use a tree structure instead of a one way hash chain to authenticate values, we briefly describe the drawbacks of a one way chain. 1) One way Hash Chain: Consider the chain of length w with the values C ....

Leslie Lamport. Password Authentication with Insecure Communication. Communications of the ACM, 24(11):770--772, November 1981.

....literature of one way functions. Common examples include message digesting functions like SHA 1 or MD5 [106] It is straightforward to design an authentication mechanism based upon one way functions. A password authentication scheme based on one way functions was first proposed by Leslie Lamport [59], and popularized by the S Key password system [42] Migrate does not authenticate the end hosts (the applications should) however, so a password is unnecessary. Instead, Migrate uses an anonymous form of Lamport s scheme. As with Diffie Hellman, our one way function based approach remains ....

Leslie Lamport. Password authentication with insecure communication. Communications of the ACM, 24(11):770--772, November 1981.

....in Section 4. In Section 5, we analyze the performance of our protocol, and show several possible optimizations for its real deployment in Section 6. Finally, we discuss related work in Section 7, and present our conclusions in Section 8. 2 Background LHAP makes use of one way key chains [17] for traffic authentication and TESLA [26, 25] for bootstrapping trust. We briefly review these techniques in this section. One way Hash Chains Since its first use by Lamport [17] for one time passwords, one way key chains have been widely used in cryptography. A one way key chain is a chain of ....

....work in Section 7, and present our conclusions in Section 8. 2 Background LHAP makes use of one way key chains [17] for traffic authentication and TESLA [26, 25] for bootstrapping trust. We briefly review these techniques in this section. One way Hash Chains Since its first use by Lamport [17] for one time passwords, one way key chains have been widely used in cryptography. A one way key chain is a chain of keys generated through repeatedly applying a one way hash function on a random number. For instance, if a node wants to generate a key chain of size N , it first randomly chooses a ....

Leslie Lamport, Password authentication with insecure communication communication. Communications of the ACM, 24(11):770-772, Nov., 1981.

....to pay something, but not what he wanted to pay for. Several applications of this idea are known: In the early 80 s, Winternitz suggested that chains of coupons can be used to implement efficient one time signatures [10] In 1981, Lamport applied the idea to the problem of dynamic passwords [11] and most recently Pedersen applied the Winternitz idea to micro payments [7] as mentioned above the scheme is part of the CAFE payment system. Independent from our work two other groups came up with very similar schemes [12, 13] Our proposal is very similar to Pedersen, but it provides the ....

Leslie Lamport. Password authentication with insecure communication. Communications of the ACM, 24(11):770--772, November 1981.

....Note that although server supported signatures use a signature scheme that is asymmetric with respect to signature generation and verification, ordinary users are never required to generate signatures; thus, both sender and recipient are assumed to be computationally weak. In his well known paper [6], Lamport proposed using hash chains for password authentication over insecure networks. There had been other, earlier proposals to use one way hash functions to construct signatures. Merkle has presented an overview of these efforts [7] The original proposals in this category were impractical: a ....

Leslie Lamport. Password authentication with insecure communication. Communications of the ACM, 24(11):770--772, November 1981.

....The traditional password approach is unacceptable, since a network snoop can record the password and will then be able to falsely authenticate as the user at will. Zero knowledge schemes such as Fiat Shamir [3] require trusted hardware which can be stolen or compromised. One time passwords [5] are just that good for only a single authentication; pads of such passwords are vulnerable to theft and still require a large ratio of key material to authentication. An alternative is a challenge response protocol in which the user and computer have a shared secret that the user can use to ....

Leslie Lainport. Password authentication with insecure communication. Communications of the ACM, 24(11), November 1981.

No context found.

Leslie Lamport, Password Authentication with Insecure Communication, Communications of the ACM, vol. 24(11), 1981, pp. 770-772.

No context found.

Leslie Lamport, "Password Authentication with Insecure Communication", Communications of the ACM 24.11 (November 1981), 770-772

No context found.

Leslie Lamport. Password authentication with insecure communication. Communications of the ACM, 24(11):770--772, November 1981.

No context found.

Leslie Lamport. Password authentication with insecure communication. Communications of the ACM, 24(11):770--772, 1981.

No context found.

Leslie Lamport. Password Authentication with Insecure Communication. Communications of the ACM, 24(11):770-- 772, November 1981.

No context found.

Leslie Lamport, "Password Authentication with Insecure Communication", Communications of the ACM 24.11 (November 1981), 770-772

No context found.

Leslie Lamport. Password authentication with insecure communication. Communications of the ACM, 24(11):770--772, 1981.

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC