LectureNote22-Onetimepassword

LectureNote22-Onetimepassword - I DENTIFICATION AND...

Info iconThis preview shows pages 1–5. Sign up to view the full content.

View Full Document Right Arrow Icon
O NE T IME P ASSWORDS I DENTIFICATION AND A UTHENTICATION P ASSWORD B ASED A UTHENTICATION O NE T IME P ASSWORDS K ERBEROS O THER M UTUAL A UTHENTICATION P ROTOCOLS CS 556 - Computer Security - c c 2009 Colorado State University – 41 / 98
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
One Time Passwords I DENTIFICATION AND A UTHENTICATION P ASSWORD B ASED A UTHENTICATION O NE T IME P ASSWORDS K ERBEROS O THER M UTUAL A UTHENTICATION P ROTOCOLS CS 556 - Computer Security - c c 2009 Colorado State University – 42 / 98 Use a password exactly once Such schemes are safe from passive adversaries who eavesdrop and later attempt impersonation. Variations include Shared lists of one time passwords Sequentially updated one time passwords One time password sequences based on one-way functions
Background image of page 2
Shared Lists of One Time Passwords I DENTIFICATION AND A UTHENTICATION P ASSWORD B ASED A UTHENTICATION O NE T IME P ASSWORDS K ERBEROS O THER M UTUAL A UTHENTICATION P ROTOCOLS CS 556 - Computer Security - c c 2009 Colorado State University – 43 / 98 User and system use a sequence of n secret passwords – each valid for a single authentication Drawback – maintenance of shared list Have to use passwords in exact sequence – otherwise system has to check password against all remaining unused passswords Not widely used
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Sequentially Updated One Time Passwords I DENTIFICATION AND A UTHENTICATION P ASSWORD B ASED A UTHENTICATION O NE T IME P ASSWORDS K ERBEROS O THER M UTUAL A UTHENTICATION P ROTOCOLS CS 556 - Computer Security - c c 2009 Colorado State University – 44 / 98 Initially only a single secret is shared During authentication, user creates and transmits a new password using the current password New password typically encrypted under a key derived from current password New password transmitted in current session, forms the password for the next session Method becomes difficult if communication failure occurs
Background image of page 4
Image of page 5
This is the end of the preview. Sign up to access the rest of the document.

Page1 / 16

LectureNote22-Onetimepassword - I DENTIFICATION AND...

This preview shows document pages 1 - 5. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online