|
OTPW
OTPW is a one-time password system developed for authentication in Unix-like operating systems by Markus Kuhn. A user's real password is not directly transmitted across the network. Rather, a series of one-time passwords is created from a short set of characters (constant secret) and a set of one-time tokens. As each single-use password can only be used once, passwords intercepted by a password sniffer or key logger are not useful to an attacker. OTPW is supported in Unix and Linux (via pluggable authentication modules), OpenBSD, NetBSD, and FreeBSD, and a generic open source implementation can be used to enable its use on other systems. OTPW, like the other one-time password systems, is sensitive to a man in the middle attack if used by itself. This could for example be solved by putting SSL, SPKM or similar security protocol "under it" which authenticates the server and gives point-to-point security between the client and server. Design and differences from other implementa ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
One-time Password
A one-time password (OTP), also known as a one-time PIN, one-time passcode, one-time authorization code (OTAC) or dynamic password, is a password that is valid for only one login session or transaction, on a computer system or other digital device. OTPs avoid several shortcomings that are associated with traditional (static) password-based authentication; a number of implementations also incorporate two-factor authentication by ensuring that the one-time password requires access to ''something a person has'' (such as a small keyring fob device with the OTP calculator built into it, or a smartcard or specific cellphone) as well as ''something a person knows'' (such as a PIN). OTP generation algorithms typically make use of pseudorandomness or randomness to generate a shared key or seed, and cryptographic hash functions, which can be used to derive a value but are hard to reverse and therefore difficult for an attacker to obtain the data that was used for the hash. This is necessa ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Markus Kuhn (computer Scientist)
Markus Guenther Kuhn (born 1971) is a German computer scientist, currently working at the Computer Laboratory, University of Cambridge and a fellow of Wolfson College, Cambridge. Education Kuhn was educated at University of Erlangen (Germany), he received his Master of Science degree at Purdue University and PhD at the University of Cambridge. Research Kuhn's main research interests include computer security, in particular the hardware and signal-processing aspects of it, and distributed systems. He is known, among other things, for his work on security microcontrollers, compromising emanations, and distance-bounding protocols. He developed the Stirmark test for digital watermarking schemes, the OTPW one-time password system, and headed the project that extended the X11 misc-fixed fonts to Unicode. In 1994, as an undergraduate student, he became known for developing several ways to circumvent the VideoCrypt encryption system, most notably the ''Season7'' smartcard emulator ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
S/KEY
S/KEY is a one-time password system developed for authentication to Unix-like operating systems, especially from dumb terminals or untrusted public computers on which one does not want to type a long-term password. A user's real password is combined in an offline device with a short set of characters and a decrementing counter to form a single-use password. Because each password is only used once, they are useless to password sniffers. Because the short set of characters does not change until the counter reaches zero, it is possible to prepare a list of single-use passwords, in order, that can be carried by the user. Alternatively, the user can present the password, characters, and desired counter value to a local calculator to generate the appropriate one-time password that can then be transmitted over the network in the clear. The latter form is more common and practically amounts to challenge–response authentication In computer security, challenge-response authentication is ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
OPIE Authentication System
OPIE is the initialism of "One time Passwords In Everything". Opie is a mature, Unix-like login and password package installed on the server and the client which makes untrusted networks safer against password-sniffing packet-analysis software like dSniff and safe against shoulder surfing. It works by circumventing the delayed attack method because the same password is never used twice after installing Opie. OPIE implements a one-time password (OTP) scheme based on S/KEY, which will require a secret passphrase (not echoed) to generate a password for the current session, or a list of passwords. OPIE uses an MD4 or MD5 hash function to generate passwords. OPIE can restrict its logins based on IP address. It uses its own passwd and login modules. If the Enter key is pressed at the password prompt, it will turn echo on, so what is being typed can be seen when entering an unfamiliar password from a printout. OPIE can improve security when accessing online banking at confere ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Hash Function
A hash function is any Function (mathematics), function that can be used to map data (computing), data of arbitrary size to fixed-size values, though there are some hash functions that support variable-length output. The values returned by a hash function are called ''hash values'', ''hash codes'', (''hash/message'') ''digests'', or simply ''hashes''. The values are usually used to index a fixed-size table called a ''hash table''. Use of a hash function to index a hash table is called ''hashing'' or ''scatter-storage addressing''. Hash functions and their associated hash tables are used in data storage and retrieval applications to access data in a small and nearly constant time per retrieval. They require an amount of storage space only fractionally greater than the total space required for the data or records themselves. Hashing is a computationally- and storage-space-efficient form of data access that avoids the non-constant access time of ordered and unordered lists and s ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Last Character Attack
