[Cryptography] Clever physical 2nd-factor authentication
Kelly John Rose
iam at kjro.se
Wed Apr 2 18:34:58 EDT 2014
On Wed, Apr 2, 2014 at 4:19 PM, Adam Sampson <ats at offog.org> wrote:
> Jerry Leichter <leichter at lrw.com> writes:
>
> > Basic idea: The user gets a credit card with a transparent window on
> > which a user-specific mask - a pattern of lines - is pre-printed. The
> > server sends an image that, when viewed through the mask, forms a
> > passcode to be sent back to the server.
>
> That's pretty similar to the Lenslok copy protection system used by a
> bunch of games in the early 1980s:
> http://www.birdsanctuary.co.uk/sanct/s_lenslok.php
>
> (Lenslok used a strip of prisms rather than just a mask, but it's
> otherwise identical.)
>
> It was generally thought to be a horrible idea at the time, but
> presumably it's a bit easier to make it scale properly now...
>
> --
> Adam Sampson <ats at offog.org> <http://offog.org/>
> _______________________________________________
> The cryptography mailing list
> cryptography at metzdowd.com
> http://www.metzdowd.com/mailman/listinfo/cryptography
>
My question and, if I can find time, desire to do research in, is how small
is the search space given the symbols you are sent. Is there a way I can
listen in and figure out the pattern from someone's card given enough data
points.
probably after a few dozen you should be pretty close to guessing what the
pattern is for any given card.
--
Kelly John Rose
Edmonton, AB
Twitter: @kjrose
Skype: kjrose.pr
Gtalk: iam at kjro.se
MSN: msn at kjro.se
Document contents are confidential between original recipients and sender.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20140402/8c2e0a30/attachment.html>
More information about the cryptography
mailing list