cracking passwords and challenge/response
Steven M. Bellovin
smb at cs.columbia.edu
Sat Aug 6 16:48:02 EDT 2005
Folks might want to look at http://www.huitema.net/talks/ietf63-security.ppt
the slides from a talk Christian Huitema gave at the Applications Area
at IETF63 this past week. Of particular interest is just how cheap it
is to brute-force a passphrase these days, especially if it's just used
as a cryptographic key with known plaintext (i.e., in challenge/
response protocols).
--Steven M. Bellovin, http://www.cs.columbia.edu/~smb
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list