Outline for March 6, 2006

Reading: text, §14.6, 12.1–12.5

  1. Greetings and felicitations!
    1. Puzzle of the day
  2. Identity
    1. State and cookies
    2. Anonymous remailers: type 1 and type 2 (mixmaster)
  3. Authentication:
    1. validating client (user) identity
    2. validating server (system) identity
    3. validating both (mutual authentication)
  4. Basis: what you know/have/are, where you are
  5. Passwords
    1. Problem: common passwords
    2. May be pass phrases: goal is to make search space as large as possible, distribution as uniform as possible
    3. Other ways to force good password selection: random, pronounceable, computer-aided selection
  6. Password Storage
    1. In the clear; Multics story
    2. Enciphered; key must be kept available
    3. Hashed; show UNIX versions, including salt

Version of March 7, 2006 at 7:41 PM

You can also obtain a PDF version of this.