[3335] in cryptography@c2.net mail archive
Re: ArcotSign (was Re: Does security depend on hardware?)
daemon@ATHENA.MIT.EDU (Bruce Schneier)
Tue Sep 22 11:48:38 1998
Date: Tue, 22 Sep 1998 04:43:01 -0500
To: Mok-Kong Shen <mok-kong.shen@stud.uni-muenchen.de>, cryptography@c2.net
From: Bruce Schneier <schneier@counterpane.com>
Cc: cypherpunks@algebra.com, coderpunks@toad.com
In-Reply-To: <36074AEB.63B74FA4@stud.uni-muenchen.de>
At 08:59 AM 9/22/98 +0100, Mok-Kong Shen wrote:
>bram wrote:
>>
>> On Mon, 21 Sep 1998, Bruce Schneier wrote:
>>
>> > Here's the basic idea: Strew a million passwords on your hard drive, and
>> > make it impossible to verify which is the correct one offline. So,
someone
>> > who steals the password file off the client cannot run a cracking tool
>> > against the file.
>>
>> Is this really patentable? It sounds a *lot* like the original public-key
>> algorithm (the one involving lots of little 'puzzles')
>
>A question : How does the legitimate user find his password?
>(Sorry for not having followed this thread from the beginning.)
He uses a remembered secret and some mathematical magic.
Bruce
**********************************************************************
Bruce Schneier, President, Counterpane Systems Phone: 612-823-1098
101 E Minnehaha Parkway, Minneapolis, MN 55419 Fax: 612-823-1590
Free crypto newsletter. See: http://www.counterpane.com
