[11716] in cryptography@c2.net mail archive
Re: unforgeable optical tokens?
daemon@ATHENA.MIT.EDU (Barney Wolff)
Fri Sep 20 23:07:18 2002
Date: Fri, 20 Sep 2002 22:39:53 -0400
From: Barney Wolff <barney@tp.databus.com>
To: David Wagner <daw@mozart.cs.berkeley.edu>
Cc: cryptography@wasabisystems.com
In-Reply-To: <amgdf5$aq8$2@abraham.cs.berkeley.edu>
On Sat, Sep 21, 2002 at 12:11:17AM +0000, David Wagner wrote:
>
> I find the physical token a poor replacement for cryptography, when the
> goal is challenge-response authentication over a network. In practice,
> you never really want just challenge-response authentication; you
> want to set up a secure, authenticated channel to the other party,
> which means you probably also need key distribution functionality.
> The physical token suggested here doesn't help with that at all.
Actually, it can. The server can store challenge-responses in pairs,
then send N as the challenge and use the N+1 response (not returned)
as the key.
--
Barney Wolff
I'm available by contract or FT: http://www.databus.com/bwresume.pdf
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com
