From: smb@research.att.com
Date: Thu, 18 Nov 93 09:41:31 PST
To: "Alan (Gesture Man) Wexelblat" <wex@media.mit.edu>
Subject: Re: hohocon
Message-ID: <9311181739.AA14588@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


	 It seems to me that a simpler solution than challenge-response
	 would be to emultate the tear-sheet crypto systems and just
	 have a series of one-shot passwords generated.  Each time you
	 log in, it requires the next password from the sheet, so
	 capturing the old one does no good (just as breaking the
	 one-time codes from tear sheets doesn't help).

	 Now if I could just figure out a simple way to do this on
	 UNIX...

See

	@article{lamport-pw,
		author = {Leslie Lamport},
		journal  = {Communications of the ACM},
		month = {November},
		number = 11,
		pages = {770--772},
		title = {Password Authentciation with Insecure Communication},
		volume = 24,
		year = 1981
	}

The Bellcore S-Key system implements this scheme, and is, I think,
freely available.  I know that it's included in TIS's firewall toolkit:

	\software{ftp.tis.com}{/pub/firewalls/toolkit}