[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-Disclosure] One-Time Pad Authentication
- To: "Jonathan A. Zdziarski" <jonathan@nuclearelephant.com>
- Subject: Re: [Full-Disclosure] One-Time Pad Authentication
- From: Michael Sierchio <kudzu@tenebras.com>
- Date: Sun, 30 Nov 2003 17:21:30 -0800
Jonathan A. Zdziarski wrote:
I'm interested in coding a one-time pad authentication system; similar
to SecurID or other types of token authentication only with software
tokens. The administrator would generate the one-time pads for each
user and distribute them using whatever secure method gets coded (PGP,
SSH, or whatever).
You've thereby reduced the security of a one-time pad to that of
the cryptologic and protocol used to distribute it. Simply isn't
done, old chap.
Use:
trusted courier;
registered US mail;
etc.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html