The S/key One-Time Password System
Computing systems have been under increasingly sophisticated attack over the Internet and by using dial-up access ports. One form of attack is eavesdropping on network connections to obtain login id's and passwords of legitimate users. This information is used at a later time to attack the system. The authors have developed a prototype software system, the S/KEYTM one-time password system, to counter this type of attack and have been using it experimentally for external access to a research computer complex at Bellcore. The S/KEY system has several advantages compared with other one-time or multi-use authentication systems.