Finding Passwords

Paul Johnson paj at mrcu
Fri Oct 5 18:55:13 AEST 1990 

>In article <8685 at mirsa.inria.fr> jlf at mirsa.inria.fr (Jean-Louis Faraut) writes:
>> What about a two-ways authentication, modifying the getty program to
>> oblige the computer to authenticate itself ?
>
>Fails. As I've said before, you can't reliably *avoid* a Trojan Horse
>unless you can reliably *detect* a Trojan Horse. If you don't have a
>trusted path, the intruder can masquerade as you, forwarding enough of
>the responses you supply to authenticate itself and then taking control
>of your account.
>

No it does not.  What M. Faraut originally wrote was:

>         - CPU prompts "login:"
>         - type your login name
>         - CPU uncrypts your secret keyword and display it on screen .
> (Each user keeps up his own secret keyword encrypted in a personal file ;
> only the owner and root can read/modify this file )
>         - CPU prompts "passwd:"
>         - Now you can either type your usual passwd if the secret
> keyword was right, or do anything else possibly aborting the session .


You do not type your password until the computer has given you your
secret keyword.  The only problem with this is that someone might be
looking over your shoulder.  There are ways around this, but they
start getting too complicated for humans to use: for example the user
could challenge the computer with one of a range of keywords to which
the computer would have to respond with a corresponding word (eg
donald-duck, micky-mouse, brian-kernighan)

Computer: Login:
User: paj
C: Your challenge:
U: [no echo] micky
C: My response is "mouse".  Your password:
U: [no echo] secret
C: paj logged in at....

This will prevent problems with someone looking over your shoulder on
one occasion, but if they can watch you repeatedly then it starts
becoming easier.  A plain trojan could not make the correct response:
all it could collect would be the user's challenge.  It would not be
able to make the response (unless the villain had managed to deduce
the list by prolonged observation) and hence would fail.

Paul.
-- 
Paul Johnson                               UUCP: <world>!mcvax!ukc!gec-mrc!paj
--------------------------------!-------------------------|-------------------
GEC-Marconi Research is not 	| Telex: 995016 GECRES G  | Tel: +44 245 73331
responsible for my opinions.	| Inet: paj at uk.co.gec-mrc | Fax: +44 245 75244

More information about the Comp.unix.internals mailing list