Easy entry: the password encryption problem

The management of unencrypted password files is a headache for a computer center. The files have a perverse way of being left lying around , and they are subject to malversation by disaffected systems personnel or by anyone with access to the system who is sufficiently clever to bypass or otherwise subvert the system file protection scheme [4]° Encrypted password files present an entry point to a ciphertext-only attack (see [15] ) on the algorithm unless the algorithm in use is sufficiently strong. Because of a natural penchant on the part of users to adopt mnemonic passwords, many password encryption schemes are vulnerable to attack by repeated trials, i. e. , repeated attempts to log in using guessed passwords, which may enable a penetrator to easily gain initial entry . Following initial entry, a major threat is brute-force attacks, i. e. , systematic testing of all possible passwords, for which the defense is a protected encrypted password file. A serious threat to systems requiring a high degree of security is piggyDack entry ( see [10] ), or simple wiretapping. The only adequate defense is individually dedicated encryption protected terminals, an expensive solution that may only be practicable when large monetary loss is at hazard. Line encryption (and login handshaking protocols , [22] )does not in itself obviate the need for password encryption; the passwords (and details of individual protocols) must still be protected from other users, from penetrators who have made initial entry, either by repeated trials or through the user weak-spot, i. e. , the habit of writing down passwords in conspicuous places, and from systems programmers.