RFC 1751 (rfc1751) - Page 1 of 15
A Convention for Human-Readable 128-bit Keys
Alternative Format: Original Text Document
Network Working Group D. McDonald
Request for Comments: 1751 NRL
Category: Informational December 1994
A Convention for Human-Readable 128-bit Keys
Status of this Memo
This memo provides information for the Internet community. This memo
does not specify an Internet standard of any kind. Distribution of
the memo is unlimited.
Introduction
The Internet community has begun to address matters of security.
Recent standards, including version 2 of SNMP [GM93], have explicit
requirements for an authentication mechanism. These require use of a
keyed message-digest algorithm, MD5 [Riv92], with a key size of 128-
bits. A 128-bit key, while sufficiently strong, is hard for most
people to read, remember, and type in. This memo proposes a
convention for use with Internet applications & protocols using 128-
bit cryptographic keys.
A Solution Already Exists
The S/Key(tm) one-time password system [Hal94] uses MD4 (and now MD5,
as well) to compute one-time passwords. It takes the 128-bit result
of MD4 and collapses it to a 64-bit result. Despite the size
reduction, 64-bit one-time passwords are still difficult for ordinary
people to remember and enter. The authors of S/Key devised a system
to make the 64-bit one-time password easy for people to enter.
Their idea was to transform the password into a string of small
English words. English words are significantly easier for people to
both remember and type. The authors of S/Key started with a
dictionary of 2048 English words, ranging in length from one to four
characters. The space covered by a 64-bit key (2^64) could be
covered by six words from this dictionary (2^66) with room remaining
for parity. For example, an S/Key one-time password of hex value:
EB33 F77E E73D 4053
would become the following six English words:
TIDE ITCH SLOW REIN RULE MOT
McDonald