[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-Disclosure] One-Time Pad Authentication
- To: "Jonathan A. Zdziarski" <jonathan@nuclearelephant.com>
- Subject: Re: [Full-Disclosure] One-Time Pad Authentication
- From: the1@unixclan.net
- Date: Mon, 1 Dec 2003 16:23:42 -0800 (PST)
Since your system would only be as strong as the methiod of transporitng
the key (PGP, SSH, whatever), isn't OTP a little excessive?
On Sun, 30 Nov 2003, Jonathan A. Zdziarski wrote:
> Before I write this thing, I wanted to check and see if anyone on the
> list knows if such a tool already exists in the open-source community.
> I've done some google and freshmeat searches but didn't find anything
> that seemed to fit the bill. The closest thing I found was E-Pad which
> seems to be more related to file encryption than authentication.
>
> I'm interested in coding a one-time pad authentication system; similar
> to SecurID or other types of token authentication only with software
> tokens. The administrator would generate the one-time pads for each
> user and distribute them using whatever secure method gets coded (PGP,
> SSH, or whatever).
>
> The user then has a software token on their machine with the token code
> that changes either every use, or uses some type of challenge/response
> system, blah blah blah. This token is used to log into systems,
> etcetera.
>
> I'd be interested in knowing if such an open-source tool exists, and if
> not who would be interested in working on it with me (email me privately
> if interested).
>
> Jonathan
>
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html