[Cryptography] Feedback welcome on autentication/password replacement idea

Christian Huitema huitema at huitema.net
Sun Sep 20 23:38:55 EDT 2015

From: cryptography [mailto:cryptography-bounces+huitema=huitema.net at metzdowd.com] On Behalf Of 
On Sunday, September 20, 2015 7:38 PM, Ilya Kasnacheev wrote:

> Hello, I want to share my idea with you. If some places are not clear 
> enough, you can try to guess or just ask me.
> Main idea:
> Boris hashes some secret value many many times recursively (SHA(X), SHA(SHA(X)), ...), 
> yielding chain of hashes.
> Boris gives the last hash in chain to Anne. When Boris want to prove that 
> he came back and is genuine, he transmits previous hash in the > chain. 
> Anne hashes it and looks up if she saw that hash before - if she 
> did, it's really Boris.
> Are there holes in this scheme?

You just reinvented S/Key: https://en.wikipedia.org/wiki/S/KEY. 

-- Christian Huitema

More information about the cryptography mailing list