[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] One-Time Pad Authentication

To: Blue Boar <BlueBoar@thievco.com>
Subject: Re: [Full-Disclosure] One-Time Pad Authentication
From: "Jonathan A. Zdziarski" <jonathan@nuclearelephant.com>
Date: Sun, 30 Nov 2003 22:23:08 -0500

> You don't actually mean a one-time pad, do you?  Sounds like you're 
> referring to a one-time token authentication system, especially since you 
> mention SecurID.  (I mention this because a few responses are reacting to 
> you mentioning an OTP, but I don't think that's what you meant.)

Actually I was interested in a pad...not a seeded authentication
mechanism.  I realize there's a key distribution issue, but it's not
difficult to give out a CD with a few years worth of codes on it.

Seeded will suffice though, in lieu of rolling my own OTP.

I've been using SecurID at the companies I've worked at, so I didn't get
a chance to see what's on the open source network, but now that I'm
looking to implement this on my own systems, looks like a couple of the
tools people mentioned might work.  

Jonathan




_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

References:
- [Full-Disclosure] One-Time Pad Authentication
  - From: "Jonathan A. Zdziarski" <jonathan@nuclearelephant.com>
- Re: [Full-Disclosure] One-Time Pad Authentication
  - From: Blue Boar <BlueBoar@thievco.com>

Prev by Date: Re: [Full-Disclosure] One-Time Pad Authentication
Next by Date: Re: [Full-Disclosure] One-Time Pad Authentication
Previous by thread: Re: [Full-Disclosure] One-Time Pad Authentication
Next by thread: Re: [Full-Disclosure] One-Time Pad Authentication
Index(es):
- Date
- Thread