Richard Edward Lennon

Cryptographic Authentication of Time-Invariant Quantities

With any strong cryptographic algorithm, such as the data encryption standard (DES), it is possible to devise protocols for authentication. One technique, which allows arbitrary, time-invariant quantities (such as encrypted keys and passwords) to be authenticated, is based upon a secret cryptographic (master) key residing in a host processor. Each quantity to be authenticated has a corresponding precomputed test pattern. At any later time, the test pattern can be used together with the quantity to be authenticated to generate a nonsecret verification pattern. The verification pattern can in turn be used as the basis for accepting or rejecting the quantity to be authenticated.

Required Cryptographic Authentication Criteria for Electronic Funds Transfer Systems

A set of required security criteria is developed which assures that the personal verification processes at different institutions in an interchange environment are isolated from one another. It is assumed that only information stored on the bank card and information remembered by a systerm user are employed for personal verification. Under that assumption, it is shown that only through the use of a secret quantity (a personal cryptographic key) stored on the bank card will the set of required criteria be satisfied. With a personal key, the same degree of isolation can be achieved for authentication of transaction request messages sent from the entry point to the issuer. However, authentication of transaction response messages sent from the issuer to the entry point requires a system key unknoun to the user.

Cryptography in data processing

Abstract Recent reports of breaches in computer system security have created a heightened concern and interest in the vulnerability of computer systems. Cryptography is one method of combatting one problem of security. The article describes the two types of algorithm involved in cryptographic techniques.