Showing papers on "Password published in 1978"

Computer accessing system

Abstract: A communications link between a computer and a remote user is effected by a portable access unit which generates a nonrecurring access code which is a function of a password and a pseudorandomly generated number. The access code is transmitted and compared with an access code generated by a computer access controller. In addition to the access code, the pseudorandomly generated number provides an encryption key which is not transmitted but corresponds to a mating encryption key generated at the controller. The mating encryption keys are utilized to set up data transmission enciphering/deciphering networks successive links are established by incremented pseudorandomly generated access codes.

Method for authenticating the identity of a user of an information system

Abstract: Secure hardware is provided for cryptographically generating a verification pattern which is a function of a potential computer user's identity number, the potential computer user's separately entered password, and a stored test pattern. The test pattern for each authorized computer user is generated at a time when the physical security of the central computer and its data can be assured, such as in a physically guarded environment with no teleprocessing facilities operating. Secure hardware for generating verification patterns during authentication processing and for generating test patterns during the secure run is disclosed which uses a variation of the host computer master key to reduce risk of compromise of total system security. The use of a variant of the host master key prevents system programmers and/or computer operators from compromising the integrity of the authentication data base by, for example, interchanging entries and/or inserting new entries.

Set data protection method

Abstract: PURPOSE:To prevent the careless change of controlling set data by inputting a password by each operator at a function selection time and fixing a set available range of control data according to the work level registered by the operator. CONSTITUTION:In the set data protection method for preventing malfunction in a process controlling computer which uses set data c of memory b dependently upon CPU a to control process e through I/O device d, when set data c of memory b is changed, password k for each operator and operation level permitted for the operator are previously registered to collate the passward, which is inputted by the operator at a change operation time, with registered password k; and when the inputted password is one of registered passwords k, operation level 1 permitted for the operator is calculated. Then, the caluculated operation level is compared with set function level m selected by the operator, and operation is permitted in case of 1>=m.

Security in communication networks.

Abstract: It may seem anomolous that electronic mail and other computer communication systems require cryptographic protection when almost no physical mail is given this protection. The difference is that computer readable traffic is extremely vulnerable to automatic sorting at very low cost. Physical mail would also need to be encrypted if it were all written on postcards and could be sorted at a cost of only $1 for several million pages. Even seemingly innocuous facts can be damaging when such vast amounts of data can be screened for all messages mentioning one of a list of key words (e.g., computer communications, electronic mail, EFT, etc.). Analog voice circuits are as vulnerable to wiretapping, but are expensive to sort. Fortunately, the digital nature of the data makes high grade encryption possible at low cost. Analog circuits are almost impossible to adequately secure without going through a digital interface and encryption. The National Bureau of Standards has promulgated a national data encryption standard which can be implemented on a single LSI chip. 1 In large quantities it should therefore cost on the order of $10, an insignificant addition to the cost of a computer terminal. While some have criticized the standard as being inadequately secure,2-4 this is not due to technical constraints, but rather appears to be a political problem. While the cost of the encryption hardware is not a barrier to the widespread use of cryptography in computer oriented systems, there are other costs and problems which must be considered. Key distribution is one such problem.5 In a network with n users there are approximately n/2 possible pairs of users who may wish to converse securely from all other users. The distribution of this many keys by courier, registered mail, etc. is clearly uneconomic even for n equal to one million. This problem can be solved by having the system itself distribute keys, encrypted in user specific system keys or passwords, but this requires the system to be secure. ,7 A more useful approach was suggested by Diffie and Hellman5 and Merkle. S They proposed that it is possible to converse securely over an insecure channel with no prearrangement through use of "public key systems." The second section describes the public key systems of References 5 and 8 as well as systems devised by Rivest, Shamir and Adleman, 9 McEliece,lO and Merkle and Hellman. 11