A last is a mechanical form shaped like a human foot. It is used by shoemakers and cordwainers in the manufacture and repair of shoes. Lasts come in many styles and sizes, depending on the exact job they are designed for. Common variations include simple one-size lasts used for repairing soles and heels, custom-purpose mechanized lasts used in modern mass production, and custom-made lasts used in the making of bespoke footwear. Lasts are made of firm materialshardwoods, cast iron, and high-density plasticsto withstand contact with wetted leather and the strong forces involved in reshaping it. Since the early 19th century, lasts typically come in pairs to match the separate shapes of the right and left feet. The development of an automated lasting machine by the Surinamese-American Jan Ernst Matzeliger in the 1880s was a major development in shoe production, immediately improving quality, halving prices, and eliminating the previous putting-out systems surrounding shoemaking ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Setuid
The Unix and Linux access rights flags setuid and setgid (short for ''set user identity'' and ''set group identity'') allow users to run an executable with the file system permissions of the executable's owner or group respectively and to change behaviour in directories. They are often used to allow users on a computer system to run programs with temporarily elevated privileges to perform a specific task. While the assumed user id or group id privileges provided are not always elevated, at a minimum they are specific. The flags setuid and setgid are needed for tasks that require different privileges than what the user is normally granted, such as the ability to alter system files or databases to change their login password. Some of the tasks that require additional privileges may not immediately be obvious, though, such as the ping command, which must send and listen for control packets on a network interface. File modes The setuid and setgid bits are normally represented a ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Information Entropy
In information theory, the entropy of a random variable quantifies the average level of uncertainty or information associated with the variable's potential states or possible outcomes. This measures the expected amount of information needed to describe the state of the variable, considering the distribution of probabilities across all potential states. Given a discrete random variable X, which may be any member x within the set \mathcal and is distributed according to p\colon \mathcal\to , 1/math>, the entropy is \Eta(X) := -\sum_ p(x) \log p(x), where \Sigma denotes the sum over the variable's possible values. The choice of base for \log, the logarithm, varies for different applications. Base 2 gives the unit of bits (or " shannons"), while base ''e'' gives "natural units" nat, and base 10 gives units of "dits", "bans", or " hartleys". An equivalent definition of entropy is the expected value of the self-information of a variable. The concept of information entropy was ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
English Language
English is a West Germanic language that developed in early medieval England and has since become a English as a lingua franca, global lingua franca. The namesake of the language is the Angles (tribe), Angles, one of the Germanic peoples that Anglo-Saxon settlement of Britain, migrated to Britain after its End of Roman rule in Britain, Roman occupiers left. English is the list of languages by total number of speakers, most spoken language in the world, primarily due to the global influences of the former British Empire (succeeded by the Commonwealth of Nations) and the United States. English is the list of languages by number of native speakers, third-most spoken native language, after Mandarin Chinese and Spanish language, Spanish; it is also the most widely learned second language in the world, with more second-language speakers than native speakers. English is either the official language or one of the official languages in list of countries and territories where English ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Base64
In computer programming, Base64 is a group of binary-to-text encoding schemes that transforms binary data into a sequence of printable characters, limited to a set of 64 unique characters. More specifically, the source binary data is taken 6 bits at a time, then this group of 6 bits is mapped to one of 64 unique characters. As with all binary-to-text encoding schemes, Base64 is designed to carry data stored in binary formats across channels that only reliably support text content. Base64 is particularly prevalent on the World Wide Web where one of its uses is the ability to embed image files or other binary assets inside textual assets such as HTML and CSS files. Base64 is also widely used for sending e-mail attachments, because SMTP – in its original form – was designed to transport 7-bit ASCII characters only. Encoding an attachment as Base64 before sending, and then decoding when received, assures older SMTP servers will not interfere with the attachment. Ba ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Shell (computing)
An operating system shell is a computer program that provides relatively broad and direct access to the system on which it runs. The term ''shell'' refers to how it is a relatively thin Abstraction layer, layer around an operating system. A shell is generally a command-line interface (CLI) program although some graphical user interface (GUI) programs are arguably classified as shells too. Overview Operating systems provide various services to their users, including File manager, file management, Process (computing), process management (running and terminating Application program, applications), batch processing, and operating system monitoring and configuration. Most operating system shells are not ''direct'' interfaces to the underlying Kernel (operating system), kernel, even if a shell communicates with the user via peripheral devices attached to the computer directly. Shells are actually special applications that use the kernel API in just the same way as it is used by ot ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
