Showing papers on "Password strength published in 1988"
Patent•
09 Mar 1988
TL;DR: In this paper, a password issuing device can store and generate passwords for a multiplicity of distinct protected host systems, each of which can store, decrypt, and display one or more random digits.
Abstract: An access control system is disclosed in which protected systems and corresponding portable password issuing devices both generate new authentic passwords by successively encrypting a stored password with a selected sequence of predefined encryption steps. The protected system generates and displays one or more random digits, selects an encryption sequence by appending the random digits to the user's personal identification number, and generates an authentic password by sequentially encrypting the user's previous password with encryption steps corresponding to each of the digits in the selected encryption sequence. The user generates a purported password by entering his PIN and the displayed random number(s) on the keyboard of his password issuing device, which responds to encrypting a stored previous password value with encryption steps corresponding to the user's keystrokes, and displaying a new password on its display. The user submits his purported new password to the protected system, and the protected system enables access to the protected system when the purported password matches the internally generated authentic password. Each password issuing device can store and generate passwords for a multiplicity of distinct protected host systems.
157 citations
Journal Article•
TL;DR: This paper presents a mathematical formulation of a fast implementation of the DES in software, discusses how the mathematics can be translated into code, and then analyzes the UNIX password scheme to show how these results can be used to implement it.
Abstract: The Data Encryption Standard is used as the basis for the UNIX password encryption scheme. Some of the security of that scheme depends on the speed of the implementation. This paper presents a mathematical formulation of a fast implementation of the DES in software, discusses how the mathematics can be translated into code, and then analyzes the UNIX password scheme to show how these results can be used to implement it. Experimental results are provided for several computers to show that the given method speeds up the computation of a password by roughly 20 times (depending on the specific computer).
30 citations
TL;DR: This program, intended for use by UNIX system administrators, attacks the one-way-encrypted password file and when it guesses a password, stores an encrypted warning message in the user's area.
7 citations