|
Full Disclosure
mailing list archives
Re: One-Time Pad Authentication
From: the1 () unixclan net
Date: Mon, 1 Dec 2003 16:23:42 -0800 (PST)
Since your system would only be as strong as the methiod of transporitng
the key (PGP, SSH, whatever), isn't OTP a little excessive?
On Sun, 30 Nov 2003, Jonathan A. Zdziarski wrote:
Before I write this thing, I wanted to check and see if anyone on the
list knows if such a tool already exists in the open-source community.
I've done some google and freshmeat searches but didn't find anything
that seemed to fit the bill. The closest thing I found was E-Pad which
seems to be more related to file encryption than authentication.
I'm interested in coding a one-time pad authentication system; similar
to SecurID or other types of token authentication only with software
tokens. The administrator would generate the one-time pads for each
user and distribute them using whatever secure method gets coded (PGP,
SSH, or whatever).
The user then has a software token on their machine with the token code
that changes either every use, or uses some type of challenge/response
system, blah blah blah. This token is used to log into systems,
etcetera.
I'd be interested in knowing if such an open-source tool exists, and if
not who would be interested in working on it with me (email me privately
if interested).
Jonathan
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
 By Date 
By Thread
Current thread:
- Re: One-Time Pad Authentication, (continued)
|
Intro
