|
|
|
Discussions of the strength of the UNIX password scheme provide insight into how gracefully authentication schemes age. Bishop [109] and Feldmeier and Karn [344] discuss attacks on the UNIX scheme. Su and Bishop use a Connection Machine in a dictionary attack [979]; Kedem and Ishihara use a PixelFlow SIMD computer [556]. Leong and Tham [621] discuss specific password-cracking hardware. Manber [656] discusses a salting scheme. Bergadano, Crispo, and Ruffo discuss techniques for compressing dictionaries for use with proactive password checkers [81, 82].
The U.S. Department of Defense has issued specific guidelines for password selection and management [284]. Jermyn, Mayer, Monrose, Reiter, and Rubin use the graphical capabilities of many systems to generate passwords [523]. Rubin presents an alternative one-time password scheme [854].
Many network-oriented protocols are challenge-response protocols. Seberry and Pieprzyk [897] and Schneier [888] discuss network-oriented authentication in depth. Chapter 10, "Key Management," discusses some of these protocols.
Itoi and Honeyman [517] have developed a version of PAM for Windows NT.
|
|
|
| Top |