Society

In many computer operating systems a user authenticates himself by entering a secret password known solely to himself and the system. The system compares this password with one recorded in a Password Table which is available to only the authentication program. The integrity of the system depends on keeping the table secret. In this paper a password scheme is presented which does not require secrecy in the computer. All aspects of the system, including all relevant code and data bases, may be known by anyone attempting to intrude. The scheme is based on using a function H which the would-be intruder is unable to invert. This function is applied to the user's password and the result compared to a table entry, a match being interpreted as authentication of the user. The intruder may know all about H and have access to the table, but he can penetrate the system only if he can invert H to determine an input that produces a given output. This paper discusses issues surrounding selection of a suitable H. Two different plausible arguments are given that penetration would be exceedingly difficult, and it is then argued that more rigorous results are unlikely. Finally, some human engineering problems relating to the scheme are discussed.

The protection of time sharing systems from unauthorized users is often achieved by the use of passwords. By using one-way ciphers to code the passwords, the risks involved with storing the passwords in the computer can be avoided. We discuss the selection of a suitable one-way cipher and suggest that for this purpose polynomials over a prime modulus are superior to one-way ciphers derived from Shannon codes.

Although encipherment has often been discussed as a means to protect computer data, its costs are not well established. Five experiments were conducted to measure the cpu time on a CDC 6400 required by additive ciphers programmed both in assembly language and in Fortran: a “null transformation” to measure the time to move data without encipherment; encipherment with a one-word key; encipherment with a 125-word key; double key encipherment; and encipherment using a pseudo random key. The results were analyzed for consistency over 100 runs, and the effects of constant and intermittent errors were considered. Timing rates for assembly language encipherment ranged from 498,800 characters per second for a pseudo random key cipher to 2,092,000 characters per second for a constant one-word key cipher. The latter is almost equivalent to the rate required simply to move data without encipherment. Fortran tests required over four times as much cpu time. This paper introduces the idea of enciphering time coefficient the ratio of enciphering time to the time taken to fetch and store data without encipherment.