Ostiary
Nicolas Rachinsky
crypto-0 at ml.turing-complete.org
Tue Aug 2 18:53:47 EDT 2005
* Karl Chen <quarl at cs.berkeley.edu> [2005-08-02 09:24 -0700]:
> As an authentication protocol, it looks vulnerable to a time
> synchronization attack: an attacker that can desynchronize the server
> and client's clocks predictably can block the client's authentication
> and use it as his own. (Assuming the server's clock is monotonically
I don't see where the client's time is used. What am I missing?
Nicolas
PS:
Why is this list blocking my mail if the envelope-from is not
subscribed?
[Moderator's note: there is this little known phenomenon called "spam"
we like to avoid... it is much harder to moderate a list if you have
to wade through 400 garbage messages a day... --Perry]
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list