Showing papers on "Encryption published in 1977"

Special Feature Exhaustive Cryptanalysis of the NBS Data Encryption Standard

Abstract: For centuries, cryptography has been a valuable asset of the military and diplomatic communities. Indeed, it is so valuable that its practice has usually been shrouded in secrecy and mystery.

Non-discretionary access control for decentralized computing systems

Abstract: This thesis examines the issues relating to non-discretionary access controls for decentralized computing systems. Decentralization changes the basic character of a computing system from a set of processes referencing a data base to a set of processes sending and receiving messages. Because messages must be acknowledged, operations that were read-only in a centralized system become read-write operations. As a result, the lattice model of non-discretionary access control, which mediates operations based on read versus read-write considerations, does not allow direct transfer of algorithms from centralized systems to decentralized systems. This thesis develops new mechanisms that comply with the lattice model and provide the necessary functions for effective decentralized computation. Secure protocols at several different levels are presented in the thesis. At the lowest level, a host or host protocol is shown that allows communication between hosts with effective internal security controls. Above this level, a host independent naming scheme is presented that allows generic naming of services in a manner consistent with the lattice model. The use of decentralized processing to aid in the downgrading of information is shown in the design of a secure intelligent terminal. Schemes are presented to deal with the decentralized administration of the lattice model, and with the proliferation of access classes as the user community of a decentralized system become more diverse. Limitations in the use of end-to-end encryption when used with the lattice model are identified, and a scheme is presented to relax these limitations for broadcast networks. Finally, a scheme is presented for forwarding authentication information between hosts on a network, without transmitting passwords (or their equivalent) over a network.

The use of passwords for controlling access to remote computer systems and services

Abstract: The widespread use of remote computer resources has made the problem of personal authentication most urgent. This paper examines the use of passwords for controlled access to these resources. Password techniques, ways of protecting passwords, and attendant cost considerations are discussed. Similarities between passwords and data encryption keys are noted and general recommendations for the use of passwords are presented.

Assessment of the national bureau of standards proposed federal data encryption standard

Abstract: The National Bureau of Standards (NBS) has implemented a Data Encryption Standard (DES), describing an encryption procedure to be used by Federal agencies and others to protect data against unauthorized access. This procedure encrypts 64-bit data sequences using a 56-bit key. Diffie, Hellman and others have objected that a 56-bit key may be inadequate to resist a brute force attack using a special purpose computer costing about $20 million. Others have estimated ten times that much. Whichever figure is correct, there is little safety margin in a 56-bit key.

Encryption Schemes for Computer Confidentiality

Abstract: This is a first attempt to develop shift-register-based encryption methods with nonlinear characteristics. We propose some new stream enciphering schemes composed of standard components which are easy to implement and appear to be difficult to break by either a linear attack or statistical analysis.

Encryption-based protection for interactive user/computer communication

Abstract: This paper develops a virtual connection model, complete with intruder, for interactive terminal-host communication and presents a set of protection goals that characterize the security that can be provided for a physically unsecured connection. Fundamental requirements for protocols that achieve these goals and the role of encryption in the design of such protocols are examined. Functional and security constraints on positioning of protection protocols in a communication system and the impact of positioning on the design of secure operating systems are discussed.

A New Nonlinear Pseudorandom Number Generator

Abstract: During the next few years a new pseudorandom number generator will become available on many computer systems. A concern for the security of computer data has led to the adoption of a Data Encryption Standard (DES) by the National Bureau of Standards. This standard specifies a nonlinear cryptographic algorithm which can be used inter alia as a source of pseudorandom numbers in software applications, such as those involving order statistics, where the usual linear congruential and generalized feedback shift register generators seem to be inadequate. Results of testing the DES as a pseudorandom number generator indicate that the algorithm is more than satisfactory for this purpose.

Multics Security Evaluation: Password and File Encryption Techniques.

Abstract: : Passwords are stored in enciphered form in the Multics system. There is no clear text listing of the password file. In 1972, as part of a security analysis of Multics, an ESD team successfuly inverted the enciphering algorithm in use on Multics. This report documents the team's efforts. As a result of the ESD analysis, an improved encryption algorithm is now in use on Multics. (Author)

Computer encryption: key size.

Abstract: Gina Bari Kolata's article \"National Bureau of Standards: A fall from grace\" (News and Comment, 2 Sept., p. 968) gives an inaccurate picture of NBS. While the perceptive reader would recognize the inherent inconsistency of the article's title with the fact that 15 new assignments have been given to NBS by Congress since 1965, the reader would have to be well informed to note that, except for minor references, the work of two of the four institutes of the Bureau is ignored. Specific examples can be cited of current research at NBS that is of top quality and has significant basic and applied aspects. The Fire Prevention and Control Act of 1974 gave the Bureau a broad mandate for research in fire safety. The NBS program includes high-quality research on toxicological effects of combustion products, chemical kinetics, and gas dynamics which is making the United States a world leader in an area where previously the best research was done in Japan and the United Kingdom. No effort is being made to hide this research, and NBS has attracted staff members of outstanding quality to this program. Under the Brooks Act of 1965, NBS was given the responsibility of resolving many issues associated with the rapidly increasing usage of computers. Important NBS accomplishments include the first data encryption standard, the first validation system for software, and pioneering work in robotics. A third example of current research at NBS relates to the more efficient use of energy. For a number of years preceding the national recognition of the energy crisis, NBS had carried out a systematic investigation of the thermal characteristics of building materials and building systems. While the importance and significance of this work has recently been widely recognized and has resulted in the promulgation of a nationally accepted standard for energy conservation in buildings, it was openly supported for many years before the Organization of Petroleum Exporting Countries or the Energy Research and Development Administration were organized. Kolata's article emphasizes one very valid point: NBS does have severe problems and urgent needs. It needs vigorous and perceptive management; it needs a position in the hierarchy of federal executive agencies where its potential for public service is more clearly recognized; and it needs an audience in the Office of Management and Budget that

A microprocessor selective encryption terminal for privacy protection

Abstract: This paper reports on an experiment performed by the METREK Division of The MITRE Corporation from November 1975 through August 1976. The purpose of the experiment was to determine how effectively a low cost microcomputer could provide privacy protection to a user of a time-shared computer system. The microprocessor was used to selectively encrypt information entered at the terminal before transmission to the host computer so that the protected information never appears in plaintext form at the host computer. The advantages and disadvantages of this approach along with the operational details of the experimental system are presented.

Data Network Security : Part I Problem Survey and Model

Abstract: Data encryption and related methods may be used to preserve information security i n a data network. Here information security is defined as the degree to which the destruction, change or loss of i ...

A Security Analysis Of The Federal Data Encryption Standard

Abstract: Modifications increasing the cryptanalysis resitance of the National Bureau of Standards developed Federal Data Encryption Standard are discussed.