Showing papers on "Rainbow table published in 1997"

Scalable high speed IP routing lookups

Abstract: Internet address lookup is a challenging problem because of increasing routing table sizes, increased traffic, higher speed links, and the migration to 128 bit IPv6 addresses. IP routing lookup requires computing the best matching prefix, for which standard solutions like hashing were believed to be inapplicable. The best existing solution we know of, BSD radix tries, scales badly as IP moves to 128 bit addresses. Our paper describes a new algorithm for best matching prefix using binary search on hash tables organized by prefix lengths. Our scheme scales very well as address and routing table sizes increase: independent of the table size, it requires a worst case time of log2(address bits) hash lookups. Thus only 5 hash lookups are needed for IPv4 and 7 for IPv6. We also introduce Mutating Binary Search and other optimizations that, for a typical IPv4 backbone router with over 33,000 entries, considerably reduce the average number of hashes to less than 2, of which one hash can be simplified to an indexed array access. We expect similar average case behavior for IPv6.

User authentication system for authenticating an authorized user of an IC card

Abstract: An user authentication system for authenticating a user using an IC card in conjunction with a portable terminal used to generate a one-time password and a server used to generate a corresponding one-time password for user authentication. The IC card contains a secret key for generating a one-time password and predetermined random numbers. The portable terminal contains a card receiver for receiving the IC card, a random number memory for reading and storing, and then deleting the random numbers of the IC card, a first password generator for generating a one-time password by the secret key of the IC card and the random number, a first random number changer for changing the random number stored in the random number memory into a predetermined value and storing the changed value in the random number storing portion, and a display for displaying the processed results of the terminal and the server. The server includes a secret key memory for storing a secret key and a random number, a second password generator for generating a one-time password, a second random number changer for storing a random number value identical to the random number value of the terminal, a password receiver for receiving the one-time password of the terminal, a password verifier for verifying the password to authenticate the user. As a result, it is possible to raise the security level by using a one-time password in which a different password is used each time a user is authenticated, and to save costs by generating a one-time password for various services with a single terminal.

Plurality-factor security system

Abstract: The invention provides a method and system for simultaneously authenticating a user using two or more factors, such as both a password and a physical token or both a password and biometric information. The user presents a physical token including a storage device to a processor and attempts to log in using a first password; the processor includes a login service which receives the first password, accesses the storage device to transform the first password into a second password, and authenticates the second password using an operating system for the processor. The storage device includes encrypted information regarding the second password which can be relatively easily determined in response to the first password, but which cannot be relatively easily determined without the first password. The system or the storage device may also store information for biometric authentication of the user.

Method and apparatus for strengthening passwords for protection of computer systems

Abstract: A computer implemented method provides access to processes and data using strengthened password. During an initialization phase, an access code is stored in a memory of a computer system. The access code is an application of a one-way hash function to a concatenation of a password and a password supplement. The size of the password supplement is a fixed number of bits. During operation of the system, a user enters a password, and the one-way hash function is applied to concatenations of the password and possible values having the size of the password supplement to yield trial access codes. Access is granted when one of the trial access codes is identical to the stored access code.

IC card portable terminal apparatus

Abstract: Password identification information for identifying a password for key verification is set for each of a plurality of applications (F1, F2, ···). A current password storage unit for storing a password which has recently been input and the password identification information of the password is arranged. When one application is selected, password identification information corresponding to the application is verified with the password identification information stored in the current password storage unit. If the two password identification information match, key verification is performed using the password in the current password storage unit. With this operation, a plurality of data can be rad out by performing the password input operation once. One or two select keys are arranged in place of a ten-key pad. By repeating an operation using the select keys and the enter key, a password having a plurality of digits is input. Therefore, the password can be input using a minimum number of keys.

IC card portable terminal apparatus and password verification method

Abstract: of EP0838789Password identification information for identifying a password for key verification is set for each of a plurality of applications (F1, F2, ...). A current password storage unit for storing a password which has recently been input and the password identification information of the password is arranged. When one application is selected, password identification information corresponding to the application is verified with the password identification information stored in the current password storage unit. If the two password identification information match, key verification is performed using the password in the current password storage unit. With this operation, a plurality of data can be rad out by performing the password input operation once. One or two select keys are arranged in place of a ten-key pad. By repeating an operation using the select keys and the enter key, a password having a plurality of digits is input. Therefore, the password can be input using a minimum number of keys.

Password restoring method for computer system

Abstract: PROBLEM TO BE SOLVED: To make it possible to easily restore a password on a user side by setting >1 ID numbers and storing the both in a memory when a password is set. SOLUTION: When the password is inputted, >1 ID numbers are inputted. The ID numbers and password are stored in the memory 80. If the user forgets the password, an ID number is requested to be inputted after a password error is made up to a previously set frequency. When the input ID number matches a stored ID number, the password stored in the memory 80 is encoded and displayed as a combination of characters and numbers on a monitor 24 thought a video controller 20. The encoded password is sent to the after-sales service center of the maker by using a telephone line and decoded, so that the password can easily be restored.