Prev Up Next
Go backward to Using FTP
Go up to Top
Go forward to HELP!!! I lost my personal S/Key-card !!

Authentication: The S/Key-card

Computer systems have been under increasingly sophisticated attacks over the Internet. One form of attack that has become very popular first quarter of 1994 is eavesdropping on network connections to obtain login id's and passwords of legitimate users. This information is replayed later to attack the system.

The S-Key system, a so called challenge-response authentication system (developed at Bellcore) is a one-time password system, i.e. each password is valid only once.

These one-time passwords are actually 6 short English words, that are generated by a secure computer system. A list of these passwords is printed on a credit-card size piece of paper, called the S/Key-card, and the user is using all of them in sequence. The authentication procedure will ask for the key with given sequence number, as in:

Skey Challenge "s/key 512 gz12345":

In this challenge, you will find to items of interest: the sequence-number (512 in this example), and some internal seed ("gz12345" in this example). The latter is printed on top of the S/Key-card you have in front of you (so you can make sure both you and the authentication system agree upon you). The sequence-number will appear on your list of passwords. To authenticate, you type in the corresponding key, like in:

Skey Challenge "s/key 512 gz12345": FAT FEND DEFY FUEL LENS ORE

If you prefer to type the key in lower-case, you may choose to do so.

Next time you access the system, you will be prompted to ask for key with sequence number 511. If the sequence-number approaches the minimal number available on your S/Key-card, you should apply for a new one.

How do I obtain a S/Key-card ?

Requests for a S/Key-card may be directed to the GateKeeper system administrator, preferably by e-mail to the address:

<helpdesk@cs.uu.nl>

Your personal S/Key-card will be handed over to you personally.

An alternative route is to walk into any one of the Computer Systems Group offices and ask for a S/Key-card. You will then be directed to the right person to handle your request.


<edwin.kremer@cs.uu.nl>

Prev Up Next