Showing papers on "Data Authentication Algorithm published in 1989"
01 Oct 1989
TL;DR: Techniques are suggested to construct authentication protocols on a basis of one-way functions rather than encryption algorithms, and it appears that this approach could achieve equally simple and capable protocols.
Abstract: Techniques are suggested to construct authentication protocols on a basis of one-way functions rather than encryption algorithms. This approach is thought of interest for several reasons. It appears that this approach could achieve, at least, equally simple and capable protocols.
95 citations
TL;DR: This work considers two basic versions of the challenge-response authentication protocol, and exhibits both a method of attack and a simple modification preventing such attacks.
Abstract: We consider two basic versions of the challenge-response authentication protocol, and exhibit both a method of attack and a simple modification preventing such attacks. We go on to consider three variants of the basic protocols and show that one of them is completely insecure.
65 citations
Proceedings Article•
01 Jul 1989
TL;DR: The design and implementation of the Kerberos authentication service was motivated by the fact that in a workstation environment, the user often has complete control over the worksta- tion.
Abstract: In a workstation environment, the user often has complete control over the workstation. Workstation operating systems therefore cannot be trusted to accurately identify their users. Some other method of authentication is needed, and this motivated the design and implementation of the Kerberos authentication service.Kerberos is based on the Needham and Schroeder trusted third-party authentication model, using private-key encryption. Each user and network server has a key (like a password) known only to it and the Kerberos database. A database server uses this knowledge to authenticate network entities to one another.The encryption used to achieve this authentication, the protocols currently in use and the protocols proposed for future use are described.
58 citations
04 Dec 1989
TL;DR: The author examines one possible method for determining the authentication strength and conveying this information within a distributed network using a token composed of a unique user ID and an authentication level.
Abstract: Network users may be authenticated by different means and from a variety of locations. Once authenticated, the user's access should be consistent with the strength of the authentication. The author examines one possible method for determining the authentication strength and conveying this information within a distributed network. The approach discussed uses a token composed of a unique user ID and an authentication level. The token is sent along with the request for establishing a remote session. Once the token is received, the remote location determines user access based solely on the authentication token. >
14 citations
TL;DR: The secure communication service element (SCSE) is proposed in the OSI application layer as a new type of common application service element to provide the security services of peer-entity authentication, data confidentiality, and data integrity.
Abstract: Under the increasing demand for secure communications, the existing security techniques cannot fulfil the requirements for security satisfactorily. A number of study items are identified in this area; however, one of the major targets is to realize security services in the open systems interconnection (OSI) communication environment. In response to this need, the secure communication service element (SCSE) is proposed in the OSI application layer as a new type of common application service element to provide the security services of peer-entity authentication, data confidentiality, and data integrity. As for the peer-entity authentication service, the overall authentication protocol between the peer SCSEs is proposed by using the underlying association control service element authentication procedure. Regarding the data integrity and confidentiality, the SCSE transfer service is introduced to cover all the requirements for these services to the extent of the selective field services and the recovery for integrity errors. >
8 citations
06 Feb 1989
TL;DR: A password authentication mechanism based on the public-key distribution cryptosystem is proposed, which uses an authentication table to replace the traditional password file.
Abstract: A password authentication mechanism based on the public-key distribution cryptosystem is proposed. The scheme uses an authentication table to replace the traditional password file. With this scheme, even if the authentication table is comprised, the system security is preserved. The user's password is effectively bound to the user's identification in a timely, efficient, and simple manner. >
3 citations
TL;DR: The Xerox Network Systems architecture includes all of the security features found in today's most popular protocol suites and provides strong authentication at the beginning of each conversation.
Abstract: The Xerox Network Systems (XNS) architecture[1] includes all of the security features found in today's most popular protocol suites. In addition, XNS provides strong authentication at the beginning of each conversation. Authentication is the verification that both entities in a conversation are the ones claimed.[2] The Authentication Protocol[3] provides authentication in such a way that no passwords are ever transmitted on the network.
1 citations
Journal Article•
TL;DR: The first aim of this paper is to situate the call for integrity and authentication algorithms within research on cryptography and within evolution of telecommunication.
Abstract: The first aim of this paper is to situate the call for integrity and authentication algorithms within research on cryptography and within evolution of telecommunication. Motivations for submitting primitives and details on the submission process are also given.