[Cryptography] Feedback welcome on autentication/password replacement idea
Howard Chu
hyc at symas.com
Mon Sep 21 02:12:07 EDT 2015
Howard Chu wrote:
> Ilya Kasnacheev wrote:
>> Hello, I want to share my idea with you. If some places are not clear enough,
>> you can try to guess or just ask me.
>>
>> Main idea:
>> Boris hashes some secret value many many times recursively (SHA(X),
>> SHA(SHA(X)), ...), yielding chain of hashes.
>> Boris gives the last hash in chain to Anne. When Boris want to prove that he
>> came back and is genuine, he transmits previous hash in the chain. Anne hashes
>> it and looks up if she saw that hash before - if she did, it's really Boris.
>>
>> Are there holes in this scheme?
>
> This is precisely how S/Key works.
Funny to see this pop up now, it's been over 20 years since I worked on that code.
https://github.com/dkorunic/pam_skey/blob/master/libskey/README#L383-L400
--
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/
More information about the cryptography
mailing list