[Clips] Escaping Password Purgatory
Anne & Lynn Wheeler
lynn at garlic.com
Fri Aug 5 16:24:59 EDT 2005
Jerrold Leichter wrote:
> Hmm. I came up with the same idea a while back - though with a
different
> constraint: I think it's reasonable to trade off the one-wayness of the
> hash for the ability to work out the password with pencil and paper when
> necessary. Various classic pencil-and-paper encryption systems can be bent
> to this purpose. Since the volume of data "encrypted" is very small and it's
> hard for an attacker to get his hands on more than tiny samples - a given
> web site only sees its own password - you don't need much strength to give a
> reasonable degree of protection.
note that rfc2289 is one time password
http://www.garlic.com/~lynn/rfcidx7.htm#2289
... takes passphrase, a site supplied salt, and iterative hashing.
supposedly this was to allow transmission in the clear and resistance to
man-in-the-middle attacks. the idea was also that the person only had to
remember a single passphrase
however, the following discusses a man-in-the-middle exploit ...
http://www.garlic.com/~lynn/2003m.html#50 public key vs passwd
authentication?
http://www.garlic.com/~lynn/2003n.html#0 public key vs passwd
authentication?
http://www.garlic.com/~lynn/2003n.html#1 public key vs passwd
authentication?
http://www.garlic.com/~lynn/2003n.html#2 public key vs passwd
authentication?
http://www.garlic.com/~lynn/2003n.html#3 public key vs passwd
authentication?
http://www.garlic.com/~lynn/2003o.html#46 What 'NSA'?
http://www.garlic.com/~lynn/2003p.html#10 Secure web logins w random
passwords
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list