The most common authentication model that has been used and is still primarily supplied by operating system manufacturers is the password authentication model. A user supplies a password to the host in order to be authenticated. The host then usually performs a oneway function on the password, and compares the result to the value the host has stored and associates with the user. If the two match, the host trusts that the user is who is claimed.
This model served its purpose for standalone systems, in relatively benign environments where the user supplied password traveled only a short distance, directly from the user terminal to the host. Physical security solutions in these environments were also highly developed. Vulnerabilities that exist with this model in a standalone environment include:
Users are utilizing many machines, not just by remotely logging in, but transparently using the services provided on the remote machines. The client/server model allows users to remotely and transparently access process time, files, printers, etc. In these environments, the need for authentication extends far beyond that of supplying a simple password to a local machine.
Authentication of the user to the remote host (or service) and also authentication of the remote host (or service) to the user requires much more sophisticated techniques than that of a simple password. Passwords should not be sent in cleartext over a network. Passwords should be properly managed in a network with many machines, where each user can have a unique password for each machine. Accessing resources on a remote machine requires ``virtual identification'' for each read/write file access request. Transmitting a simple password each time creates vulnerabilities that extremely limit the effectiveness of the password. And finally, after years and years of user guidance on the importance of choosing robust passwords, users are still generating and using easy-to-guess passwords. For systems (and even closed networks) that contain no sensitive information, this may be acceptable, although these systems and networks may be hard to find today. The sensitivity of the information processed on modern networks, along with the critical functions performed on them, demand that more robust authentication techniques be used. These robust techniques are referred to as strong authentication techniques.
Tardo [TA91] refers to strong authentication as ``techniques that permit entities to provide evidence that they know a particular secret without revealing the secret.'' Strong authentication does not provide to the authenticator, nor to an eavesdropper, any information that could allow them to impersonate (at any time) the entity being authenticated. Traditional password authentication mechanisms, used in a network, are not strong authentication mechanisms because they usually involve transmitting the password over a medium in cleartext and because they are usually received by the authenticator in a form that may be captured, stored and used later for impersonation.
The authentication systems that will be discussed here can be considered strong authentication systems. They rely on the use of cryptographic techniques to provide as little, or no information that could be used for impersonation. Both systems utilize the Data Encryption Standard (DES) to protect authenticating information as it travels through the network. The authentication systems that will be examined are: