Check out the new USENIX Web site.

Secure RPC Authentication (SRA) for TELNET and FTP

David R. Safford, David K. Hess, and Douglas Lee Schales
Supercomputer Center
Texas A&M University
College Station, TX 77843-3363


TELNET and FTP currently exchange user authentication (passwords) in plain text, which is easily eavesdropped. Several techniques, such as Kerberos and SPX, have been proposed in draft RFCs to implement secure authentication. These techniques, however, have several drawbacks, including technical complexity, poor vendor support, and organizational problems. This paper presents SRA, a very simple and tested technique based on Secure RPC which, while certainly not as strong as RSA, is reasonably strong, fast, and trivial to implement immediately for both inter and intra-domain communication.

Download the full text of this paper in ASCII form (9,812 bytes).

To Become a USENIX Member, please see our Membership Information.