Foiling the Cracker: A Survey of, and Improvements to, Password Security: Demonstrates the ease with which most passwords can be guessed by a motivated attacker
0a147e4aaa5a55b5df22688b5b2910670bc78fe97752153c82e53ff6193a664a
A Layman's Guide to a Subset of ASN1, BER, and DER.
011be717822753b63474c613bc2f461e8f5973c1c6e5cd45db993dc338331960
Internet Libel: Is the Provider Responsible? An examination of the Cubby v Compuserve case as it applies to Internet service providers
3f1fc9cd91edbfecea62ca8d635e4e171a2ed03c48abf63cdd11e859f7311c62
Long Running Jobs in an Authenticated Environment: A system for running batch jobs in an environment in which users must have tokens or tickets to run
318e02294793e84335a35f7f00564fefb4035d4b30041468148f2ae40d640458
Computer Electronic Mail and Privacy: A discussion of the Electronic Communications Privacy Act as it applies to electronic mail
fc3a14a4ff033ee33bde5cc7413a548ab3588f83c81ec24d380a0b9c97c0c25e
An Overview of Computer Viruses in a Research Environment: An examination of computer viruses as malicious logic in a research and development environment and current techniques in controlling the threats of viruses and other malicious logic programs
0d4fd86ba91ab95156476f18d275bae8d226bb68ef7aff97b000018727d3f480
Computer Viruses and Related Threats: A Management Guide: Guidelines for preventing, deterring, containing, and recovering from attacks of viruses and related threats A report from the US National Institute of Standards and Technology
87c8afcd6d9d623f45edd83119016001c48473a5d562e1c35f62a181abc6f91e
Management Guide to the Protection of Information Resources: A US National Institute of Standards and Technology publication.
ac88c14c65a9229c3b46e6c8b0b7bc351320745adbadd478554bf3d539b49539
With Microscope and Tweezers: An Analysis of the Internet Virus of November 1988: A detailed description of the events of the Internet Worm of November 2, 1988 from one of the teams of people who combatted it
44d4224d79222ad2ef47daf229f207f80e3d78def17c4108c0f665a3714a19ef
Some Musings on Ethics and Computer Break-Ins: A discussion of ethics and responsibility, particularly as they pertain to the Internet Worm of November, 1988
421d437d5fd1ec0e1a4a1a40b1be9773191e9d448b1d687274e5bdc9e7ce584d
Encrypted Key Exchange: Password-Based Protocols Secure Against Dictionary Attacks: A combination of public- and private-key cryptography that allows two parties sharing a common password to exchange confidential and authenticated information over an insecure network The protocol is secure against active attack, and also against off-line "dictionary" attacks.
0c355749e149e01824a8809f6373d53c0bc19f36d30b9e76b0ebb60d256de1b2
Electronic Currency for the Internet: A framework for electronic currency for the Internet that provides a real-time electronic payment system
649018270068ee7873a0ebb6ac1a7da36294f08a30f7a8377802656361232e81
NetCash: A Design for Practical Electronic Currency on the Internet: A framework for electronic currency for the Internet that provides a real-time electronic payment system
677fbc5787ad2f697c0f15bedb28cdc29551c488ef3402045f09d934ceecbb49
A Unix Network Protocol Security Study: Network Information Service: A discussion of the security weaknesses in the Network Information Service (Yellow Pages) protocol from Sun Microsystems
b8ad47dda397e9dcf1072368149a030ca633bc8476c3d6fd98aa7e08b67c44c8
Computer User's Guide to the Protection of Information Resources: A report from the US National Institute of Standards and Technology
2e2f793b0022a5aac1dbc4eec93d2d824f1111cb1c22ca71ba5fb9dcafea5bb6
Life Without Root: A method for authorizing users to perform certain system administration tasks without giving them the super-user password
1eb687167cf38607327b0dffdfffb201603cdecff0fd3e279a5d2693e9c543cc
A Note on the Use of Timestamps as Nonces: A note on the use of timestamps in authentication protocols
e6f85f06e87a1bb205c6bb6687f1311cc7f5a4333ecb8efea64805dae8cacb28
A Security Analysis of the NTP Protocol: A security analysis of the Network Time Protocol (NTP)
ec8639acd43b244a8efc26452148d54498ee12988421cff5295777ff7bd1415d
Protocol Design for Integrity Protection: A design method for message integrity protection
6e2b6777656242dcb2c7e48d2e0fc6dbc6ac1ef9e176412ffce4396e558a5263
Observing Reusable Password Choices: A method for observing password choices made by users, and how to protect it from being compromised
c6f1afcd834b4c7d297d03eaa61d696bc81d6a11c24f131ec1bf3cda70d79cbe
OPUS: Preventing Weak Password Choices. A system that uses Bloom filters to implement a constant-time dictionary lookup, regardless of dictionary size, to check a user's password choice for " goodness"
6b57074b96c811eaf86668faadb884f7bd2f8f172c78c23487e7c896d94214f0
An Overview of the PKCS Standards.
122d86a835e3e7cf4292a749552545e6fa85fc74f5328af98e996548cddb13ae
Packets Found on an Internet: A description of the types of packets, particularly the anomalous ones, that appeared at the AT&T firewall
0782bb46cc3a2d49f5caee720db3b3e9152c6c3aca33321facefa33fd87a67ec
An Introduction to Computer Security: The NIST Handbook: A publication of the US National Institute of Standards and Technology. Draft Copy. Part I.
38926bbf6a97481be69b5520e5f02a16acbea2e40a661787cf76917c65a92dea
Access Control and Policy Enforcement in Internetworks. Methods of controlling access policy between different administrative domains of an internetwork. Part I
92f9a57a4c56eb54a240bed0d4c028f1b23aa9b83537e36f8a63e8ad912dd649