From 390f012fa91a9dc6029d42e250e1b0ce8577a8bf Mon Sep 17 00:00:00 2001
From: Tyler Perkins <tperki17@kent.edu>
Date: Wed, 2 Feb 2022 14:45:01 -0500
Subject: [PATCH] Update for 02-02-22 14:45

---
 tech/digital_authentication.wiki |  6 ++++++
 tech/security.wiki               |  1 +
 tech/unix_password.wiki          | 23 +++++++++++++++++++++++
 3 files changed, 30 insertions(+)
 create mode 100644 tech/unix_password.wiki

diff --git a/tech/digital_authentication.wiki b/tech/digital_authentication.wiki
index b6dc61f..8bc47b6 100644
--- a/tech/digital_authentication.wiki
+++ b/tech/digital_authentication.wiki
@@ -22,6 +22,12 @@ Derived requirements from this,
 == means of authentication ==
 
 * password/pin
+  * ID that goes with password must be unique
+  * Vulns
+    * dictionary
+    * popular password
+    * password guessing against 1 user
+    * Social engineering password out of user
 * physical token (IE smart card)
 * static biometrics (IE finger/face)
 
diff --git a/tech/security.wiki b/tech/security.wiki
index ef78823..6ef1c66 100644
--- a/tech/security.wiki
+++ b/tech/security.wiki
@@ -30,6 +30,7 @@ Hiding information
 
 * [[Signatures]]
 * [[digital_authentication]]
+* [[unix_password]]
 
 === Misc ===
 
diff --git a/tech/unix_password.wiki b/tech/unix_password.wiki
new file mode 100644
index 0000000..043391f
--- /dev/null
+++ b/tech/unix_password.wiki
@@ -0,0 +1,23 @@
+= unix password scheme =
+
+== logging in ==
+
+* Take password and salt into hash function
+* store it into a local file including
+  * user id
+  * salt
+  * hash
+
+== logging out ==
+
+* User id is fetched as well as salt
+* given password is hashed with salt
+* compare stored hash against outputted hash
+
+== Improvements ==
+
+* Use MD5 hash
+* 48 bit salt
+* password length is unlimited
+* 128bit hash
+* Uses inner loop with 1000 iterations