RFC972 - Password Generator Protocol

王朝other·作者佚名  2008-05-31
窄屏简体版  字體: |||超大  

Network Working Group F. Wancho

Request for Comments: 972 WSMR

January 1986

PassWord Generator Protocol

STATUS OF THIS MEMO

This RFCspecifies a standard for the ARPA Internet community. Hosts

on the ARPA Internet that choose to implement a Password Generator

Protocol (PWDGEN) are eXPected to adopt and implement this standard.

Distribution of this memo is unlimited.

BACKGROUND

Many security-conscious host administrators are becoming increasingly

aware that user-selected login passwords are too easy to guess for

even casual penetration attempts. Some sites have implemented

dictionary lookup techniques in their password programs to prevent

ordinary words from being used. Others have implemented some variant

of a randomly generated password with mixed sUCcess. The problem

arises from the fact that such passwords are difficult to remember

because they cannot be pronounced or are based on a relatively short

cycle pseudo-random number generator.

A version of the PWDGEN algorithm briefly described below has been in

use for several years at a small number of sites in the Internet.

Interest has recently been expressed at porting this algorithm to

other sites. However, the relatively short cycle and the resulting

randomness of the pseudo-random number generator available on these

sites tends to interfere with the intended result of minimizing the

potential duplication of passwords both within a site and across

sites when a user has Access to more than one site.

The PWDGEN Service described herein provides a means for sites to

offer a list of possible passwords for the user to choose one from

the first set, or optionally select from another set. With more than

one site offering this service, it is then possible to randomly

select which site to use and have multiple fallback sites should that

site be unavailable.

Description

The PWDGEN Service provides a set of six randomly generated

eight-character CRLF-delimited "words" with a reasonable level of

pronounceability, using a multi-level algorithm. An

implementation of the algorithm is available in FORTRAN-77 for

examination and possible implementation by system administrators

only.

RFC972 January 1986

Password Generator Protocol

The uniqueness of the generated words is highly dependent on the

randomness of the initial seed value used. The availability of a

single system-wide seed, updated after each access is highly

desireable. Seeds based on a time-of-day clock are unacceptable.

Seed values should be stored as values in excess of 32 bits for

best performance.

TCP Based PWDGEN Service

One PWDGEN service is defined as a connection based application on

TCP. A server listens for TCP connections on TCP port 129. Once

a connection is established, the six CRLF-delimited words are

generated and sent to the caller, and the connection is closed by

the server. No dialog is used or required.

UDP Based PWDGEN Service

Another possible PWDGEN service is defined as a datagram based

application on UDP. A server listens for UDP datagrams on UDP

port 129. When a datagram is received, the six CRLF-delimited

words are sent back in an answering datagram.

 
 
 
免责声明:本文为网络用户发布,其观点仅代表作者个人观点,与本站无关,本站仅提供信息存储服务。文中陈述内容未经本站证实,其真实性、完整性、及时性本站不作任何保证或承诺,请读者仅作参考,并请自行核实相关内容。
 
 
© 2005- 王朝網路 版權所有 導航