Traditional (highly insecure) Authentication Method
The simplest, and unfortunately still quite common, authentication method
available is the traditional local authentication method.
In this model, username and password information for each authenticatable
user is stored locally on the server system. Users send their usernames and
passwords in plain text to the server system, which in turn compares their
authentication information with its local database. If the provided
username and password are found to match, the user is considered
This is basically the model used for login authentication on traditional
multi-user systems, and it has been replicated numerous times within various
Figure II, below, provides a graphical overview of the traditional
This model has a number of weaknesses:
- In many cases, users' passwords are stored in plain-text form on the
server machine. Anyone who can gain access to the server's database has
access to enough information to impersonate any authenticatable user.
- In cases in which users' passwords are stored in encrypted form on the
server machine, plain-text passwords are still sent across a
possibly-insecure network from the client to the server. Anyone with access
to the intervening network may be able to "snoop" [username,passwd] pairs
out of conversations and replay them to forge authentication to the system.
- Each separate system must carry its own copy of each user's
authentication information. As a result, users must maintain passwords on
each system to which they authenticate, and so are likely to choose
less-than-secure passwords for convenience.
- Authentication is not reusable. That is, users must authenticate
separately to each system or application they wish to access. As a result,
users must repeatedly type their passwords and will tend to choose
less-then-secure passwords for convenience.
- There is no attempt made within the model to cross-authenticate the
server and client. A system which impersonates the server system (via IP
address spoofing, perhaps) cannot be distinguished by the client from the
real server, opening the possibility of trojan-horse servers
collecting [username,passwd] pairs and later using them to authenticate to
the real server.
A number of years ago, staff working with the Athena Project at MIT
developed a system named Kerberos to address these problems.