unforgeable optical tokens?
Barney Wolff
barney at tp.databus.com
Fri Sep 20 22:39:53 EDT 2002
On Sat, Sep 21, 2002 at 12:11:17AM +0000, David Wagner wrote:
>
> I find the physical token a poor replacement for cryptography, when the
> goal is challenge-response authentication over a network. In practice,
> you never really want just challenge-response authentication; you
> want to set up a secure, authenticated channel to the other party,
> which means you probably also need key distribution functionality.
> The physical token suggested here doesn't help with that at all.
Actually, it can. The server can store challenge-responses in pairs,
then send N as the challenge and use the N+1 response (not returned)
as the key.
--
Barney Wolff
I'm available by contract or FT: http://www.databus.com/bwresume.pdf
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com
More information about the cryptography
mailing list