"Zero Knowledge Authentication"? (was Cryptolog Unicity Software-Only Digital Certificates)
Anton Stiglic
astiglic at okiok.com
Fri Dec 12 12:44:16 EST 2003
> Previously used primarily in scientific/academic applications, "zero
> knowledge" authentication is a method of proving a user's identity without
> revealing his password to the verifier.
So anybody knows exactly what this zero-knowledge authentication is
that they use?
> Using this technology, Unicity
> allows companies to issue digital certificates securely on a software-only
> basis, eliminating the need to supply employees, partners and clients with
> special hardware, or to require them to locally store certificates on
their
> computers. The private data is never stored on the user's hard drive, and
> is erased from the RAM as soon as the user no longer needs it.
This part about storing private keys on a server is not novel. The company
that I work for has a similar solution with respect to this, it's called
HotSign:
http://www.okiok.com/index.jsp?page=Hot+Sign
--Anton
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list