Automatically assigned DDC number: 0058

Manually assigned DDC number: 0058

Number of references: 0

Title: Secure RPC Authentication (SRA) for TELNET and FTP

Author:

Author:

Author:

Subject: David R. Safford,David K. Hess,Douglas Lee Schales Secure RPC Authentication (SRA) for TELNET and FTP

Description: TELNET and FTP currently exchange user authentication (passwords) in plain text, which is easily eavesdropped. Several techniques, such as Kerberos and SPX, have been proposed in draft RFCs to implement secure authentication. These techniques, however, have several drawbacks, including technical complexity, poor vendor support, and organizational problems. This paper presents SRA, a very simple and tested technique based on Secure RPC which, while certainly not as strong as RSA, is reasonably strong, fast, and trivial to implement immediately for both inter and intradomain communication. 2. Background TELNET and FTP currently pass the user authentication across the network in the form of plaintext passwords. These passwords can trivially be eavesdropped with such simple tools as etherfind and tcpdump. During intrusions at Texas A&M University in August 1992, significant amounts of the tools used by the crackers were captured. They had much better tools than simple ones such as these,...

Contributor: The Pennsylvania State University CiteSeer Archives

Publisher: unknown

Date: 1993-10-22

Pubyear: 1993

Format: ps

Identifier: http://citeseer.ist.psu.edu/140952.html

Source: ftp://ftp.cso.uiuc.edu/pub/security/coast/unix/netlog/TAMU/sra.ps.gz

Language: en

Rights: unrestricted