The S/KEY One-Time Password System (1994)
| Venue: | In Proceedings of the Internet Society Symposium on Network and Distributed Systems |
| Citations: | 172 - 0 self |
BibTeX
@INPROCEEDINGS{Haller94thes/key,
author = {Neil Haller},
title = {The S/KEY One-Time Password System},
booktitle = {In Proceedings of the Internet Society Symposium on Network and Distributed Systems},
year = {1994},
pages = {151--157}
}
Years of Citing Articles
Bookmark
 |
 |
 |
 |
 |
 |
OpenURL
Abstract
Computing systems have been under increasingly sophisticated attack over the Internet and by using dial-up access ports. One form of attack is eavesdropping on network connections to obtain login id's and passwords of legitimate users. This information is used at a later time to attack the system. We have developed a prototype software system, the S/KEY TM one-time password system, to counter this type of attack and have been using it experimentally for external access to a research computer complex at Bellcore. The S/KEY system has several advantages compared with other one-time or multi-use authentication systems. The user's secret password never crosses the network during login or when executing other commands requiring authentication such as the UNIX passwd (change password) or su (change privilege) commands. No secret information is stored anywhere, including on the host being protected, and the underlying algorithm may be made public. The remote end (client) of this system can...
Citations
| 581 | Kerberos: An authentication service for open network systems - Steiner, Neuman, et al. - 1988 |
| 307 | Password authentication with insecure communication - Lamport |
| 129 | The internet worm program: an analysis - Spafford - 1989 |
| 120 | The MD5 message-digest algorithm, Request for - Rivest - 1992 |
| 18 | Project Athena as a Distributed Computer System - Champine, Geer, et al. - 1990 |
| 3 | Polonius: An Identity Authentication System - Wong, Berson, et al. - 1985 |
