Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!mnetor!seismo!husc6!mit-eddie!genrad!decvax!ucbvax!BRL.ARPA!ron
From: ron@BRL.ARPA (Ron Natalie)
Newsgroups: mod.protocols.tcp-ip
Subject: Re:  Password Security for the UCLA ACP
Message-ID: <8701141716.aa17479@SEM.BRL.ARPA>
Date: Wed, 14-Jan-87 17:16:47 EST
Article-I.D.: SEM.8701141716.aa17479
Posted: Wed Jan 14 17:16:47 1987
Date-Received: Thu, 15-Jan-87 05:01:07 EST
Sender: daemon@ucbvax.BERKELEY.EDU
Organization: The ARPA Internet
Lines: 39
Approved: tcp-ip@sri-nic.arpa

Well, any point of the system where the data is going to exist unencrypted
is going to have to be secured.  But consider the original application.
He was concerned about ethernet spies grabbing the passwords and such off
the wire.  You can do this even if the spy has a copy of your encryption
program.  Many people have the UNIX password crypt routine, but as of yet
no one has announced a way to use it to decrypt totally random passwords
(other than by exhaustive search, which even on our X/MP-48 takes a long
time...it does vectorize nicely though :-)).

Consider the following scenario...

A BIG SECURE UNIVERSITY ADMINISTRATIVE COMPUTER named I'm Big Money
An IBM PC in the Bursars Office named Petty Cash
and the campus ethernet spine with the above plus random PC's and
SUNs on it called "RU-YELLOW"

Petty Cash:  I'd like to talk to Big Bucks
	( now big brother makes up a verification string of random
	  letters)
I'm Big Money:  Encrypt "AWALKER" for me using your password as key.
	(PC now encrypts the random phrase with the user's password
		"TUITION")
PC:  The encrypted string is "*HOBBIT*".
	(IBM now encrypts "AWALKER" with the user's passord "TUITION"
	  and sees that they match and allows access.)
IBM:  OK PC...what shall we do today?

See at no time did the user's password "TUITION" ever exist in the
clear.  The Spy, seeing the random string and the encrypted answer
can not deduce the password.  He can't use the encrypted answer because
next time IBM will send a different string.  It makes no difference here
whether or not he has a copy of the program running in PC or not.

Of course, he can probably get all kinds of juicy data if the transactions
are not encrypted as the authentication was.  In addition, there is always
the chance that the spy can infiltrate either end (like by modifying the
software in the PC to also keep track of the cleartext passwords).

-Ron