[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: New Whitepaper: Anti Brute Force Resource Metering

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Re: New Whitepaper: Anti Brute Force Resource Metering
From: Jason W <bugtraq@xxxxxxxxxxxxxxxxxx>
Date: 24 Mar 2005 19:33:40 -0000

In-Reply-To: <20050321182737.81B6B15F507@xxxxxxxxxxxxxxxxxxxx>


>Resource metering through client-side computationally intensive "electronic
>payments" can provide an alternative strategy in defending against brute
>force guessing attacks.  


The first question I had was,
Why not just use a turing test. It's simple and, theoretically, only humans can 
distinguish the passphrase. It requires much less overhead. Obviously this 
would be used in addition to a password. That's my two cents.

Follow-Ups:
- Re: New Whitepaper: Anti Brute Force Resource Metering
  - From: Joachim Schipper
- Re: New Whitepaper: Anti Brute Force Resource Metering
  - From: Luca Berra

Prev by Date: SUSE Security Announcement: MySQL vulnerabilities (SUSE-SA:2005:019)
Next by Date: [USN-100-1] cdrecord vulnerability
Previous by thread: Re: New Whitepaper: Anti Brute Force Resource Metering
Next by thread: Re: New Whitepaper: Anti Brute Force Resource Metering
Index(es):
- Date
- Thread