Two kinds of contemporary developments in cryptography are examined. Widening applications of teleprocessing have given rise to a need for new types of cryptographic systems, which minimize the need for secure key distribution channels and supply the equivalent of a written signature. This paper suggests ways to solve these currently open problems. It also discusses how the theories of communication and computation are beginning to provide the tools to solve cryptographic problems of long standing.

This paper describes the history of the design of the password security scheme on a remotely accessed time-sharing system. The present design was the result of countering observed attempts to penetrate the system. The result is a compromise between extreme security and ease of use.

Ahwcz--The knapsack problem is aa Np-complete combinatorial problem that is strongly believed to be computationally difficult to solve in general. Specific instances of this problem tbat appear very difficult to solve unless one pawses “trapdoor information ” used in the design of the problem are demonstrated. Because only the designer can easily solve problems, others can send bim ioformation hidden in the solution to the problems without fear that au eavesdropper will be able to extract the information. This approach differs from usual cryptograpkic systems in that a secret key is not needed. Conversely, only the designer can generate signature8 for messages, but anyone can easily check their authenticity. G I.

This document was originally prepared off-line. This file is the result of scan, OCR, and manual touchup, starting

The following paper by Butler Lampson has been frequently referenced. Because the original is not widely available, we are reprinting it here. If the paper is referenced in published work,

In this work, we aim to reduce the computational costs of using public-key digital signatures in securing routing protocols. Two protocols (COSP and IOSP) using one-time digital signatures are introduced to provide the functionality of public-key digital signatures. Our protocols are intended to be used in place of public-key digital signatures for signing all kinds of message exchanges among routers. We obtained more than ten-fold increase in speed compared with public-key signatures. Our protocols overcome the shortcomings identified in previous works, such as timing constraints, limited applications and high storage and computational costs for volatile environments [12].

We present a simple scheme that makes guessing passwords based on one-way functions 100 to 1000 times harder. The scheme is easy to program and easy to incrementally add to existing schemes. In particular, there is no need to switch to it all at the same time. Old passwords will still work and have the same security as before (one will not be able to distinguish them from new passwords); newly-entered passwords will become much more secure. The new scheme is independent of the one-way function used and does not require changing any part of the encryption mechanism. 1.

All cryptosystems currently m use are symmetrm m the sense that they require the transmitter and receiver to share, m secret, either the same pmce of reformation (key) or one of a paLr of related keys easdy computed from each other, the key is used m the encryption process to introduce uncertainty to an unauthorized receiver. Not only is an

It is possible to distinguish between policy and mechanism in operating system design. There is a trend to move policy out of the operating system kernel and into the user-level. This trend is described with respect to example operating system types. A system is proposed which takes this policy/mechanism split to the extreme of having the operating system kernel reduced to a hardware object which provides a low-level but abstract view of the actual hardware. Such a system would be flexible enough to allow investigation of dynamic, user-level, provision of policy. 1 Introduction The conventional operating system maps user programs to the resources of the machine largely by means of the `process' abstraction -- the program in execution. It ensures that user processes are protected from each other whilst allowing sharing between processes in a controlled way. Resources can be shared in a time-sliced fashion on general-purpose time-share machines, or in a distributed fashion on parallel m...

The concept of “process ” has come to play a central role in many efforts to master the complexity of large computer systems. The purpose of this paper is to discuss useful methods of structuring complex processes, and to relate these to the problems of improving the quality of large computer systems. Two distinct ways of structuring systems are presented, namely, process combination, and process abstraction; these are then used to discuss such topics as concurrency, synchronization, multiprogramming, interpreters, and programmable processors. This discussion is based on a set of precise definitions for such concepts as “process,” “processor, ” “computation, ” “combination, ” and “abstraction. ” The paper relates these definitions to both current research and practical applications, with particular concern for the problems of the performance, reliability, and modifiability of computer systems. Key words and phrases: sequential process, cooperating processes, asynchronous processes, parallelism, complexity, program, processor, interpreter, hierarchical structures, abstraction, refinement.