The S/KEY One-Time Password System (1994) [133 citations — 0 self]
Popular Tags
No tags have been applied to this document.
BibTeX | Add To MetaCart
author = {Neil Haller},
title = {The S/KEY One-Time Password System},
booktitle = {In Proceedings of the Internet Society Symposium on Network and Distributed Systems},
year = {1994},
pages = {151--157}
}
Bookmarks
OpenURL
Abstract:
Computing systems have been under increasingly sophisticated attack over the Internet and by using dial-up access ports. One form of attack is eavesdropping on network connections to obtain login id's and passwords of legitimate users. This information is used at a later time to attack the system. We have developed a prototype software system, the S/KEY TM one-time password system, to counter this type of attack and have been using it experimentally for external access to a research computer complex at Bellcore. The S/KEY system has several advantages compared with other one-time or multi-use authentication systems. The user's secret password never crosses the network during login or when executing other commands requiring authentication such as the UNIX passwd (change password) or su (change privilege) commands. No secret information is stored anywhere, including on the host being protected, and the underlying algorithm may be made public. The remote end (client) of this system can...
Citations
| 539 | An Authentication Service for Open Network Systems – Steiner, Neuman, et al. - 1988 |
| 235 | Password authentication with insecure communication – Lamport - 1981 |
| 111 | The Internet Worm Program: An Analysis – Spafford - 1988 |
| 80 | The MD5 Message-Digest Algorithm. Request for Comments 1321, Network Working Group – Rivest - 1992 |
| 17 | Project Athena as a distributed computer system – Champine, Geer, et al. - 1990 |
| 3 | Polonius: An Identity Authentication System – Wong, Berson, et al. - 1985 |
