Full Disclosure: Re: One-Time Pad Authentication

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Full Disclosure mailing list archives

Re: One-Time Pad Authentication

From: Jeremiah Cornelius <jeremiah () nur net>
Date: Sun, 30 Nov 2003 17:16:09 -0800

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Sunday 30 November 2003 16:40, Jonathan A. Zdziarski wrote:
<SNIP>

I'm interested in coding a one-time pad authentication system; similar
to SecurID or other types of token authentication only with software
tokens.  The administrator would generate the one-time pads for each
user and distribute them using whatever secure method gets coded (PGP,
SSH, or whatever).


Uhhhh...

Is S/KEY suitable? 

http://www.ece.northwestern.edu/CSEL/skey/skey_eecs.html
http://www.freebsdsystems.com/handbook/skey.html
http://www.ja.net/CERT/Long/Securing_Remote_Access.html

You can run s/key calculators on PC's, Macs and even Palm Pilots (turning them 
into a token - of sorts).

Jeremiah Cornelius
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)

iD8DBQE/ypZgJi2cv3XsiSARAlt+AKDur4xkX1+XeU2ru+cmze9cLz2bZgCg+1s0
DamFjT7Vctx92fKbaGs/Xoo=
=jyRq
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

By Date By Thread

Current thread:

One-Time Pad Authentication Jonathan A. Zdziarski (Nov 30)
- Re: One-Time Pad Authentication Jeremiah Cornelius (Nov 30)
- Re: One-Time Pad Authentication Michael Sierchio (Nov 30)
- Re: One-Time Pad Authentication Gary E. Miller (Nov 30)
- don't waste your time (was: Re: One-Time Pad Authentication) jon schatz (Nov 30)
- Re: One-Time Pad Authentication Eric Rescorla (Nov 30)
- Re: One-Time Pad Authentication Blue Boar (Nov 30)