Password security: a case history
Communications of the ACM
| Hi-index | 0.00 |
Providing passwords or cipher keys that are easy to remember but hard to guess has long been a problem. Message authentication techniques used by the banking industry can be harnessed to provide such keys. These techniques combine the bit-shuffling properties of the Data Encryption Standard with the error-propagation properties of cipher block chaining. The result is an algorithm that takes a long, but easily remembered, string of characters, such as a snippet of verse or a familiar jingle, and transforms it into a key. The transformed key is highly sensitive to any changes in the input string.