[14917] in cryptography@c2.net mail archive
Re: "Zero Knowledge Authentication"? (was Cryptolog Unicity Software-Only Digital Certificates)
daemon@ATHENA.MIT.EDU (Anton Stiglic)
Sun Dec 14 09:37:38 2003
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
From: "Anton Stiglic" <astiglic@okiok.com>
To: <cryptography@metzdowd.com>,
"R. A. Hettinga" <rah@shipwright.com>
Date: Fri, 12 Dec 2003 09:44:16 -0800
> Previously used primarily in scientific/academic applications, "zero
> knowledge" authentication is a method of proving a user's identity without
> revealing his password to the verifier.
So anybody knows exactly what this zero-knowledge authentication is
that they use?
> Using this technology, Unicity
> allows companies to issue digital certificates securely on a software-only
> basis, eliminating the need to supply employees, partners and clients with
> special hardware, or to require them to locally store certificates on
their
> computers. The private data is never stored on the user's hard drive, and
> is erased from the RAM as soon as the user no longer needs it.
This part about storing private keys on a server is not novel. The company
that I work for has a similar solution with respect to this, it's called
HotSign:
http://www.okiok.com/index.jsp?page=Hot+Sign
--Anton
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
