Efficient hardware and software implementations for the DES
Proceedings of CRYPTO 84 on Advances in cryptology
Security in computing
The internet worm program: an analysis
ACM SIGCOMM Computer Communication Review
Password security: a case history
Communications of the ACM
Cryptography, a Primer
Speeding Up Secret Computations with Insecure Auxiliary Devices
CRYPTO '88 Proceedings of the 8th Annual International Cryptology Conference on Advances in Cryptology
A cryptographic library for the Motorola DSP56000
EUROCRYPT '90 Proceedings of the workshop on the theory and application of cryptographic techniques on Advances in cryptology
Protocol implementation using integrated layer processing
SIGCOMM '95 Proceedings of the conference on Applications, technologies, architectures, and protocols for computer communication
Performance evaluation and cache analysis of an ILP protocol implementation
IEEE/ACM Transactions on Networking (TON)
Design of practical and provably good random number generators
Proceedings of the sixth annual ACM-SIAM symposium on Discrete algorithms
CCS '99 Proceedings of the 6th ACM conference on Computer and communications security
Password hardening based on keystroke dynamics
CCS '99 Proceedings of the 6th ACM conference on Computer and communications security
Content-Addressable Search Engines and DES-like Systems
CRYPTO '92 Proceedings of the 12th Annual International Cryptology Conference on Advances in Cryptology
Establishing the business value of network security using analytical hierarchy process
Creating business value with information technology
Cryptography as an operating system service: A case study
ACM Transactions on Computer Systems (TOCS)
Background pass-go (BPG), a new approach for GPS
ICCOMP'08 Proceedings of the 12th WSEAS international conference on Computers
64-bit Block ciphers: hardware implementations and comparison analysis
Computers and Electrical Engineering
SP 800-12. An Introduction to Computer Security: the NIST Handbook
SP 800-12. An Introduction to Computer Security: the NIST Handbook
| Hi-index | 0.00 |
Passwords in the UNIX operating system are encrypted with the crypt algorithm and kept in the publicly-readable file /etc/passwd. This paper examines the vulnerability of UNIX to attacks on its password system. Over the past 10 years, improvements in hardware and software have increased the crypts/second/dollai ratio by five orders of magnitude. We reexamine the UNIX password system in light of these advances and point out possible solutions to the problem of easily found passwords. The paper discusses how the authors built some high-speed tools for password cracking and what elements were necessary for their success. These elements are examined to determine if any of them can be removed from the hands of a possible system infiltrator, and thus increase the security of the system. We conclude that the single most important step that can be taken to improve password security is to increase password entropy.