Dismiss
InnovationQ will be updated on Sunday, Oct. 22, from 10am ET - noon. You may experience brief service interruptions during that time.
Browse Prior Art Database

A Convention for Human-Readable 128-bit Keys (RFC1751)

IP.com Disclosure Number: IPCOM000004216D
Original Publication Date: 1994-Dec-01
Included in the Prior Art Database: 2000-Sep-13
Document File: 12 page(s) / 29K

Publishing Venue

Internet Society Requests For Comment (RFCs)

Related People

D. McDonald: AUTHOR

Abstract

The Internet community has begun to address matters of security. Recent standards, including version 2 of SNMP [GM93], have explicit requirements for an authentication mechanism. These require use of a keyed message-digest algorithm, MD5 [Riv92], with a key size of 128- bits. A 128-bit key, while sufficiently strong, is hard for most people to read, remember, and type in. This memo proposes a convention for use with Internet applications & protocols using 128- bit cryptographic keys.

This text was extracted from a ASCII document.
This is the abbreviated version, containing approximately 9% of the total text.

Network Working Group D. McDonald

Request for Comments: 1751 NRL

Category: Informational December 1994

A Convention for Human-Readable 128-bit Keys

Status of this Memo

This memo provides information for the Internet community. This memo

does not specify an Internet standard of any kind. Distribution of

the memo is unlimited.

Introduction

The Internet community has begun to address matters of security.

Recent standards, including version 2 of SNMP [GM93], have explicit

requirements for an authentication mechanism. These require use of a

keyed message-digest algorithm, MD5 [Riv92], with a key size of 128-

bits. A 128-bit key, while sufficiently strong, is hard for most

people to read, remember, and type in. This memo proposes a

convention for use with Internet applications & protocols using 128-

bit cryptographic keys.

A Solution Already Exists

The S/Key(tm) one-time password system [Hal94] uses MD4 (and now MD5,

as well) to compute one-time passwords. It takes the 128-bit result

of MD4 and collapses it to a 64-bit result. Despite the size

reduction, 64-bit one-time passwords are still difficult for ordinary

people to remember and enter. The authors of S/Key devised a system

to make the 64-bit one-time password easy for people to enter.

Their idea was to transform the password into a string of small

English words. English words are significantly easier for people to

both remember and type. The authors of S/Key started with a

dictionary of 2048 English words, ranging in length from one to four

characters. The space covered by a 64-bit key (2^64) could be

covered by six words from this dictionary (2^66) with room remaining

for parity. For example, an S/Key one-time password of hex value:

EB33 F77E E73D 4053

would become the following six English words:

TIDE ITCH SLOW REIN RULE MOT

Because of the need for interoperability, it is undesirable to have

different dictionaries for different languages. Also, the current

dictionary only uses characters from the invariant portion of ISO-

646. Finally, there is an installed base of users and applications

with this dictionary.

The Proposal

The code (see Appendix A) which S/Key uses to convert 64-bit numbers

to six English words contains two primitives which perform

conversions either way. The primitive btoe(char *engout,char *c)

takes a 64-bit quantity referenced by c and places English words in

the string referenced b...