Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!watmath!clyde!rutgers!ames!ucbcad!ucbvax!FLASH.BELLCORE.COM!karn
From: karn@FLASH.BELLCORE.COM.UUCP
Newsgroups: mod.protocols.tcp-ip
Subject: Re: secure replacements for password
Message-ID: <8701171647.AA01115@flash.bellcore.com>
Date: Sat, 17-Jan-87 11:47:49 EST
Article-I.D.: flash.8701171647.AA01115
Posted: Sat Jan 17 11:47:49 1987
Date-Received: Sat, 17-Jan-87 18:53:19 EST
Sender: daemon@ucbvax.BERKELEY.EDU
Organization: The ARPA Internet
Lines: 28
Approved: tcp-ip@sri-nic.arpa

I have already implemented a crude scheme which works exactly in this way.
I run a UNIX system which is available over amateur packet radio. From time
to time I will access it from a friend's station over the air. Needless to
say I don't want to blast my root password or even my personal password over
the air, so I implemented a challenge/response system using DES.  You first
log in using a special password-less ID. The system then prompts you for
your real login name. Then it sends you the UNIX time-of-day, expressed as a
64-bit hexadecimal number. You encrypt this number and type back the
ciphertext. To do the computation, I wrote a program called "descalc" for
the PC (though portable) which allows you to set a key, enter plaintext and
read back the cipher text, enter cipher text and read back the plaintext,
etc. (I'm still working on the command that takes the cipher and plain text
and reads back the key. :-)

The system keeps its list of keys in plaintext form in a read-protected
file; this is probably the a weak spot in the system (next to the
possibility of somebody "taking over" the connection after I've
authenticated it).  If somebody can show me how to do this scheme without
keeping cleartext passwords in the system and is reasonably fast, I'm all
ears.  However, I think it's just a stopgap until I switch to full time
TCP/IP operation on the air and implement authentication on every IP
datagram.

I will probably post this stuff on USENET shortly. The DES was derived from
a version already posted there, and I modified it for improved speed and
modularity.

Phil