 
 
 
 
 
 
   
 Next: About this document ...
 Up: A Future-Adaptable Password Scheme
 Previous: Acknowledgments
- 1
- 
Martín Abadi, T. Mark A. Lomas, and Roger Needham.
 Strengthening passwords.
 Technical note 1997-033, DEC Systems Research Center, September 1997.
- 2
- 
Steven M. Bellovin and Michael Merritt.
 Encrypted key exchange: Password-based protocols secure against
  dictionary attacks.
 In Proceedings of the 1992 IEEE Symposium on Security and
  Privacy, Oakland, CA, May 1992.
- 3
- 
Steven M. Bellovin and Michael Merritt.
 Augmented encrypted key exchange.
 In Proceedings of the First ACM Conference on Computer and
  Communications Security, pages 224-250, Oakland, CA, November 1993.
- 4
- 
Eli Biham.
 A Fast New DES Implementation in Software.
 In Fast Software Encryption, 4th International Workshop
  Proceedings, pages 260-271. Springer-Verlag, 1997.
- 5
- 
Solar Designer.
 John the Ripper.
 : !:}https://www.false.com/security/john.
- 6
- 
Electronic Frontier Foundation.
 Cracking DES.
 O'Reilly and Associates, 1998.
- 7
- 
Li Gong, T. Mark A. Lomas, Roger M. Needham, and Jerome H. Saltzer.
 Protecting poorly chosen secrets from guessing attacks.
 IEEE Journal on Selected Areas in Communications,
  11(5):648-656, June 1993.
- 8
- 
Shai Halevi and Hugo Krawczyk.
 Public-key cryptography and password protocols.
 In Proceedings of the 5th ACM Conference on Computer and
  Communications Security, 1998.
- 9
- 
Robert Morris and Ken Thompson.
 Password Security: A Case History.
 Communications of the ACM, 22(11):594-597, November 1979.
- 10
- 
National Bureau of Standards.
 Data Encryption Standard, January 1977.
 FIPS Publication 46.
- 11
- 
Sarvar Patel.
 Number theoretic attacks on secure password schemes.
 In Proceedings of the 1997 IEEE Symposium on Security and
  Privacy, pages 236-247, Oakland, CA, May 1997.
- 12
- 
QCrack.
 : !:}ftp://chaos.infospace.com/pub/qcrack/qcrack-1.02.tar.gz.
- 13
- 
R. L. Rivest.
 The MD5 Message Digest Algorithm.
 RFC 1321, Apr 1992.
- 14
- 
Michael Ruby.
 Pseudorandomness and Cryptographic Applications.
 Princeton Computer Science Notes, 1996.
- 15
- 
Bruce Schneier.
 Description of a New Variable-Length Key, 64-Bit Block Cipher
  (Blowfish).
 In Fast Software Encryption, Cambridge Security Workshop
  Proceedings, pages 191-204. Springer-Verlag, December 1993.
- 16
- 
Thomas Wu.
 The secure remote password protocol.
 In Proceedings of the 1998 Internet Society Network and
  Distributed System Security Symposium, pages 97-111, San Diego, CA, March
  1998.
- 17
- 
Tatu Ylönen.
 SSH - secure login connections over the Internet.
 In Proceedings of the 6th USENIX Security Symposium, pages
  37-42, July 1996.
Niels Provos and David Mazieres
4/28/1999