[Cryptography] Feedback welcome on autentication/password replacement idea
Howard Chu
hyc at symas.com
Sun Sep 20 23:46:03 EDT 2015
Ilya Kasnacheev wrote:
> Hello, I want to share my idea with you. If some places are not clear enough,
> you can try to guess or just ask me.
>
> Main idea:
> Boris hashes some secret value many many times recursively (SHA(X),
> SHA(SHA(X)), ...), yielding chain of hashes.
> Boris gives the last hash in chain to Anne. When Boris want to prove that he
> came back and is genuine, he transmits previous hash in the chain. Anne hashes
> it and looks up if she saw that hash before - if she did, it's really Boris.
>
> Are there holes in this scheme?
This is precisely how S/Key works.
--
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/
More information about the cryptography
mailing list