COMMENT ⊗   VALID 00002 PAGES
C REC  PAGE   DESCRIPTION
C00001 00001
C00002 00002	Pages 41-43
C00005 ENDMK
C⊗;
Pages 41-43

June 20

Countersign generator--

In order to prevent password capture, a challenge-response system should
be used. The system randomly generates a challenge number and the user
generates a response according to a function characteristic of the user.

Suppose the challenge is 7 digits, presented in the same form as a 
telephone number. The user keys this into a touch tone pad of the counter-
sign machine (CM) and gets a response on the LCD display of CM. He types this
as his reponse.

To guard against stealing the CM, it has to be activated by a permanent phone
number memorized by the user.

The CM can be used for entering several systems.  Namely, the user has
associated the number of the system he wants to enter with his basic password
of the system to be entered. Thus to enter the third system to which he has
access, he types 3# on CM which activates the basic password for that
machine. To enter the basic password which has been assigned to him, he keys
75# <basic passwords>#.

The CM provides no way of gtetting back the basic password that has been
entered. Fancy CMs resist attempts to enter them by self-destructing.

The size of the CM should be that of a credit card and it should be strong
enough to be kept in a pocket or wallet. The CM feature could be added
to a calculator.

The CM algorithm can be any known sufficiently mixing function.
f(<challenge>,<basic password>)
-------