Password authentication with insecure communication

@article{Lamport1981PasswordAW,
  title={Password authentication with insecure communication},
  author={Leslie Lamport},
  journal={Commun. ACM},
  year={1981},
  volume={24},
  pages={770-772}
}
  • L. Lamport
  • Published 1 November 1981
  • Computer Science
  • Commun. ACM
A method of user password authentication is described which is secure even if an intruder can read the system's data, and can tamper with or eavesdrop on the communication between the user and the system. The method assumes a secure one-way encryption function and can be implemented with a microcomputer in the user's terminal. 
View on ACM
cs.utk.edu
2,830 Citations
Highly Influential Citations
139
Background Citations
1,031
Methods Citations
568
Results Citations
8

2,830 Citations

A Flexible and Secure Remote Systems Authentication Scheme Using Smart Cards
  • M. Das
  • Computer Science
    ArXiv
  • 2008
The paper presents an authentication scheme for remote systems using smart card. The scheme prevents the scenario of many logged in users with the same login identity, and does not require
Remote User Authentication Using Public Information
TLDR
A method for remote user authentication that requires only public information to be stored at the verifying host and is resistant to host impersonation attacks and the avoidance of asymmetric cryptographic techniques makes the scheme appropriate for low cost user authentication devices.
A new remote user authentication scheme using smart cards
TLDR
This work proposes a new remote user authentication scheme using smart cards based on the ElGamal's (1985) public key cryptosystem that can withstand message replaying attack.
Cryptanalysis of a Timestamp-Based Password Authentication Scheme
Remote Password Authentication Using Linear Equations and Smart Card
  • M. R. Reddy
  • Computer Science
    2010 Second Vaagdevi International Conference on Information Technology for Real World Problems
  • 2010
TLDR
This paper proposes a new remote password authentication technique using linear equations that does not require a system to maintain a password table for verifying the legitimacy of login users and can withstand message-replaying attack.
On improvements to password security
TLDR
A technique to allow long password-phrases that makes an exhaustive search impracticable is presented, and a solution to eavesdropping problems using public-key cryptography is proposed.
A remote password authentication scheme based on the digital signature method
  • M. Hwang
  • Computer Science
    Int. J. Comput. Math.
  • 1999
TLDR
A remote password authentication scheme based on the digital signature methods is proposed that does not require the system to maintain a password file, and it can withstand attacks based on message replaying.
Cryptanalysis of a Remote User Authentication Scheme
TLDR
It is pointed out that Chen-Lee’s scheme is vulnerable to off-line password guessing, replay and impersonation attacks when the smart card is lost or stolen.
RSA based remote password authentication using smart card
TLDR
This paper proposes a new remote password authentication technique using RSA public key cryptosystem that does not require a system to maintain a password table for verifying the legitimacy of a login user and can withstand message-replaying attack.
Novel Access Control Scheme with User Authentication Using Smart Cards
TLDR
A novel remote user authentication scheme based on RSA scheme that does not need for the remote system to maintain a password table for verifying the validation of the login and can avoid the insider attack.
...
...

References

SHOWING 1-4 OF 4 REFERENCES
New directions in cryptography
TLDR
This paper suggests ways to solve currently open problems in cryptography, and discusses how the theories of communication and computation are beginning to provide the tools to solve cryptographic problems of long standing.
A sublinear additive sieve for finding prime number
TLDR
A new algorithm is presented for the problem of finding all primes between 2 and N that improves on Mairson's sieve algorithm by using a dynamic sieve technique that avoids most of the nonprimes in the range 2 to N, and byUsing a tabulation method to simulate multiplications.
Time-sharing computer systems
A user authentication scheme not requiring secrecy in the computer
TLDR
A password scheme is presented which does not require secrecy in the computer and is based on using a function H which the would-be intruder is unable to invert.