Path: utzoo!utgpu!attcan!uunet!lll-winken!lll-tis!helios.ee.lbl.gov!nosc!ucsd!rutgers!cmcl2!brl-adm!adm!PAAAAAR%CALSTATE.BITNET@cunyvm.cuny.edu From: PAAAAAR%CALSTATE.BITNET@cunyvm.cuny.edu Newsgroups: comp.unix.questions Subject: RE: wiretapping techniques Message-ID: <16640@brl-adm.ARPA> Date: 27 Jul 88 07:03:03 GMT Sender: news@brl-adm.ARPA Lines: 36 Since there are so many ways of observing a logon sequence and then duplicating it, a high security system needs to implement a changing logon sequence so that what lets a valid user into the system today does not allow entrance to a black hatted person the following day. People have published two distinct variations on this theme. First - for machine to machine security (including a smart card as a machine) Second - for human to machine login sequences. A relative of this is the "pass algorithm" (I don't at this time recall who suggested it). The systemn that logs in is given some information and must respond to it in the correct way. The second technique is based on storing a number of questions (say 10) and 10 encrypted answers. On logging in the machine asks a collection of randomly chosen questions and reads replies that are checked against the encrypted dossier of information for the person who is putatively loggin in... Someone else has proposed an intriguing variant. This is the "Pass Algorithm" The user (person or system logging in) has memorized an algorithm which is applied to input provided by the system to which they are attempting to gain access. The input is generated randomly. Has anyone implemented any of these variations on UNIX? Dick Botting PAAAAAR@CCS.CSUSCC.CALSTATE(doc-dick) paaaaar@calstate.bitnet PAAAAAR%CALSTATE.BITNET@{depends on the phase of the moon}.EDU Dept Comp Sci., CSUSB, 5500 State Univ Pkway, San Bernardino CA 92407 Disclaimer: What with my brain, my fingers, this Mac, Red Ryder, the PDP and its software, NOS and the CSU CYBERS, plus transmission errors, your machine, terminal, eyes, and brain,..... I probably didn't think what you thought you just read any way!