Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!mnetor!seismo!rutgers!clyde!cbosgd!osu-eddie!verber
From: verber@osu-eddie.UUCP (Mark A. Verber)
Newsgroups: rec.ham-radio.packet,sci.crypt
Subject: Re: passwd security
Message-ID: <3569@osu-eddie.UUCP>
Date: Tue, 19-May-87 15:07:42 EDT
Article-I.D.: osu-eddi.3569
Posted: Tue May 19 15:07:42 1987
Date-Received: Sat, 23-May-87 05:29:22 EDT
References: <1012@chinet.UUCP> <1615@Umunhum.STANFORD.EDU> <581@faline.bellcore.com>
Sender: news@osu-eddie.UUCP
Reply-To: verber@osu-eddie.UUCP (Mark A. Verber)
Organization: Ohio State University, Computer Science
Lines: 19
Xref: mnetor rec.ham-radio.packet:335 sci.crypt:410


It would seem to me that a public key crypto-system would be perfect
for this kind of application.  You could query the machine for its
public key, encrypt your password using that key and then transmit
your encrypted password.  The machine which you are trying to access
then decodes your password with it's private key and verifies login. 

The primary problem with using a public key system is selecting which
method to use.  The best method is RSA, but RSA is patented and cost
mega bucks.  Knapsack could be used, but it has been broken.  This
might not be too much of a problem though since super secure
communications is not needed, it would be on packet radio if security
was important. 

Cheers,
-----------------------------------------------------------------------
Computer Science Department			         Mark A. Verber
The Ohio State University			 verber@ohio-state.arpa
+1 (614) 292-7344				cbosgd!osu-eddie!verber